kontrola loga
Napsal: 01 úno 2021 15:36
Ahojte,
prosiim o preventivnu kontrolu logu.
Dakujem.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by erikc (administrator) on DESKTOP-I382RG4 (Micro-Star International Co., Ltd. MS-7A36) (01-02-2021 15:40:24)
Running from C:\Users\erikc\Desktop
Loaded Profiles: erikc
Platform: Windows 10 Pro Version 20H2 19042.746 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Environmental Systems Research Institute Inc. -> Esri) C:\Program Files\ArcGIS\Pro\bin\ArcGISIndexingServer.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Jan Fiala -> Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\erikc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9cb6a07d60163933\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Trend Micro Inc.) [File not signed] C:\Users\erikc\Downloads\HijackThis.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [175504 2020-11-08] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SafeQ Client] => C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [262144 2010-09-29] () [File not signed]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [5160760 2020-04-16] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-09-30] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [Discord] => C:\Users\erikc\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32883768 2021-01-27] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\erikc\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\MountPoints2: {7ed2345c-27f0-11ea-8b8e-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\MountPoints2: {ebe9e78e-6134-11e8-bfb5-4ccc6aff2982} - "D:\Setup.exe"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Winlogon: [Shell] %comspec% <==== ATTENTION
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBU.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\KOBJEA_P: C:\Windows\System32\spool\prtprocs\x64\KOBJEA_P.DLL [40960 2010-04-19] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Print\Monitors\bizhub C20P PS Language Monitor: C:\Windows\system32\KOBJEA_L.dll [17408 2010-04-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\SafeQ: C:\Windows\system32\SAFEQVS64.DLL [9028096 2010-09-29] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-28] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02021ECA-5BF1-4F38-95E0-9DD8BE298DC5} - System32\Tasks\TinyTakeUpgrade => C:\Users\erikc\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe
Task: {02969713-D03A-4735-9F66-BE54CAD4A330} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {02BF05BC-4431-4D37-B229-DFEE11CAB064} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {0DCD5BEA-7749-49E9-A317-F5EC8A369350} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {10A12E95-F66B-435E-8C5C-E8D0D4A3DC63} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {13D9AA3C-57B1-4B47-9CEC-EF477D78C508} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {17060859-8F4C-44F4-9CAC-BBF3CDB12514} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {1E7A698D-43D8-48A4-892D-7288C17B7539} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28E38CBF-F920-486D-8681-A4D25F3D44E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {29915BE3-D79B-44A8-9CF6-F020D769C83B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2C74DDB9-A609-46FE-BDC7-C46F86AFFC9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-23] (Google Inc -> Google Inc.)
Task: {2DFDFCC5-D4F1-4292-A3E0-720AB614C7EF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {555A63AE-3BD6-4159-81C9-EFAD49078CBD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58999DE9-CB1B-4D46-B50F-B0AA0662C72A} - System32\Tasks\ArcGIS Pro Indexing (MicrosoftAccount_erik.capek@gmail.com) => C:\Program Files\ArcGIS\Pro\bin\ArcGISIndexingServer.exe [1095048 2020-07-09] (Environmental Systems Research Institute Inc. -> Esri)
Task: {63072DB7-B4F7-479D-9CB0-46FB6AC53929} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {6D0168D2-5705-46F4-AC58-156FE2F71BB9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7069119E-AFA3-45F4-81CD-22667284F790} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-23] (Google Inc -> Google Inc.)
Task: {71019B4D-7BB5-453F-9464-5AE5C47CA774} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {72B4E273-F5A8-4991-809A-36B7DB65EE35} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {72D83D5A-23E1-46DC-B61F-F925FADF8EFD} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {B9C01C62-EC0C-4C0B-BB50-5D31992CF005} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1161112 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAD06073-7A79-4821-A69C-0FCBD8826C48} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {BDB16CE2-F79E-4918-A1F3-48DACCD2E34E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {C4DAAB1C-1034-481A-A8A6-148A92763C40} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [434176 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
Task: {C724B7FB-7661-4FBA-8F62-AFCDC45F3A26} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCFF12F0-77A6-4E31-BB2E-9F5FA81750B3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D481BF60-C7A9-4A88-96B1-EB2D03048399} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD1A7DA2-D1E5-4E68-A349-984A34B00C74} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {DF97B7B1-A233-4C1D-B737-7B4FD419743C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E04F303F-8207-40AF-AC56-A86E4CAF6BAD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB8AAFA0-7DDE-439A-A8BE-EA13858774CE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD74116C-5CDF-4A36-B173-B140E0298D80} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [434176 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{4653a6fd-35ce-4430-b0eb-18c8ece72ee2}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ca780394-6a26-4441-acaf-9d7218a7686d}: [DhcpNameServer] 192.168.43.1
Edge:
=======
DownloadDir: C:\Users\erikc\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\erikc\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-24]
FireFox:
========
FF DefaultProfile: wl2xx4ua.default
FF ProfilePath: C:\Users\erikc\AppData\Roaming\Zotero\Zotero\Profiles\wl2xx4ua.default [2021-01-02]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-04-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-04-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default [2021-02-01]
CHR Notifications: Default -> hxxps://kfc.cz; hxxps://www.damejidlo.cz
CHR Extension: (Prezentácie) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19]
CHR Extension: (YouTube) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-23]
CHR Extension: (Tabuľky) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (EndNote Click - Formerly Kopernio) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjgncogppolhfdpijihbpfmeohpaadpc [2021-01-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (Grammarly for Chrome) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Subtitles for netflix) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\oddfihdjoneffhjjlpgdjaefeklefmdi [2019-02-08]
CHR Extension: (Scopus Document Download Manager) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojplelelocihfchkdaebocpankipadmp [2020-07-18]
CHR Extension: (Gmail) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR Profile: C:\Users\erikc\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-01-23] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [448432 2019-09-04] (VMware, Inc. -> VMware, Inc.)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-09-30] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-09-30] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-08] (ESET, spol. s r.o. -> ESET)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [299632 2019-07-09] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [4359280 2019-08-19] (FabulaTech, LLP -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [391744 2017-07-11] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-12-10] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [450672 2019-07-26] (FabulaTech, LLP -> VMware)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-22] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9cb6a07d60163933\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9cb6a07d60163933\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2021-01-23] (CPUID S.A.R.L.U. -> CPUID)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-01] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220600 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142440 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2020-04-16] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-08-25] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-01 15:40 - 2021-02-01 15:43 - 000034615 _____ C:\Users\erikc\Desktop\FRST.txt
2021-02-01 15:38 - 2021-02-01 15:42 - 000000000 ____D C:\FRST
2021-02-01 15:38 - 2021-02-01 15:38 - 002297856 _____ (Farbar) C:\Users\erikc\Downloads\FRST64 (1).exe
2021-02-01 15:38 - 2021-02-01 15:38 - 002297856 _____ (Farbar) C:\Users\erikc\Desktop\FRST64.exe
2021-02-01 15:37 - 2021-02-01 15:37 - 000000000 ____D C:\Users\erikc\AppData\LocalLow\IGDump
2021-02-01 15:29 - 2021-02-01 15:29 - 000388608 _____ (Trend Micro Inc.) C:\Users\erikc\Downloads\HijackThis.exe
2021-02-01 15:26 - 2021-02-01 15:26 - 011431000 _____ (SurfRight B.V.) C:\Users\erikc\Downloads\HitmanPro_x64 (1).exe
2021-02-01 13:11 - 2021-02-01 13:11 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-01 13:11 - 2021-02-01 13:11 - 000142440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-01 13:11 - 2021-02-01 13:11 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-01 13:10 - 2021-02-01 13:10 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-01 13:10 - 2021-02-01 13:10 - 000220600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-01 13:10 - 2021-02-01 13:10 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-01 13:10 - 2021-02-01 13:10 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-02-01 13:10 - 2021-02-01 13:10 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-02-01 13:10 - 2021-02-01 13:10 - 000000000 ____D C:\Users\erikc\AppData\Local\mbam
2021-02-01 13:10 - 2021-02-01 13:09 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-01 13:10 - 2021-02-01 13:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-01 13:09 - 2021-02-01 13:09 - 002086424 _____ (Malwarebytes) C:\Users\erikc\Downloads\MBSetup.exe
2021-02-01 13:09 - 2021-02-01 13:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-01 13:09 - 2021-02-01 13:09 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-01 11:50 - 2021-02-01 11:50 - 000000222 _____ C:\Users\erikc\Desktop\HROT.url
2021-01-29 15:05 - 2021-01-29 15:05 - 000159724 _____ C:\Users\erikc\Downloads\200001313234.pdf
2021-01-27 11:29 - 2021-01-27 12:04 - 000000000 ____D C:\Users\erikc\Documents\Stronghold
2021-01-27 11:29 - 2021-01-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold HD [GOG.com]
2021-01-26 23:18 - 2021-02-01 13:08 - 000000000 ____D C:\Users\erikc\AppData\Roaming\HROT
2021-01-26 20:59 - 2021-01-26 19:59 - 186853485 ____N C:\Users\erikc\Downloads\Přednáška8.mp4
2021-01-26 20:59 - 2021-01-26 19:58 - 317374273 ____N C:\Users\erikc\Downloads\Přednáška7.mp4
2021-01-26 20:59 - 2021-01-26 19:57 - 390171003 ____N C:\Users\erikc\Downloads\Přednáška6.mp4
2021-01-26 20:59 - 2021-01-26 19:57 - 318437318 ____N C:\Users\erikc\Downloads\Přednáška5.mp4
2021-01-26 20:57 - 2021-01-26 20:59 - 1212836605 _____ C:\Users\erikc\Downloads\OneDrive_2021-01-26.zip
2021-01-25 18:19 - 2021-01-25 18:19 - 000075730 _____ C:\Users\erikc\Desktop\CV_Kolarova.pdf
2021-01-23 02:10 - 2021-01-23 02:10 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-23 02:10 - 2021-01-23 02:10 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-23 02:09 - 2021-01-23 02:09 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-23 02:09 - 2021-01-23 02:09 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-23 02:09 - 2021-01-23 02:09 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-23 02:08 - 2021-01-23 02:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-23 02:08 - 2021-01-23 02:08 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-23 02:08 - 2021-01-23 02:08 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-23 02:08 - 2021-01-23 02:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-23 02:08 - 2021-01-23 02:08 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-23 02:08 - 2021-01-23 02:08 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-23 02:07 - 2021-01-23 02:07 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-23 02:07 - 2021-01-23 02:07 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-23 02:07 - 2021-01-23 02:07 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-23 02:07 - 2021-01-23 02:07 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-23 02:07 - 2021-01-23 02:07 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-23 02:06 - 2021-01-23 02:06 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-23 02:06 - 2021-01-23 02:06 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-21 19:28 - 2021-01-21 19:30 - 000000000 ____D C:\Users\erikc\Desktop\horory
2021-01-21 18:40 - 2021-01-21 21:27 - 1819726788 _____ C:\Users\erikc\Downloads\Taxi 1 (1998) CZdab.avi
2021-01-21 07:45 - 2021-01-21 07:45 - 039562752 _____ C:\Users\erikc\Downloads\Eukaryotická buňka a její struktury.ppt
2021-01-21 07:33 - 2021-01-21 07:33 - 006575009 _____ C:\Users\erikc\Downloads\PROKARYOTICKÁ-BUŇKA-2.pptx
2021-01-21 07:33 - 2021-01-21 07:33 - 000976384 _____ C:\Users\erikc\Downloads\OBJEV-BUŇKY-A-BUNĚČNÁ-TEORIE.ppt
2021-01-20 11:07 - 2021-01-20 11:07 - 001459331 _____ C:\Users\erikc\Downloads\Prezentace_12 (1).pptx
2021-01-20 11:05 - 2021-01-20 11:05 - 000311834 _____ C:\Users\erikc\Downloads\Prezentace_11.pptx
2021-01-20 10:58 - 2021-01-20 10:58 - 000407337 _____ C:\Users\erikc\Downloads\Prezentace_10 (1).pptx
2021-01-20 10:56 - 2021-01-20 10:56 - 000308570 _____ C:\Users\erikc\Downloads\Prezentace_9 (1).pptx
2021-01-20 10:54 - 2021-01-20 10:54 - 001040738 _____ C:\Users\erikc\Downloads\Prezentace_8 (1).pptx
2021-01-20 10:43 - 2021-01-20 10:43 - 000630906 _____ C:\Users\erikc\Downloads\Prezentace_7 (1).pptx
2021-01-20 10:15 - 2021-01-20 10:15 - 000303860 _____ C:\Users\erikc\Downloads\Prezentace_6 (1).pptx
2021-01-19 18:28 - 2021-01-19 18:28 - 000000000 ____D C:\Users\erikc\Documents\4A Games
2021-01-19 18:26 - 2021-01-19 18:26 - 000000000 ____D C:\Users\erikc\AppData\Local\4A Games
2021-01-19 15:55 - 2021-01-19 15:55 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Blizzard Entertainment
2021-01-19 14:18 - 2021-01-19 14:18 - 001459331 _____ C:\Users\erikc\Downloads\Prezentace_12.pptx
2021-01-19 14:18 - 2021-01-19 14:18 - 000407337 _____ C:\Users\erikc\Downloads\Prezentace_10.pptx
2021-01-19 14:17 - 2021-01-19 14:17 - 001040738 _____ C:\Users\erikc\Downloads\Prezentace_8.pptx
2021-01-19 14:17 - 2021-01-19 14:17 - 000308570 _____ C:\Users\erikc\Downloads\Prezentace_9.pptx
2021-01-19 14:10 - 2021-01-19 14:10 - 000896019 _____ C:\Users\erikc\Downloads\Prezentace_5 (2).pptx
2021-01-19 14:10 - 2021-01-19 14:10 - 000630906 _____ C:\Users\erikc\Downloads\Prezentace_7.pptx
2021-01-19 14:10 - 2021-01-19 14:10 - 000303860 _____ C:\Users\erikc\Downloads\Prezentace_6.pptx
2021-01-18 11:15 - 2021-01-18 11:15 - 000614855 _____ C:\Users\erikc\Downloads\Business Inteligence.apkg
2021-01-18 08:49 - 2021-01-18 08:49 - 000433392 _____ C:\Users\erikc\Downloads\3210060367.pdf
2021-01-16 13:49 - 2021-01-16 13:50 - 017656502 _____ C:\Users\erikc\Downloads\Feeding Frenzy 2.rar
2021-01-16 11:10 - 2021-01-16 11:13 - 000000000 ____D C:\Users\erikc\AppData\Local\MumboJumbo
2021-01-16 11:06 - 2021-01-16 11:06 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Wildfire
2021-01-16 10:48 - 2021-01-16 11:13 - 000000000 ____D C:\Users\erikc\Documents\MumboJumbo
2021-01-16 10:48 - 2021-01-16 10:48 - 000000000 ____D C:\ProgramData\MumboJumbo
2021-01-16 10:43 - 2021-01-16 10:43 - 000000000 ____D C:\ProgramData\Trymedia
2021-01-16 10:41 - 2021-01-16 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MumboJumbo Games
2021-01-16 10:41 - 2021-01-16 11:12 - 000000000 ____D C:\Program Files\MumboJumbo Games
2021-01-15 09:38 - 2021-01-15 09:38 - 000340615 _____ C:\Users\erikc\Downloads\Default.gdb.zip
2021-01-15 06:07 - 2021-01-15 06:07 - 000000000 ____D C:\WINDOWS\Panther
2021-01-14 02:22 - 2021-01-14 02:22 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 02:21 - 2021-01-14 02:21 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 02:21 - 2021-01-14 02:21 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-14 02:21 - 2021-01-14 02:21 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 02:21 - 2021-01-14 02:21 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 02:21 - 2021-01-14 02:21 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 02:20 - 2021-01-14 02:20 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-14 02:20 - 2021-01-14 02:20 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 02:20 - 2021-01-14 02:20 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 02:19 - 2021-01-14 02:19 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 02:19 - 2021-01-14 02:19 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-14 02:19 - 2021-01-14 02:19 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 02:19 - 2021-01-14 02:19 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 02:19 - 2021-01-14 02:19 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-14 02:18 - 2021-01-14 02:18 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 02:18 - 2021-01-14 02:18 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 02:18 - 2021-01-14 02:18 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 02:17 - 2021-01-14 02:17 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 02:17 - 2021-01-14 02:17 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 02:17 - 2021-01-14 02:17 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 02:17 - 2021-01-14 02:17 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 11:58 - 2021-01-13 11:58 - 002250684 _____ C:\Users\erikc\Downloads\bicz092.pptx
2021-01-12 17:54 - 2021-01-12 17:54 - 000028693 _____ C:\Users\erikc\Downloads\výpočty_zkouška_MANAEKO.xlsx
2021-01-11 12:31 - 2021-01-11 12:31 - 000000000 ____D C:\Users\erikc\AppData\Roaming\ScummVM
2021-01-11 12:27 - 2021-01-11 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Curse of Monkey Island™ [GOG.com]
2021-01-11 12:26 - 2021-01-11 12:26 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-01-11 11:57 - 2021-01-11 12:46 - 873365129 _____ C:\Users\erikc\Downloads\Nepotvrdené 665803.crdownload
2021-01-11 10:19 - 2021-01-11 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thechineseroom
2021-01-11 10:16 - 2021-01-11 10:16 - 000000000 ____D C:\Program Files (x86)\thechineseroom
2021-01-10 23:06 - 2021-01-10 23:54 - 872777489 _____ C:\Users\erikc\Downloads\dear_esther-windows-v19-installer_1369715938.rar
2021-01-10 22:34 - 2021-01-10 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Český dabing do hry Dear Esther
2021-01-10 22:33 - 2021-01-10 22:33 - 046852464 _____ C:\Users\erikc\Downloads\dear-esther-cz-dabing.zip
2021-01-10 22:32 - 2021-01-10 22:32 - 000144313 _____ C:\Users\erikc\Downloads\DEcZ.rar
2021-01-10 22:30 - 2021-01-10 22:30 - 000000000 ____D C:\Nový priečinok
2021-01-10 22:26 - 2021-01-10 22:26 - 048601071 _____ (Fénix ProDabing ) C:\Users\erikc\Downloads\FPD Dear Esther.exe
2021-01-10 22:13 - 2021-01-10 22:13 - 000000000 ____D C:\Users\erikc\AppData\LocalLow\The Chinese Room & Robert Briscoe @ LittleLostPoly_co_uk
2021-01-10 21:27 - 2021-01-10 21:27 - 000028736 _____ C:\Users\erikc\Downloads\da (2).xlsx
2021-01-10 16:54 - 2021-01-10 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dear Esther Landmark Edition
2021-01-10 13:00 - 2021-01-10 13:00 - 000339328 _____ C:\Users\erikc\Downloads\42427-Capek_Erik-Capek_Seminarna_praca_Teorie_her_a_ekopnomicke_rozhodovani.xlsx
2021-01-08 15:06 - 2021-01-08 15:07 - 261119781 _____ C:\Users\erikc\Downloads\collection-2020-12-18@12-24-40 (2).colpkg
2021-01-07 13:07 - 2021-01-07 13:07 - 000054019 _____ C:\Users\erikc\Downloads\NKMEK_Zakladni informace_20_21.pptx
2021-01-07 12:27 - 2021-01-07 12:27 - 003050255 _____ C:\Users\erikc\Downloads\manazerska-ekonomika-vsetky-varianty-testov.pdf
2021-01-07 10:28 - 2021-01-07 10:29 - 000000000 ____D C:\Users\erikc\Documents\Moje Spore výtvory
2021-01-07 10:28 - 2021-01-07 10:29 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Spore
2021-01-07 00:26 - 2021-01-07 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore
2021-01-06 21:05 - 2021-01-21 21:47 - 000000000 ____D C:\ProgramData\EA Logs
2021-01-06 21:05 - 2021-01-06 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies
2021-01-06 21:05 - 2021-01-06 21:05 - 000000000 ____D C:\ProgramData\EA Core
2021-01-06 21:02 - 2021-01-06 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2021-01-06 20:57 - 2021-01-06 20:57 - 000048437 _____ C:\Users\erikc\Downloads\Procesní-8-zkrácené.xlsx
2021-01-06 19:45 - 2021-01-06 19:46 - 000000000 ____D C:\Users\erikc\Documents\Battlefield V
2021-01-06 19:45 - 2021-01-06 19:45 - 000000000 ____D C:\Users\erikc\AppData\Local\Battlefield V
2021-01-06 17:08 - 2021-01-06 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield™ V
2021-01-05 10:01 - 2021-01-05 10:01 - 001130741 _____ C:\Users\erikc\Downloads\2019_08_28 Metodika výjimky z BAT Hg (LCP Modul) FINPUB.pdf
2021-01-05 09:24 - 2021-01-05 09:24 - 001106898 _____ C:\Users\erikc\Downloads\IPPR_2010_2_11310_0_203131_0_113272.pdf
2021-01-04 17:15 - 2021-01-04 17:15 - 000000000 ___HD C:\Program Files\Common FilesEAInstaller
2021-01-04 17:15 - 2021-01-04 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1
2021-01-04 14:16 - 2021-01-04 14:16 - 000018806 _____ C:\Users\erikc\Downloads\Seminární-práce-Teorie-Her-Sedláček (1).xlsx
2021-01-04 14:12 - 2021-01-04 14:12 - 000018806 _____ C:\Users\erikc\Downloads\Seminární-práce-Teorie-Her-Sedláček.xlsx
2021-01-04 12:48 - 2021-01-04 12:48 - 004464070 _____ C:\Users\erikc\Downloads\rylkova.z_stelmach.k-ver.02-manazerska_ekonomika_v_prikladech-vydani-2017 (2).pdf
2021-01-04 12:34 - 2021-01-04 12:35 - 000054019 _____ C:\Users\erikc\Downloads\NKMEK_Zakladni_informace_20_21 (1).pptx
2021-01-02 17:31 - 2021-01-02 17:31 - 000929952 _____ C:\Users\erikc\Downloads\Prezentace_1 (5).pptx
2021-01-02 17:31 - 2021-01-02 17:31 - 000929952 _____ C:\Users\erikc\Downloads\Prezentace_1 (4).pptx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-01 15:44 - 2019-06-15 17:42 - 003088795 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2021-02-01 15:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-01 15:22 - 2020-12-25 15:48 - 000000000 ____D C:\Program Files (x86)\Polda6
2021-02-01 15:22 - 2019-02-07 14:27 - 000000000 ____D C:\Program Files (x86)\Rayman Legends
2021-02-01 15:21 - 2020-09-05 05:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-01 13:10 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-01 12:25 - 2019-04-16 21:00 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-01 11:51 - 2017-08-25 18:29 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-01 11:50 - 2017-08-26 09:49 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-31 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-31 16:49 - 2018-05-12 21:19 - 000000000 ____D C:\Users\erikc\Desktop\Bordel
2021-01-31 16:42 - 2017-08-23 14:55 - 000000000 ___RD C:\Users\erikc\OneDrive
2021-01-31 16:37 - 2019-04-18 17:21 - 000000000 ____D C:\Users\erikc\Documents\Assassin's Creed Unity
2021-01-31 00:10 - 2017-08-24 16:52 - 000000000 ____D C:\Users\erikc\AppData\Roaming\qBittorrent
2021-01-30 16:40 - 2017-08-24 22:45 - 000000000 ____D C:\Users\erikc\AppData\Local\Ubisoft Game Launcher
2021-01-30 12:00 - 2020-06-09 22:42 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-29 22:17 - 2017-08-24 22:45 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-01-29 22:14 - 2017-08-23 15:00 - 000000000 ____D C:\ProgramData\Origin
2021-01-29 22:13 - 2020-01-14 18:41 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Origin
2021-01-29 22:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-29 18:23 - 2018-05-17 17:49 - 000000000 ____D C:\Users\erikc\AppData\Local\D3DSCache
2021-01-29 12:05 - 2020-01-10 21:57 - 000000000 ____D C:\Users\erikc\AppData\Local\Origin
2021-01-28 20:28 - 2017-08-23 15:28 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-28 18:55 - 2019-03-01 11:03 - 000000000 ____D C:\Users\erikc\Desktop\GAMES
2021-01-28 14:46 - 2017-11-08 15:53 - 000000000 ____D C:\Users\erikc\AppData\Local\Packages
2021-01-27 17:33 - 2017-09-22 22:47 - 000000000 ____D C:\Users\erikc\AppData\Local\CrashDumps
2021-01-27 15:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-27 11:27 - 2018-01-05 21:35 - 000000000 ____D C:\GOG Games
2021-01-25 19:08 - 2017-08-23 15:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-25 15:16 - 2020-09-05 06:14 - 002637436 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 15:16 - 2020-09-05 01:50 - 000710396 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-25 15:16 - 2020-09-05 01:50 - 000146130 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-25 15:16 - 2017-09-02 15:19 - 000731240 _____ C:\WINDOWS\system32\perfh01B.dat
2021-01-25 15:16 - 2017-09-02 15:19 - 000210414 _____ C:\WINDOWS\system32\perfc01B.dat
2021-01-24 11:20 - 2019-12-03 19:29 - 000000000 ____D C:\Users\erikc\AppData\Local\Vivox
2021-01-23 17:49 - 2020-06-20 07:49 - 000000000 ____D C:\Program Files (x86)\Assassin's Creed Origins
2021-01-23 15:17 - 2020-10-30 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-01-23 15:17 - 2020-10-30 17:18 - 000000000 ____D C:\Riot Games
2021-01-23 15:17 - 2017-08-23 15:02 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-01-23 02:34 - 2020-09-05 05:48 - 000491272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-23 02:34 - 2020-08-01 19:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-23 02:33 - 2020-09-05 06:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-23 02:33 - 2020-09-05 05:48 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-23 02:31 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-23 02:29 - 2020-12-07 09:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-23 02:28 - 2019-12-07 15:41 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-23 02:28 - 2019-12-07 15:41 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-23 02:28 - 2019-12-07 15:41 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-23 02:27 - 2019-05-04 22:30 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Discord
2021-01-23 02:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-22 20:07 - 2020-04-13 15:16 - 000002368 _____ C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-22 20:07 - 2020-04-13 15:16 - 000002360 _____ C:\Users\erikc\Desktop\Microsoft Teams.lnk
2021-01-22 11:50 - 2018-05-27 11:04 - 000000000 ____D C:\games
2021-01-20 15:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-20 13:01 - 2019-05-04 22:30 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-01-20 13:01 - 2019-05-04 22:29 - 000000000 ____D C:\Users\erikc\AppData\Local\Discord
2021-01-19 22:01 - 2017-09-08 11:33 - 000000000 ____D C:\Users\erikc\AppData\Local\Battle.net
2021-01-19 18:10 - 2018-01-13 17:04 - 000000000 ____D C:\Hry
2021-01-19 15:55 - 2017-09-08 11:35 - 000000000 ____D C:\Users\erikc\AppData\Local\Blizzard Entertainment
2021-01-18 12:10 - 2020-01-24 18:48 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Anki2
2021-01-18 08:47 - 2020-09-05 06:23 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-18 08:47 - 2020-09-05 06:23 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-17 16:34 - 2020-09-05 02:38 - 000000000 ____D C:\Users\erikc
2021-01-15 17:21 - 2017-09-08 11:34 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2021-01-15 06:33 - 2020-09-15 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-14 02:17 - 2020-09-05 05:56 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 12:38 - 2017-10-11 16:01 - 000000000 ___RD C:\Users\erikc\3D Objects
2021-01-13 02:20 - 2017-08-23 17:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 02:15 - 2017-08-23 17:07 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-11 12:26 - 2020-05-12 15:28 - 000000000 ____D C:\ProgramData\GOG.com
2021-01-11 10:22 - 2018-01-04 17:33 - 000000000 ____D C:\Users\erikc\AppData\Local\SKIDROW
2021-01-06 21:05 - 2017-08-23 15:34 - 000000000 ____D C:\ProgramData\Electronic Arts
2021-01-06 21:04 - 2018-11-19 18:31 - 000000000 ____D C:\ProgramData\PopCap Games
2021-01-06 17:08 - 2018-06-14 19:05 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2021-01-04 17:38 - 2018-07-30 11:05 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-01-02 15:11 - 2018-11-28 10:52 - 000000000 ____D C:\Users\erikc\Zotero
2021-01-02 13:48 - 2020-12-31 12:17 - 002815094 _____ C:\Users\erikc\Downloads\COVID-19-geographic-disbtribution-worldwide (2).xlsx
==================== Files in the root of some directories ========
2020-12-13 12:05 - 2021-01-26 21:03 - 000000232 _____ () C:\Users\erikc\AppData\Roaming\debug.log
2019-03-21 14:49 - 2002-08-29 18:33 - 000319488 _____ () C:\Users\erikc\AppData\Roaming\MafiaSetup.exe
2019-12-04 15:11 - 2019-12-04 15:11 - 000007602 _____ () C:\Users\erikc\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by erikc (01-02-2021 15:52:50)
Running from C:\Users\erikc\Desktop
Windows 10 Pro Version 20H2 19042.746 (X64) (2020-09-05 05:24:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3540141402-2491340951-2446622603-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3540141402-2491340951-2446622603-503 - Limited - Disabled)
erikc (S-1-5-21-3540141402-2491340951-2446622603-1001 - Administrator - Enabled) => C:\Users\erikc
Guest (S-1-5-21-3540141402-2491340951-2446622603-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3540141402-2491340951-2446622603-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
AMD Product Verification Tool version 1.0.4.8 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.4.8 - AMD)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{81322601-C53F-4D9B-A432-F773DFFE9E43}) (Version: 1.11.22.454 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 1.11.22.454 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.19 - )
Apocalipsis (HKLM-x32\...\Apocalipsis_is1) (Version: - )
ArcGIS Pro (HKLM\...\{612674FE-4B64-4254-A9AD-C31568C89EA4}) (Version: 2.6.24783 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS Pro (HKLM\...\ArcGISPro) (Version: 2.6.24783 - Environmental Systems Research Institute, Inc.)
ARIS EXPRESS (HKLM-x32\...\{49ABE0DF-5BC9-40E8-8996-7A2938BFB5C2}) (Version: 2.4 - Software AG)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
ASUS USB-AC51 WLAN Card Utilities & Driver (HKLM-x32\...\{DDEA12A2-E130-4318-ABE3-8D4E20367E66}) (Version: 1.0.1.6 - ASUS)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.6.4.1728 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.64.43202 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Black Mesa (HKLM-x32\...\Black Mesa EARLY ACCESS_is1) (Version: - Crowbar Collective)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.5.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.8.03052 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{A0BF8512-42C5-4C38-A304-1F0F333543CA}) (Version: 4.8.03052 - Cisco Systems, Inc.) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{4C8D0EC5-51B9-4F7E-94C1-ACCAE55330ED}) (Version: 3.34.161 - Corsair)
Counter-Strike 1.6 (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Counter-Strike 1.6) (Version: - )
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
CPUID HWMonitor Pro 1.40 (HKLM\...\CPUID HWMonitorPro_is1) (Version: 1.40 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Český dabing do hry Dear Esther (HKLM-x32\...\Český dabing do hry Dear Esther) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dead Space™ (HKLM-x32\...\{9789E33B-317A-44B2-AF9A-FF8708AD93E0}) (Version: 3.0.0.222 - Electronic Arts)
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.941.0 - Electronic Arts)
Dear Esther (HKLM-x32\...\Dear Esther_is1) (Version: - )
Dear Esther Landmark Edition (HKLM-x32\...\{E98F70AF-6022-4E84-AC6A-25FA6A870494}) (Version: 1.0.0.0 - Curve Digital)
Discord (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DOOMEternal version final (HKLM-x32\...\DOOMEternal_is1) (Version: final - The)
dr.fone toolkit for Android (Version 8.3.3) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.3.64 - Wondershare Technology Co.,Ltd.)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F.E.A.R. Platinum Collection (HKLM-x32\...\1423058413_is1) (Version: 2.0.0.5 - GOG.com)
Fallout 4 Complete Pack (HKLM-x32\...\Fallout 4 Complete Pack_is1) (Version: 1.7 - Bethesda Softworks)
Flexibooks 4.6.1 (64 bit) (HKLM\...\{D36F5D15-E633-45E7-803B-4FC66F183092}) (Version: 4.6.1 - Fraus Media s.r.o. 2016)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - )
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
Games Manager (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\GamesManager) (Version: 2.16.2.1015 - iWin Inc.)
GeneDoc (HKLM-x32\...\GeneDoc) (Version: - )
Glorious Model D Software (HKLM-x32\...\{4D18F84D-F67A-47B8-B7BB-C2832B1D6C92}_is1) (Version: 1.0.3 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Harry Potter TM (HKLM-x32\...\{3F50AF3B-8997-4916-0095-99D63DDB785A}) (Version: - )
Heroes of Might and Magic V (HKLM-x32\...\{9B22D57A-5338-49A5-AC08-70FE3E8B878B}) (Version: 1.6 - Ubisoft)
Ignition (HKLM-x32\...\1914950878_is1) (Version: 2.0.0.2 - GOG.com)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Jewel Quest Mysteries The Seventh Gate Collectors Edition (HKLM-x32\...\Jewel Quest Mysteries The Seventh Gate Collectors EditionFinal) (Version: Final - AllSmartGames)
Jewel Quest: The Sapphire Dragon -- Collector's Edition (HKLM-x32\...\Jewel Quest: The Sapphire Dragon -- Collector's Edition) (Version: 1.0.0.1 - iWin.com)
KeePass Password Safe 1.36 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.36 - Dominik Reichl)
Kodi (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Kodi) (Version: - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Luxor 2 HD version 12.11.05.0001 (HKLM-x32\...\{9C5E20CE-15E2-46A7-B9F6-A1FA55238646}_is1) (Version: 12.11.05.0001 - Killjoy & Pain, Inc.)
Luxor 2 version 2.0.6.15 (HKLM-x32\...\{B3C5082A-F30E-4783-97BE-69B3DC6F04B9}_is1) (Version: 2.0.6.15 - Pain, Inc.)
Luxor Evolved version 12.02.15.0004 (HKLM-x32\...\{D9D7D5EB-C419-4649-8840-8373EE3F8124}_is1) (Version: 12.02.15.0004 - Killjoy & Pain, Inc.)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{96beb4ed-a553-4319-87a3-e1c63b9f46d1}) (Version: 2.88.802.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool Mobile Recovery for Android version 1.0.1.1 (HKLM\...\{905006A1-C1B1-4544-B897-D3F1CDF10728}_is1) (Version: 1.0.1.1 - MiniTool Solution Ltd.)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Grafický ovládač 456.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.55 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Pohádka o Mrazíkovi, Ivanovi a Nastěnce (HKLM-x32\...\Pohadka) (Version: - )
Polda 5 verze 1.0 (HKLM-x32\...\Polda 5_is1) (Version: 1.0 - )
Polda 6 verze 1.0 (HKLM-x32\...\Polda 6_is1) (Version: 1.0 - Centauri production)
Polda IV (HKLM-x32\...\Polda IV_is1) (Version: - )
Polda V (HKLM-x32\...\Polda V_is1) (Version: - )
Polda verze 1.0 (HKLM-x32\...\{4FCB8F8A-44D0-41D3-851B-DA07D8283966}_is1) (Version: 1.0 - )
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
ProM 6.9 (HKLM-x32\...\ProM 6.9 Regular) (Version: Regular - processmining.org)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
qBittorrent 3.3.15 (HKLM-x32\...\qBittorrent) (Version: 3.3.15 - The qBittorrent project)
RAGE - Complete Edition (HKLM-x32\...\{1CE92F1B-0821-4291-9462-B59170A0965D}) (Version: 1.0.0 - Bethesda Softworks) Hidden
RAGE - Complete Edition (HKLM-x32\...\RAGE - Complete Edition 1.0.0) (Version: 1.0.0 - Bethesda Softworks)
RapidMiner Studio (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\RapidMiner Studio) (Version: 9.5.0.0 - RapidMiner)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG5700 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5700 series) (Version: - Canon Inc.)
Resident Evil 5 Gold Edition version 1.0.0.129 (HKLM-x32\...\Resident Evil 5 Gold Edition_is1) (Version: 1.0.0.129 - Mr DJ)
RetroArch 1.8.6 (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\RetroArch) (Version: 1.8.6 - libretro)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
Sequencher 5.4.6 (HKLM-x32\...\{9063E77B-B332-4750-8374-937D6FCBB888}) (Version: 5.4.6 - Gene Codes Corporation)
Snoopy vs. The Red Baron(TM) version 1.0 (HKLM-x32\...\Snoopy vs. The Red Baron(TM)_is1) (Version: 1.0 - )
Spore™ (HKLM-x32\...\{4BDCC41C-FFE7-40a4-BCB6-B558916868F7}) (Version: 1.7.0.0 - Electronic Arts)
Star Wars JK II Jedi Outcast (HKLM-x32\...\{8681B1E6-CD96-46EF-9065-CE0D1085ED99}) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
Stronghold HD (HKLM-x32\...\1207658712_is1) (Version: 1.41 - GOG.com)
Subnautica (HKLM-x32\...\Subnautica_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.10.5 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.18.0.20 - GOG.com)
Tetris Effect (HKLM-x32\...\Tetris Effect_is1) (Version: - )
The Curse of Monkey Island™ (HKLM-x32\...\1528148981_is1) (Version: 1.0 - GOG.com)
The Longing (HKLM-x32\...\The Longing_is1) (Version: - )
The Simpsons - Hit & Run (HKLM-x32\...\The Simpsons - Hit & Run_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.60.54.1020 - Electronic Arts Inc.)
The Treasures Of Montezuma 2 (HKLM-x32\...\The Treasures Of Montezuma 2) (Version: - Alawar Entertainment Inc.)
This War of Mine verze 1.4.1 (HKLM-x32\...\This War of Mine_is1) (Version: 1.4.1 - 11 bit studios)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Ultima Online Enhanced Client (HKLM-x32\...\Ultima Online Enhanced) (Version: - Electronic Arts)
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VMware Horizon Client (HKLM\...\{E6D407E4-66C9-4D6A-89DD-9A53FCF57BC7}) (Version: 5.2.0.7817 - VMware, Inc.) Hidden
VMware Horizon Client (HKLM-x32\...\{1f396f63-5049-48d6-804f-85d733a67875}) (Version: 5.2.0.7817 - VMware, Inc.)
VMware Horizon HTML5 Multimedia Redirection Client (HKLM\...\{8F183FEA-082F-4718-A196-301359752CAD}) (Version: 7.10.0 - VMware, Inc.) Hidden
VMware Horizon Media Engine 10.0.0.599 (64-bit) (HKLM\...\{A68CBEF3-FADD-425C-8901-A26CFB4938AD}) (Version: 10.0.0.599 - VMware, Inc.) Hidden
VooPoo version 1.5.1.39 (HKLM-x32\...\{1FDBBBBD-8720-42CB-9326-6CF2AE68F8B7}_is1) (Version: 1.5.1.39 - KunShan XW-TEC)
Windows Driver Package - Android USB Driver (WinUSB) AndroidUsbDeviceClass (11/11/2016 11.0.0000.00000) (HKLM\...\4F390F96D29747EB6ED21CEDF0A85F0A52622E03) (Version: 11/11/2016 11.0.0000.00000 - Android USB Driver)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Filmora X(Build 10.0.0.94) (HKLM\...\Wondershare Filmora X_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare Recoverit(Build 8.0.5.24) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 8.0.5.24 - Wondershare Software Co.,Ltd.)
World of Goo (HKLM-x32\...\1421855536_is1) (Version: 2.1.0.2 - GOG.com)
Worms Armageddon (HKLM-x32\...\1462173886_is1) (Version: 2.0.0.2 - GOG.com)
Worms W.M.D. (HKLM-x32\...\1448620034_is1) (Version: 2.0.0.2 - GOG.com)
Worms W.M.D. All Stars Pack (HKLM-x32\...\2041366294_is1) (Version: 2.0.0.2 - GOG.com)
Zimní Hrátky (HKLM-x32\...\Zimní Hrátky) (Version: - )
Zoo Tycoon 2 - Extinct Animals (HKLM-x32\...\{15292416-A464-4FBA-BB96-7298EAACFC07}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zoo Tycoon 2 - Extinct Animals (HKLM-x32\...\InstallShield_{15292416-A464-4FBA-BB96-7298EAACFC07}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoom (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\ZoomUMX) (Version: 5.3.0 (52670.0921) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 5.0.58 (x86 en-US)) (Version: 5.0.58 - Corporation for Digital Scholarship)
Packages:
=========
Aerial Beaches PREMIUM -> C:\Program Files\WindowsApps\Microsoft.AerialBeachesPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-16] (Microsoft Corporation)
Aerial Iceland PREMIUM -> C:\Program Files\WindowsApps\Microsoft.AerialIcelandPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-17] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1940.2.0_x86__kgqvnymyfvs32 [2021-01-26] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.185.400.0_x86__kgqvnymyfvs32 [2021-01-21] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-04-21] (Canon Inc.)
Cat Expressions -> C:\Program Files\WindowsApps\Microsoft.CatExpressions_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-19] (Microsoft Corporation)
Coastal Germany by Frank Hojenski -> C:\Program Files\WindowsApps\Microsoft.CoastalGermanybyFrankHojenski_1.0.0.0_neutral__8wekyb3d8bbwe [2017-09-14] (Microsoft Corporation)
Color Explosion -> C:\Program Files\WindowsApps\Microsoft.ColorExplosion_1.0.0.0_neutral__8wekyb3d8bbwe [2020-11-05] (Microsoft Corporation)
Dark Skies by Tracy Hymas -> C:\Program Files\WindowsApps\Microsoft.DarkSkiesbyTracyHymas_1.0.0.0_neutral__8wekyb3d8bbwe [2018-02-08] (Microsoft Corporation)
Desert Beauty PREMIUM -> C:\Program Files\WindowsApps\Microsoft.DesertBeautyPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-16] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-22] (Facebook Inc)
Goat Simulator Windows 10 -> C:\Program Files\WindowsApps\DoubleElevenLimited.GoatSimulatorWindows10_1.8.3.2_x64__0hbmw099njyxm [2020-12-27] (Double Eleven Limited)
Halo -> C:\Program Files\WindowsApps\Microsoft.Tomp_1.0.4723.0_x64__8wekyb3d8bbwe [2020-12-27] (Microsoft Studios)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2020-12-27] (Keeper Security Inc)
Mardi Gras Masks -> C:\Program Files\WindowsApps\Microsoft.MardiGrasMasks_1.0.0.0_neutral__8wekyb3d8bbwe [2018-02-08] (Microsoft Corporation)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.3.1.1_x86__h6adky7gbf63m [2021-01-15] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-16] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-21] (NVIDIA Corp.)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2020-12-27] (Plex)
Spiraling Fractals PREMIUM -> C:\Program Files\WindowsApps\Microsoft.SpiralingFractalsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
The Grand Canyon National Park -> C:\Program Files\WindowsApps\Microsoft.TheGrandCanyonNationalPark_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
World National Parks -> C:\Program Files\WindowsApps\Microsoft.WorldNationalParks_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3540141402-2491340951-2446622603-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\erikc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3540141402-2491340951-2446622603-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\erikc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-3540141402-2491340951-2446622603-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9cb6a07d60163933\nvshext.dll [2020-09-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3540141402-2491340951-2446622603-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-27 12:01 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-11-27 12:01 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2020-09-30 14:03 - 2020-09-30 14:03 - 000352256 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ActionsConverters.dll
2020-09-30 13:30 - 2020-09-30 13:30 - 000759808 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyCommands.dll
2020-09-30 13:30 - 2020-09-30 13:30 - 000743936 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyNotifications.dll
2020-09-30 13:29 - 2020-09-30 13:29 - 000537600 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\MobileProto.dll
2020-09-30 13:30 - 2020-09-30 13:30 - 000203776 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ModelHelpers.dll
2020-09-30 13:29 - 2020-09-30 13:29 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2020-09-30 13:29 - 2020-09-30 13:29 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2017-08-25 18:30 - 2014-04-09 05:25 - 000071680 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssmp3.asi
2017-08-25 18:30 - 2014-04-09 05:25 - 000153088 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssvoice.asi
2017-10-22 09:49 - 2010-08-27 12:46 - 000602624 _____ () [File not signed] C:\WINDOWS\System32\SafeQCairoLib64.dll
2017-10-22 09:49 - 2010-09-29 14:13 - 009028096 _____ () [File not signed] C:\WINDOWS\System32\SAFEQVS64.DLL
2018-07-30 11:10 - 2015-01-09 07:45 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2018-07-30 11:10 - 2015-01-09 07:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2018-07-20 18:04 - 2015-03-17 07:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-09-22 14:30 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-09-10 13:52 - 2015-02-27 09:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2017-08-25 18:30 - 2014-05-03 02:16 - 000440320 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mss32.DLL
2017-08-25 18:30 - 2014-04-09 05:25 - 000055296 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mssdsp.flt
2020-08-18 14:10 - 2020-08-18 14:10 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-08-14 17:29 - 2020-12-16 19:33 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-08-14 17:29 - 2020-12-16 19:33 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-09-02 12:55 - 2020-09-02 12:55 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2020-09-02 12:55 - 2020-09-02 12:55 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2020-08-14 17:29 - 2020-12-16 19:33 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-09-10 13:52 - 2017-06-21 08:24 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2019-09-10 13:52 - 2017-06-21 08:24 - 000198144 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll
2020-11-27 12:01 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-04-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-04-12] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2018-04-16 18:43 - 000000876 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 view-localhost # view localhost server
2017-12-30 23:12 - 2017-12-30 23:17 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\EasyPHP-DevServer-14.1VC9\binaries\php\php_runningversion;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8F416A57-EB2E-4184-ADB8-551E2A24B5DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{CB26C26E-1CE1-4F9A-A920-17F0E2DBE770}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{7851BDCA-9B43-4150-8C33-DB2D49227AD7}] => (Allow) S:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E5038165-BF6F-416B-AFEA-B016B0901A4E}] => (Allow) S:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6D686139-BD1D-4D1B-B3D3-E8EA676FA03C}] => (Allow) C:\Program Files (x86)\Mr DJ\Resident Evil 5 Gold Edition\Launcher.exe (CAPCOM CO., LTD.) [File not signed]
FirewallRules: [{9541C9DF-065F-447B-AEE2-3B2D731A3C1D}] => (Allow) C:\Program Files (x86)\Mr DJ\Resident Evil 5 Gold Edition\Launcher.exe (CAPCOM CO., LTD.) [File not signed]
FirewallRules: [{76F1ECE2-872A-4AA0-9CBA-E01E3C01DA58}] => (Allow) S:\Hry\AssassinsCreedSyndicate\ACS.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{978592D2-25E5-406E-B283-5A50E7FD089F}] => (Allow) S:\SteamLibrary\steamapps\common\ValveTestApp207490\Rayman Origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{9DC39113-FC6F-43B5-AF85-918795AD7B3E}] => (Allow) S:\SteamLibrary\steamapps\common\ValveTestApp207490\Rayman Origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{E9F1A920-4479-4D33-A5C2-398D3ED2FCB3}] => (Allow) C:\Users\erikc\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{44E85BFA-546C-47C2-B60B-E9C45733972B}] => (Allow) C:\Users\erikc\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{371E56C7-9EC4-4F5E-A411-C478E3C13809}] => (Block) S:\Hry\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{40935129-01F5-424A-B675-654AB65F4DB7}] => (Block) S:\Hry\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{7E78DEDF-1EC1-4BA0-9B3B-46AA7236CFEC}] => (Block) S:\Hry\DOOMEternal\DOOMEternalx64vk.exe (id Software) [File not signed]
FirewallRules: [{EE35A9C4-6183-4DAF-B9BC-E284FF751507}] => (Block) S:\Hry\DOOMEternal\DOOMEternalx64vk +com_skipSignInManager 1.exe => No File
FirewallRules: [{BA6FF8D4-12B3-492C-B1B6-82BB575AE769}] => (Allow) S:\SteamLibrary\steamapps\common\Backbone Prologue\Detective.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{00B7F606-4D1D-4D90-846E-4FC83222BA21}] => (Allow) S:\SteamLibrary\steamapps\common\Backbone Prologue\Detective.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E3CA85CE-7028-4189-B924-0FBDB3AFFC30}] => (Allow) C:\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{987C13C4-1A12-49E6-A782-063C92D40CBF}] => (Allow) C:\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{DFEC4384-5F5A-4AEA-8CEE-687FD292D7CE}] => (Allow) C:\The Sims 4\Game\Bin_LE\TS4.exe => No File
FirewallRules: [{F29771BE-D130-48E9-BCEB-138A2EA7A3F5}] => (Allow) C:\The Sims 4\Game\Bin_LE\TS4.exe => No File
FirewallRules: [{73C40E4B-8671-4532-9F9E-C750AC0D7922}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{7D6AB5AC-83BD-4FED-BD74-E827E226A73D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{9E7FE868-E187-41AC-8457-666D6103BBA0}] => (Allow) S:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{F03C942F-6B35-4E4F-B1E1-5AD338840AE3}] => (Allow) S:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{7C0830B8-7D3C-4721-8BCA-088D26009CD7}] => (Allow) S:\SteamLibrary\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{37E75CF4-EF1C-434D-8D97-8B43B0110E7F}] => (Allow) S:\SteamLibrary\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{E4CE4F28-DAC8-407F-8854-C241F7B89319}] => (Allow) S:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{B150A964-4492-4CE2-8709-FB895A187B97}] => (Allow) S:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{685623FB-8B3E-4DA2-8EC3-4C74C6695B18}] => (Allow) S:\SteamLibrary\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{640EAC3A-3FD4-4652-AB06-25F415FC0777}] => (Allow) S:\SteamLibrary\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{CF4AB286-586D-46F0-B528-EA457CCC156F}] => (Allow) S:\SteamLibrary\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{0F2AE2D5-6020-4B42-90AE-D96F1A0CBF4D}] => (Allow) S:\SteamLibrary\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{BA891F77-3A88-4503-945D-405D0F193786}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{1D852620-95FF-4AA6-A264-7FB7F67E1146}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{79EFCF7A-7F61-4E3C-BC16-88545DB80ADC}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{FF305539-E0A5-4D12-A69C-BD8D29F4E3A0}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{8C35AEA3-6120-411C-84AD-A973FE5D30FE}] => (Allow) S:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe => No File
FirewallRules: [{7FFB22DA-2966-41F7-A700-366B27639883}] => (Allow) S:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe => No File
FirewallRules: [{745DBF62-72FA-493E-ACC1-C460F3B4CD87}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe => No File
FirewallRules: [{406819D5-B9A5-454A-92E2-63976885643C}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe => No File
FirewallRules: [{740EF7C7-C6C7-41CD-BBF1-C4BB77EBF132}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe => No File
FirewallRules: [{823D57D3-1AC5-405E-A473-59ACDD3C0CA2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe => No File
FirewallRules: [{5C530F74-5EA4-42AA-8120-8FE0EBA3CB65}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{F4618E23-B85D-4DD5-8ED4-7FF0CBEC7760}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{C334593F-C820-48BA-A40B-0126E9318C1F}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{9D69C140-716A-4410-9DAB-96E39D85A805}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{B2939C82-8916-4560-A65E-F83C3AF8047C}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe (Electronic Arts, Inc. -> )
FirewallRules: [{E5230A01-4E12-494F-B16A-D236D2527FE4}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe (Electronic Arts, Inc. -> )
FirewallRules: [{541FD3F9-4F79-48D6-8EB6-2AC558124B2E}] => (Allow) C:\Program Files (x86)\Mr DJ\Tom Clancys Splinter Cell Chaos Thheory\System\SPLINTERCELL3.EXE => No File
FirewallRules: [{2AB0EC2D-6D98-44A3-AAF5-CFCFFA289992}] => (Allow) C:\Program Files (x86)\Mr DJ\Tom Clancys Splinter Cell Chaos Thheory\System\SPLINTERCELL3.EXE => No File
FirewallRules: [{2D804EE0-7530-40E7-A705-F991761C6720}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0A6FC896-1E46-404A-8526-892BBD4DA3F4}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4ACAA214-31E6-44B8-906C-3849BC86D241}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [{2597E9A8-3C50-4DFB-8968-1FDBBBAA256E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [{8BFAFC48-2EC3-4071-9867-8825CC3ADD1D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{65D75BE7-5644-4D9B-AB85-940E4BFBE4AB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{09DBD04B-1FC3-4B61-8DB7-FD53F22356F1}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{992C31ED-E50E-41E0-961D-92C298B7964B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{6E2C83ED-2AC3-4C31-9A21-FD057FFD9F9F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{E80CE407-50D6-416D-95A6-1B6E4A58058B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{6D1F7658-6BB6-4FD2-8032-88696C10678F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E9988C7B-3327-4526-9475-7172C0D588B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D972A826-99D5-4CF5-9679-83291C53D720}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{CDB2186E-55FB-4363-9210-6AD1B9C15C5C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{C50A9F1E-0DC7-45E7-A51D-F98DF0E24ECA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{FC57E694-1920-48FD-AB69-C0885FDD51C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{18BF9534-64C4-4E38-888F-0E84FB7CF7ED}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{980275C0-3672-42D5-A654-78F1BBE5DA52}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{3329E35C-0830-4538-B3AB-F77117DEFAEF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B0871973-6229-4A3F-91FE-DCC03E386E8D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{18BBA805-8D76-4DE5-B428-11AD29326052}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{F378A7BF-5181-419C-A1C2-480E2A59BE80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{C044A3F9-B57A-4670-BD31-9D8FD8559597}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{B87B0445-065B-44DA-9D41-218F44075479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{547AEB40-4F2F-4AF2-B82D-018C0C38D8A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe (Obsidian Entertainment, Inc.) [File not signed]
FirewallRules: [{E41B77AE-0AED-4296-AC59-1C70DEAC8460}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe (Obsidian Entertainment, Inc.) [File not signed]
FirewallRules: [{AB48F2C0-2F37-4641-9EE3-A1E3F3266AC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe (Telltale Games) [File not signed]
FirewallRules: [{4CDB7B62-458E-418F-A335-EAC21DE1A76B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe (Telltale Games) [File not signed]
FirewallRules: [{544AE2F4-62EB-426F-9293-D941621A4287}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [{C1A940D4-A987-46CD-A2C2-555AB677A536}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [{D2C23E49-D1C3-4F89-BE02-A328882FE0C9}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{69382621-C421-47B1-BB43-6D10A897A587}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{BD1F64C5-F61C-461E-9181-CF5283640E4C}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe => No File
FirewallRules: [{BA35F0A1-6FF5-4239-8C8B-F1BEDDF25527}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe => No File
FirewallRules: [{0FA5059A-E14A-4EF5-B24B-8E1996E389FB}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe => No File
FirewallRules: [{C4A6F38E-D556-47E0-9270-317CC1B8328A}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe => No File
FirewallRules: [{F9402AFD-BE44-49AB-BFCD-2EDE1EA8FF97}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{515E4DF1-25A0-46E1-82F6-B2F09A1F5E6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{981CDA1A-73E8-4056-A011-2C23A3000544}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{8E608F4D-7D93-4AA0-BD81-72C53FB5AE03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{86DC58E7-D546-4561-952A-89B433140620}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{786A3D1F-A722-42AA-A8F1-07FC6B60D6C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{7AE211DE-F0DF-45AB-A142-A7B0541E78AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{C61DD992-2357-4112-AA0C-3E6D598917CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E68CB315-ED24-490A-B3B1-683B3F2F3164}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{A1E30164-061B-4300-B938-8640E350E5C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{EBA892DD-8DAE-4FFC-945B-E62E6A267EE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{ECA96765-7964-489A-99E9-2EA480E4B744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{ACFEBACE-F653-4511-B705-6EDF3CDA8B9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rayman Raving Rabbids\CheckApplication.exe (Ubisoft) [File not signed]
FirewallRules: [{4446A0BA-58B0-43B4-B8E8-2AE3B86653DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rayman Raving Rabbids\CheckApplication.exe (Ubisoft) [File not signed]
FirewallRules: [{E53DDB21-822A-425C-B9C0-5C4925EE8A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Finding Nemo\NemoAdv.exe () [File not signed]
FirewallRules: [{0ECBFE25-5076-4273-9B9D-3FB0FBBDDC1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Finding Nemo\NemoAdv.exe () [File not signed]
FirewallRules: [{3BD9A422-35B9-4381-B8E1-53B8254937C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{915F22F2-3FEE-4B87-8BA3-59B297345866}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{627D1DBB-5CD0-4ED1-8915-2A545D97A605}] => (Allow) S:\Hry\Assasin s creed UNITY\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{68E8A1AE-AAC4-4EDD-9AD3-01602FD93675}] => (Allow) S:\Hry\Assasin s creed UNITY\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{F067D500-699C-4466-A279-D350CC3BA113}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe () [File not signed]
FirewallRules: [{E30397E3-EFBC-4C98-BAFB-DF63E846D195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe () [File not signed]
FirewallRules: [{B3180220-7198-4B1A-BF7D-CC8383F280A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pagan Online\Pagan.exe (Mad Head Games doo Novi Sad -> Mad Head Games)
FirewallRules: [{3C5CCCB3-FF7B-44FA-BD93-503052281478}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pagan Online\Pagan.exe (Mad Head Games doo Novi Sad -> Mad Head Games)
FirewallRules: [{79984AB9-50FD-4DBB-B226-2FE4F9464639}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2003D416-C51A-4889-BCD6-4AA770EC9651}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1DAF4326-64AC-45D1-A829-60DBAE40529D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6970DB4C-53EB-44F4-842A-BA32075D51E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BE56847B-0651-45F1-92F2-7BBC71C1D8BB}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe (Electronic Arts, Inc. -> )
FirewallRules: [{BE2C83DE-79AC-4A86-97EB-316EB891CDC3}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe (Electronic Arts, Inc. -> )
FirewallRules: [{1ED50408-46D4-4269-9D4F-B062746AFD24}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{705A9442-0E9F-4A06-A561-07231723E439}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D9D269F1-4474-4AE0-AE88-DCC09805187C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4AB8338-7F09-4D89-BE14-94EA5872C6F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BBFC103B-C427-4E89-9732-E296A04C5389}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FA0C54B6-EB9E-4823-9354-8DAE95948F50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{60B03521-AA19-42C3-9202-3ACA094EFF90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{7F7AD086-DC37-44EC-807F-D1D524044358}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{10D1083B-19B2-4276-BAA4-9A546D229E6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{BE5F7A20-0573-4C9F-9768-EB2EC7BDDB3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{7F686191-DD27-4470-9D1D-F72D54FB4F3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{F8B2D191-F2A7-4676-B1EC-64F5EAA7E38C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{6D95F418-CD10-4870-842E-1B76C28206F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{F6033780-F5DD-4E59-9196-D8760F8FD5AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{B2224EA8-37D3-47E4-BFB0-DB2ADFC0A9D0}] => (Allow) S:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{4E37B2A2-383D-48D9-8265-7E9CE21B9157}] => (Allow) S:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{0E52198A-708B-4B96-842C-E265EDD850EE}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{063A1E6C-0F06-4EFC-8DD8-0CF13BB68A25}] => (Allow) S:\Origin\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{E6BA8E8C-D055-4210-8F51-6F1EBDF2F190}] => (Allow) S:\Origin\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{C42200A4-3FED-45AA-82CA-9FAD3D0D9F18}] => (Allow) S:\Origin\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{B7BEA9C0-6FB2-4FBE-9B65-AC094CD554A3}] => (Allow) S:\Origin\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{DAEE5C60-7B7E-4682-B00F-21099E5843E9}] => (Allow) S:\Origin\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{2A851480-0A52-4294-B059-E7FEE4489466}] => (Allow) S:\Origin\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{98251135-F736-4573-8D6E-A0F50DB7B407}] => (Allow) S:\Origin\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D8373397-669D-4420-AC89-671B08B9045C}] => (Allow) S:\Origin\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D3B1A0E5-CC85-474C-895B-003AAA47C77A}] => (Allow) S:\Origin\Peggle Deluxe\Peggle.exe (Electronic Arts -> )
FirewallRules: [{588AA2E2-1FEC-4B75-984D-5B8E584D6D54}] => (Allow) S:\Origin\Peggle Deluxe\Peggle.exe (Electronic Arts -> )
FirewallRules: [{45710F7D-79BB-49BB-9B89-A3546B3692EC}] => (Allow) S:\Origin\Plants vs. Zombies\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{E29785AA-09DC-4490-9905-2577C974AB67}] => (Allow) S:\Origin\Plants vs. Zombies\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{52163A1C-EF35-47CC-988C-AD302DE4333D}] => (Allow) S:\Origin\Spore\Sporebin\SporeApp.exe (Electronic Arts -> Maxis, a division of Electronic Arts Inc.)
FirewallRules: [{343ACA17-E869-41FB-ABF7-ABFBDE178641}] => (Allow) S:\Origin\Spore\Sporebin\SporeApp.exe (Electronic Arts -> Maxis, a division of Electronic Arts Inc.)
FirewallRules: [{14978C07-1BD8-4BB0-9514-943EEA5D0FBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{CA397D76-7557-458F-8155-178E56E442B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{05BE03F8-DCC6-45B2-AA9D-314A9F087D13}] => (Allow) S:\Origin\Dear Esther\DearEsther.exe (Electronic Arts, Inc. -> )
FirewallRules: [{4964C9D7-1379-49F6-8724-FB650077074E}] => (Allow) S:\Origin\Dear Esther\DearEsther.exe (Electronic Arts, Inc. -> )
FirewallRules: [{E46937B1-0790-419E-9183-1539EB38271B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B3212B0-A103-4BB5-AA7C-9E41C5318DF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1B47870-390A-4A51-B242-ACE911DC013B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DB644A1-A598-468B-8066-E8C3EDFA6DF0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6CDD2E5E-28C9-487C-85A9-641D166F8414}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57DF0CB9-670E-449B-A622-DE2A2A7E4A73}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A07B5085-4565-4D7D-8540-C217C7A08B36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HROT\HROT.exe () [File not signed]
FirewallRules: [{BD2B4BB5-3ED6-4E4A-AC2C-79836E57686A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HROT\HROT.exe () [File not signed]
==================== Restore Points =========================
27-01-2021 12:13:32 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/01/2021 03:31:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wmiprvse.exe, verzia: 10.0.19041.546, časová značka: 0x5da7ab91
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0x80131623
Odstup chyby: 0x00007ffdf5fa200f
Identifikácia chybujúceho procesu: 0x2038
Čas spustenia chybujúcej aplikácie: 0x01d6f8a6f43c006f
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: 090b0fa1-1f3a-4786-b645-7d73f9c2650d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (02/01/2021 03:31:40 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Unexpected exception thrown from the provider:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (02/01/2021 03:31:39 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/01/2021 03:31:39 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (02/01/2021 03:31:39 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (02/01/2021 03:22:35 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (02/01/2021 01:14:26 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (02/01/2021 11:14:17 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
System errors:
=============
Error: (02/01/2021 09:10:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server Microsoft.People_10.1909.12456.0_x64__8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXv1pa150fssxfwf8qn0j65z3gp1qhwkcs.mca did not register with DCOM within the required timeout.
Error: (01/29/2021 09:52:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Error: (01/28/2021 10:25:13 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server Microsoft.Wallet_2.4.18324.0_x64__8wekyb3d8bbwe!App.AppXgvxkrr1tm1jwgecmqbxe81yfbwpjdn1h.mca did not register with DCOM within the required timeout.
Error: (01/28/2021 10:25:13 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server NcsiUwpApp_1000.19041.423.0_neutral_neutral_8wekyb3d8bbwe!App.AppXw175g9nmx2zykh9fyt6xjc0xf8vmj1w6.mca did not register with DCOM within the required timeout.
Error: (01/28/2021 10:25:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby BFE bol dosiahnutý časový limit (30000 ms).
Error: (01/27/2021 11:27:32 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume G:.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (01/27/2021 11:27:32 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume G:.
The exact nature of the corruption is unknown. The file system structures need to be scanned and fixed offline.
Error: (01/26/2021 11:14:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2020-12-16 14:09:23.5230000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Name: HackTool:Win32/AutoKMS.E!MSR
ID: 2147743252
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\erikc\AppData\Local\Temp\Rar$DRa4184.40342\Microsoft Office 2010 CZ Professional Plus key aktivátor\Office 2010 Toolkit.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.329.501.0, AS: 1.329.501.0, NIS: 1.329.501.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2020-12-16 14:08:15.3130000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Name: HackTool:Win32/AutoKMS.E!MSR
ID: 2147743252
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\erikc\AppData\Local\Temp\Rar$DRa4184.40342\Microsoft Office 2010 CZ Professional Plus key aktivátor\Office 2010 Toolkit.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.329.501.0, AS: 1.329.501.0, NIS: 1.329.501.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2020-12-16 14:08:07.3370000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Name: HackTool:Win32/AutoKMS.E!MSR
ID: 2147743252
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\erikc\AppData\Local\Temp\Rar$DRa4184.40342\Microsoft Office 2010 CZ Professional Plus key aktivátor\Office 2010 Toolkit.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.329.501.0, AS: 1.329.501.0, NIS: 1.329.501.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2020-11-01 10:51:53.8260000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.251.28.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17600.5
Error code: 0x80240022
Error description: Program nemôže skontrolovať aktualizácie definícií.
CodeIntegrity:
===================================
Date: 2021-02-01 13:11:25.9870000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 13:11:25.6510000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0930000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0910000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0880000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0860000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0800000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:57:57.6750000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2.JM 06/27/2019
Motherboard: Micro-Star International Co., Ltd A320M PRO-VD/S (MS-7A36)
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 51%
Total physical RAM: 16335.2 MB
Available physical RAM: 7968.14 MB
Total Virtual: 20186.66 MB
Available Virtual: 8226.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.35 GB) (Free:86.37 GB) NTFS
Drive g: (USB SanDisk) (Removable) (Total:28.64 GB) (Free:4.4 GB) NTFS
Drive s: (STORAGE ONLY 5400RPM) (Fixed) (Total:931.51 GB) (Free:65.2 GB) NTFS
\\?\Volume{dd92de8b-9156-446a-ab07-5936ad8bcc3f}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{ed6a65ec-6b5f-4e6f-bbc0-808cffd9d5f0}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{21989455-015a-497f-9cc5-552fd85ea617}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E38729AB)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 28.6 GB) (Disk ID: 5D5E30E0)
Partition 1: (Active) - (Size=28.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
prosiim o preventivnu kontrolu logu.
Dakujem.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by erikc (administrator) on DESKTOP-I382RG4 (Micro-Star International Co., Ltd. MS-7A36) (01-02-2021 15:40:24)
Running from C:\Users\erikc\Desktop
Loaded Profiles: erikc
Platform: Windows 10 Pro Version 20H2 19042.746 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Environmental Systems Research Institute Inc. -> Esri) C:\Program Files\ArcGIS\Pro\bin\ArcGISIndexingServer.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Jan Fiala -> Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\erikc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9cb6a07d60163933\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Trend Micro Inc.) [File not signed] C:\Users\erikc\Downloads\HijackThis.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [175504 2020-11-08] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SafeQ Client] => C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [262144 2010-09-29] () [File not signed]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [5160760 2020-04-16] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-09-30] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [Discord] => C:\Users\erikc\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32883768 2021-01-27] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\erikc\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\MountPoints2: {7ed2345c-27f0-11ea-8b8e-001a7dda7111} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\MountPoints2: {ebe9e78e-6134-11e8-bfb5-4ccc6aff2982} - "D:\Setup.exe"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Winlogon: [Shell] %comspec% <==== ATTENTION
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBU.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\KOBJEA_P: C:\Windows\System32\spool\prtprocs\x64\KOBJEA_P.DLL [40960 2010-04-19] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Print\Monitors\bizhub C20P PS Language Monitor: C:\Windows\system32\KOBJEA_L.dll [17408 2010-04-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\SafeQ: C:\Windows\system32\SAFEQVS64.DLL [9028096 2010-09-29] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-28] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02021ECA-5BF1-4F38-95E0-9DD8BE298DC5} - System32\Tasks\TinyTakeUpgrade => C:\Users\erikc\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe
Task: {02969713-D03A-4735-9F66-BE54CAD4A330} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {02BF05BC-4431-4D37-B229-DFEE11CAB064} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {0DCD5BEA-7749-49E9-A317-F5EC8A369350} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {10A12E95-F66B-435E-8C5C-E8D0D4A3DC63} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {13D9AA3C-57B1-4B47-9CEC-EF477D78C508} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {17060859-8F4C-44F4-9CAC-BBF3CDB12514} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {1E7A698D-43D8-48A4-892D-7288C17B7539} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28E38CBF-F920-486D-8681-A4D25F3D44E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {29915BE3-D79B-44A8-9CF6-F020D769C83B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2C74DDB9-A609-46FE-BDC7-C46F86AFFC9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-23] (Google Inc -> Google Inc.)
Task: {2DFDFCC5-D4F1-4292-A3E0-720AB614C7EF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {555A63AE-3BD6-4159-81C9-EFAD49078CBD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58999DE9-CB1B-4D46-B50F-B0AA0662C72A} - System32\Tasks\ArcGIS Pro Indexing (MicrosoftAccount_erik.capek@gmail.com) => C:\Program Files\ArcGIS\Pro\bin\ArcGISIndexingServer.exe [1095048 2020-07-09] (Environmental Systems Research Institute Inc. -> Esri)
Task: {63072DB7-B4F7-479D-9CB0-46FB6AC53929} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {6D0168D2-5705-46F4-AC58-156FE2F71BB9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7069119E-AFA3-45F4-81CD-22667284F790} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-23] (Google Inc -> Google Inc.)
Task: {71019B4D-7BB5-453F-9464-5AE5C47CA774} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {72B4E273-F5A8-4991-809A-36B7DB65EE35} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {72D83D5A-23E1-46DC-B61F-F925FADF8EFD} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {B9C01C62-EC0C-4C0B-BB50-5D31992CF005} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1161112 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAD06073-7A79-4821-A69C-0FCBD8826C48} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {BDB16CE2-F79E-4918-A1F3-48DACCD2E34E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {C4DAAB1C-1034-481A-A8A6-148A92763C40} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [434176 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
Task: {C724B7FB-7661-4FBA-8F62-AFCDC45F3A26} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCFF12F0-77A6-4E31-BB2E-9F5FA81750B3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D481BF60-C7A9-4A88-96B1-EB2D03048399} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD1A7DA2-D1E5-4E68-A349-984A34B00C74} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [459776 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
Task: {DF97B7B1-A233-4C1D-B737-7B4FD419743C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E04F303F-8207-40AF-AC56-A86E4CAF6BAD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB8AAFA0-7DDE-439A-A8BE-EA13858774CE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD74116C-5CDF-4A36-B173-B140E0298D80} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\35AFA833-3A1D-4D24-B789-0751540A2DF9\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [434176 2020-09-09] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{4653a6fd-35ce-4430-b0eb-18c8ece72ee2}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ca780394-6a26-4441-acaf-9d7218a7686d}: [DhcpNameServer] 192.168.43.1
Edge:
=======
DownloadDir: C:\Users\erikc\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\erikc\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-24]
FireFox:
========
FF DefaultProfile: wl2xx4ua.default
FF ProfilePath: C:\Users\erikc\AppData\Roaming\Zotero\Zotero\Profiles\wl2xx4ua.default [2021-01-02]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-04-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-04-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default [2021-02-01]
CHR Notifications: Default -> hxxps://kfc.cz; hxxps://www.damejidlo.cz
CHR Extension: (Prezentácie) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19]
CHR Extension: (YouTube) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-23]
CHR Extension: (Tabuľky) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (EndNote Click - Formerly Kopernio) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjgncogppolhfdpijihbpfmeohpaadpc [2021-01-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (Grammarly for Chrome) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Subtitles for netflix) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\oddfihdjoneffhjjlpgdjaefeklefmdi [2019-02-08]
CHR Extension: (Scopus Document Download Manager) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojplelelocihfchkdaebocpankipadmp [2020-07-18]
CHR Extension: (Gmail) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\erikc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR Profile: C:\Users\erikc\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-01-23] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [448432 2019-09-04] (VMware, Inc. -> VMware, Inc.)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-09-30] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-09-30] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-08] (ESET, spol. s r.o. -> ESET)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [299632 2019-07-09] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [4359280 2019-08-19] (FabulaTech, LLP -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [391744 2017-07-11] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-12-10] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [450672 2019-07-26] (FabulaTech, LLP -> VMware)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-22] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9cb6a07d60163933\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9cb6a07d60163933\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2021-01-23] (CPUID S.A.R.L.U. -> CPUID)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-01] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220600 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142440 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2020-04-16] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-08-25] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-01 15:40 - 2021-02-01 15:43 - 000034615 _____ C:\Users\erikc\Desktop\FRST.txt
2021-02-01 15:38 - 2021-02-01 15:42 - 000000000 ____D C:\FRST
2021-02-01 15:38 - 2021-02-01 15:38 - 002297856 _____ (Farbar) C:\Users\erikc\Downloads\FRST64 (1).exe
2021-02-01 15:38 - 2021-02-01 15:38 - 002297856 _____ (Farbar) C:\Users\erikc\Desktop\FRST64.exe
2021-02-01 15:37 - 2021-02-01 15:37 - 000000000 ____D C:\Users\erikc\AppData\LocalLow\IGDump
2021-02-01 15:29 - 2021-02-01 15:29 - 000388608 _____ (Trend Micro Inc.) C:\Users\erikc\Downloads\HijackThis.exe
2021-02-01 15:26 - 2021-02-01 15:26 - 011431000 _____ (SurfRight B.V.) C:\Users\erikc\Downloads\HitmanPro_x64 (1).exe
2021-02-01 13:11 - 2021-02-01 13:11 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-01 13:11 - 2021-02-01 13:11 - 000142440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-01 13:11 - 2021-02-01 13:11 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-01 13:10 - 2021-02-01 13:10 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-01 13:10 - 2021-02-01 13:10 - 000220600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-01 13:10 - 2021-02-01 13:10 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-01 13:10 - 2021-02-01 13:10 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-02-01 13:10 - 2021-02-01 13:10 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-02-01 13:10 - 2021-02-01 13:10 - 000000000 ____D C:\Users\erikc\AppData\Local\mbam
2021-02-01 13:10 - 2021-02-01 13:09 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-01 13:10 - 2021-02-01 13:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-01 13:09 - 2021-02-01 13:09 - 002086424 _____ (Malwarebytes) C:\Users\erikc\Downloads\MBSetup.exe
2021-02-01 13:09 - 2021-02-01 13:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-01 13:09 - 2021-02-01 13:09 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-01 11:50 - 2021-02-01 11:50 - 000000222 _____ C:\Users\erikc\Desktop\HROT.url
2021-01-29 15:05 - 2021-01-29 15:05 - 000159724 _____ C:\Users\erikc\Downloads\200001313234.pdf
2021-01-27 11:29 - 2021-01-27 12:04 - 000000000 ____D C:\Users\erikc\Documents\Stronghold
2021-01-27 11:29 - 2021-01-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold HD [GOG.com]
2021-01-26 23:18 - 2021-02-01 13:08 - 000000000 ____D C:\Users\erikc\AppData\Roaming\HROT
2021-01-26 20:59 - 2021-01-26 19:59 - 186853485 ____N C:\Users\erikc\Downloads\Přednáška8.mp4
2021-01-26 20:59 - 2021-01-26 19:58 - 317374273 ____N C:\Users\erikc\Downloads\Přednáška7.mp4
2021-01-26 20:59 - 2021-01-26 19:57 - 390171003 ____N C:\Users\erikc\Downloads\Přednáška6.mp4
2021-01-26 20:59 - 2021-01-26 19:57 - 318437318 ____N C:\Users\erikc\Downloads\Přednáška5.mp4
2021-01-26 20:57 - 2021-01-26 20:59 - 1212836605 _____ C:\Users\erikc\Downloads\OneDrive_2021-01-26.zip
2021-01-25 18:19 - 2021-01-25 18:19 - 000075730 _____ C:\Users\erikc\Desktop\CV_Kolarova.pdf
2021-01-23 02:10 - 2021-01-23 02:10 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-23 02:10 - 2021-01-23 02:10 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-23 02:09 - 2021-01-23 02:09 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-23 02:09 - 2021-01-23 02:09 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-23 02:09 - 2021-01-23 02:09 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-23 02:09 - 2021-01-23 02:09 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-23 02:08 - 2021-01-23 02:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-23 02:08 - 2021-01-23 02:08 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-23 02:08 - 2021-01-23 02:08 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-23 02:08 - 2021-01-23 02:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-23 02:08 - 2021-01-23 02:08 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-23 02:08 - 2021-01-23 02:08 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-23 02:07 - 2021-01-23 02:07 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-23 02:07 - 2021-01-23 02:07 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-23 02:07 - 2021-01-23 02:07 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-23 02:07 - 2021-01-23 02:07 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-23 02:07 - 2021-01-23 02:07 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-23 02:06 - 2021-01-23 02:06 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-23 02:06 - 2021-01-23 02:06 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-21 19:28 - 2021-01-21 19:30 - 000000000 ____D C:\Users\erikc\Desktop\horory
2021-01-21 18:40 - 2021-01-21 21:27 - 1819726788 _____ C:\Users\erikc\Downloads\Taxi 1 (1998) CZdab.avi
2021-01-21 07:45 - 2021-01-21 07:45 - 039562752 _____ C:\Users\erikc\Downloads\Eukaryotická buňka a její struktury.ppt
2021-01-21 07:33 - 2021-01-21 07:33 - 006575009 _____ C:\Users\erikc\Downloads\PROKARYOTICKÁ-BUŇKA-2.pptx
2021-01-21 07:33 - 2021-01-21 07:33 - 000976384 _____ C:\Users\erikc\Downloads\OBJEV-BUŇKY-A-BUNĚČNÁ-TEORIE.ppt
2021-01-20 11:07 - 2021-01-20 11:07 - 001459331 _____ C:\Users\erikc\Downloads\Prezentace_12 (1).pptx
2021-01-20 11:05 - 2021-01-20 11:05 - 000311834 _____ C:\Users\erikc\Downloads\Prezentace_11.pptx
2021-01-20 10:58 - 2021-01-20 10:58 - 000407337 _____ C:\Users\erikc\Downloads\Prezentace_10 (1).pptx
2021-01-20 10:56 - 2021-01-20 10:56 - 000308570 _____ C:\Users\erikc\Downloads\Prezentace_9 (1).pptx
2021-01-20 10:54 - 2021-01-20 10:54 - 001040738 _____ C:\Users\erikc\Downloads\Prezentace_8 (1).pptx
2021-01-20 10:43 - 2021-01-20 10:43 - 000630906 _____ C:\Users\erikc\Downloads\Prezentace_7 (1).pptx
2021-01-20 10:15 - 2021-01-20 10:15 - 000303860 _____ C:\Users\erikc\Downloads\Prezentace_6 (1).pptx
2021-01-19 18:28 - 2021-01-19 18:28 - 000000000 ____D C:\Users\erikc\Documents\4A Games
2021-01-19 18:26 - 2021-01-19 18:26 - 000000000 ____D C:\Users\erikc\AppData\Local\4A Games
2021-01-19 15:55 - 2021-01-19 15:55 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Blizzard Entertainment
2021-01-19 14:18 - 2021-01-19 14:18 - 001459331 _____ C:\Users\erikc\Downloads\Prezentace_12.pptx
2021-01-19 14:18 - 2021-01-19 14:18 - 000407337 _____ C:\Users\erikc\Downloads\Prezentace_10.pptx
2021-01-19 14:17 - 2021-01-19 14:17 - 001040738 _____ C:\Users\erikc\Downloads\Prezentace_8.pptx
2021-01-19 14:17 - 2021-01-19 14:17 - 000308570 _____ C:\Users\erikc\Downloads\Prezentace_9.pptx
2021-01-19 14:10 - 2021-01-19 14:10 - 000896019 _____ C:\Users\erikc\Downloads\Prezentace_5 (2).pptx
2021-01-19 14:10 - 2021-01-19 14:10 - 000630906 _____ C:\Users\erikc\Downloads\Prezentace_7.pptx
2021-01-19 14:10 - 2021-01-19 14:10 - 000303860 _____ C:\Users\erikc\Downloads\Prezentace_6.pptx
2021-01-18 11:15 - 2021-01-18 11:15 - 000614855 _____ C:\Users\erikc\Downloads\Business Inteligence.apkg
2021-01-18 08:49 - 2021-01-18 08:49 - 000433392 _____ C:\Users\erikc\Downloads\3210060367.pdf
2021-01-16 13:49 - 2021-01-16 13:50 - 017656502 _____ C:\Users\erikc\Downloads\Feeding Frenzy 2.rar
2021-01-16 11:10 - 2021-01-16 11:13 - 000000000 ____D C:\Users\erikc\AppData\Local\MumboJumbo
2021-01-16 11:06 - 2021-01-16 11:06 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Wildfire
2021-01-16 10:48 - 2021-01-16 11:13 - 000000000 ____D C:\Users\erikc\Documents\MumboJumbo
2021-01-16 10:48 - 2021-01-16 10:48 - 000000000 ____D C:\ProgramData\MumboJumbo
2021-01-16 10:43 - 2021-01-16 10:43 - 000000000 ____D C:\ProgramData\Trymedia
2021-01-16 10:41 - 2021-01-16 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MumboJumbo Games
2021-01-16 10:41 - 2021-01-16 11:12 - 000000000 ____D C:\Program Files\MumboJumbo Games
2021-01-15 09:38 - 2021-01-15 09:38 - 000340615 _____ C:\Users\erikc\Downloads\Default.gdb.zip
2021-01-15 06:07 - 2021-01-15 06:07 - 000000000 ____D C:\WINDOWS\Panther
2021-01-14 02:22 - 2021-01-14 02:22 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 02:21 - 2021-01-14 02:21 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 02:21 - 2021-01-14 02:21 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-14 02:21 - 2021-01-14 02:21 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 02:21 - 2021-01-14 02:21 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 02:21 - 2021-01-14 02:21 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 02:20 - 2021-01-14 02:20 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-14 02:20 - 2021-01-14 02:20 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 02:20 - 2021-01-14 02:20 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 02:19 - 2021-01-14 02:19 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 02:19 - 2021-01-14 02:19 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-14 02:19 - 2021-01-14 02:19 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 02:19 - 2021-01-14 02:19 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 02:19 - 2021-01-14 02:19 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-14 02:18 - 2021-01-14 02:18 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 02:18 - 2021-01-14 02:18 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 02:18 - 2021-01-14 02:18 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 02:17 - 2021-01-14 02:17 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 02:17 - 2021-01-14 02:17 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 02:17 - 2021-01-14 02:17 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 02:17 - 2021-01-14 02:17 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 11:58 - 2021-01-13 11:58 - 002250684 _____ C:\Users\erikc\Downloads\bicz092.pptx
2021-01-12 17:54 - 2021-01-12 17:54 - 000028693 _____ C:\Users\erikc\Downloads\výpočty_zkouška_MANAEKO.xlsx
2021-01-11 12:31 - 2021-01-11 12:31 - 000000000 ____D C:\Users\erikc\AppData\Roaming\ScummVM
2021-01-11 12:27 - 2021-01-11 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Curse of Monkey Island™ [GOG.com]
2021-01-11 12:26 - 2021-01-11 12:26 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-01-11 11:57 - 2021-01-11 12:46 - 873365129 _____ C:\Users\erikc\Downloads\Nepotvrdené 665803.crdownload
2021-01-11 10:19 - 2021-01-11 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thechineseroom
2021-01-11 10:16 - 2021-01-11 10:16 - 000000000 ____D C:\Program Files (x86)\thechineseroom
2021-01-10 23:06 - 2021-01-10 23:54 - 872777489 _____ C:\Users\erikc\Downloads\dear_esther-windows-v19-installer_1369715938.rar
2021-01-10 22:34 - 2021-01-10 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Český dabing do hry Dear Esther
2021-01-10 22:33 - 2021-01-10 22:33 - 046852464 _____ C:\Users\erikc\Downloads\dear-esther-cz-dabing.zip
2021-01-10 22:32 - 2021-01-10 22:32 - 000144313 _____ C:\Users\erikc\Downloads\DEcZ.rar
2021-01-10 22:30 - 2021-01-10 22:30 - 000000000 ____D C:\Nový priečinok
2021-01-10 22:26 - 2021-01-10 22:26 - 048601071 _____ (Fénix ProDabing ) C:\Users\erikc\Downloads\FPD Dear Esther.exe
2021-01-10 22:13 - 2021-01-10 22:13 - 000000000 ____D C:\Users\erikc\AppData\LocalLow\The Chinese Room & Robert Briscoe @ LittleLostPoly_co_uk
2021-01-10 21:27 - 2021-01-10 21:27 - 000028736 _____ C:\Users\erikc\Downloads\da (2).xlsx
2021-01-10 16:54 - 2021-01-10 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dear Esther Landmark Edition
2021-01-10 13:00 - 2021-01-10 13:00 - 000339328 _____ C:\Users\erikc\Downloads\42427-Capek_Erik-Capek_Seminarna_praca_Teorie_her_a_ekopnomicke_rozhodovani.xlsx
2021-01-08 15:06 - 2021-01-08 15:07 - 261119781 _____ C:\Users\erikc\Downloads\collection-2020-12-18@12-24-40 (2).colpkg
2021-01-07 13:07 - 2021-01-07 13:07 - 000054019 _____ C:\Users\erikc\Downloads\NKMEK_Zakladni informace_20_21.pptx
2021-01-07 12:27 - 2021-01-07 12:27 - 003050255 _____ C:\Users\erikc\Downloads\manazerska-ekonomika-vsetky-varianty-testov.pdf
2021-01-07 10:28 - 2021-01-07 10:29 - 000000000 ____D C:\Users\erikc\Documents\Moje Spore výtvory
2021-01-07 10:28 - 2021-01-07 10:29 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Spore
2021-01-07 00:26 - 2021-01-07 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore
2021-01-06 21:05 - 2021-01-21 21:47 - 000000000 ____D C:\ProgramData\EA Logs
2021-01-06 21:05 - 2021-01-06 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies
2021-01-06 21:05 - 2021-01-06 21:05 - 000000000 ____D C:\ProgramData\EA Core
2021-01-06 21:02 - 2021-01-06 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2021-01-06 20:57 - 2021-01-06 20:57 - 000048437 _____ C:\Users\erikc\Downloads\Procesní-8-zkrácené.xlsx
2021-01-06 19:45 - 2021-01-06 19:46 - 000000000 ____D C:\Users\erikc\Documents\Battlefield V
2021-01-06 19:45 - 2021-01-06 19:45 - 000000000 ____D C:\Users\erikc\AppData\Local\Battlefield V
2021-01-06 17:08 - 2021-01-06 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield™ V
2021-01-05 10:01 - 2021-01-05 10:01 - 001130741 _____ C:\Users\erikc\Downloads\2019_08_28 Metodika výjimky z BAT Hg (LCP Modul) FINPUB.pdf
2021-01-05 09:24 - 2021-01-05 09:24 - 001106898 _____ C:\Users\erikc\Downloads\IPPR_2010_2_11310_0_203131_0_113272.pdf
2021-01-04 17:15 - 2021-01-04 17:15 - 000000000 ___HD C:\Program Files\Common FilesEAInstaller
2021-01-04 17:15 - 2021-01-04 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1
2021-01-04 14:16 - 2021-01-04 14:16 - 000018806 _____ C:\Users\erikc\Downloads\Seminární-práce-Teorie-Her-Sedláček (1).xlsx
2021-01-04 14:12 - 2021-01-04 14:12 - 000018806 _____ C:\Users\erikc\Downloads\Seminární-práce-Teorie-Her-Sedláček.xlsx
2021-01-04 12:48 - 2021-01-04 12:48 - 004464070 _____ C:\Users\erikc\Downloads\rylkova.z_stelmach.k-ver.02-manazerska_ekonomika_v_prikladech-vydani-2017 (2).pdf
2021-01-04 12:34 - 2021-01-04 12:35 - 000054019 _____ C:\Users\erikc\Downloads\NKMEK_Zakladni_informace_20_21 (1).pptx
2021-01-02 17:31 - 2021-01-02 17:31 - 000929952 _____ C:\Users\erikc\Downloads\Prezentace_1 (5).pptx
2021-01-02 17:31 - 2021-01-02 17:31 - 000929952 _____ C:\Users\erikc\Downloads\Prezentace_1 (4).pptx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-01 15:44 - 2019-06-15 17:42 - 003088795 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2021-02-01 15:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-01 15:22 - 2020-12-25 15:48 - 000000000 ____D C:\Program Files (x86)\Polda6
2021-02-01 15:22 - 2019-02-07 14:27 - 000000000 ____D C:\Program Files (x86)\Rayman Legends
2021-02-01 15:21 - 2020-09-05 05:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-01 13:10 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-01 12:25 - 2019-04-16 21:00 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-01 11:51 - 2017-08-25 18:29 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-01 11:50 - 2017-08-26 09:49 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-31 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-31 16:49 - 2018-05-12 21:19 - 000000000 ____D C:\Users\erikc\Desktop\Bordel
2021-01-31 16:42 - 2017-08-23 14:55 - 000000000 ___RD C:\Users\erikc\OneDrive
2021-01-31 16:37 - 2019-04-18 17:21 - 000000000 ____D C:\Users\erikc\Documents\Assassin's Creed Unity
2021-01-31 00:10 - 2017-08-24 16:52 - 000000000 ____D C:\Users\erikc\AppData\Roaming\qBittorrent
2021-01-30 16:40 - 2017-08-24 22:45 - 000000000 ____D C:\Users\erikc\AppData\Local\Ubisoft Game Launcher
2021-01-30 12:00 - 2020-06-09 22:42 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-29 22:17 - 2017-08-24 22:45 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-01-29 22:14 - 2017-08-23 15:00 - 000000000 ____D C:\ProgramData\Origin
2021-01-29 22:13 - 2020-01-14 18:41 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Origin
2021-01-29 22:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-29 18:23 - 2018-05-17 17:49 - 000000000 ____D C:\Users\erikc\AppData\Local\D3DSCache
2021-01-29 12:05 - 2020-01-10 21:57 - 000000000 ____D C:\Users\erikc\AppData\Local\Origin
2021-01-28 20:28 - 2017-08-23 15:28 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-28 18:55 - 2019-03-01 11:03 - 000000000 ____D C:\Users\erikc\Desktop\GAMES
2021-01-28 14:46 - 2017-11-08 15:53 - 000000000 ____D C:\Users\erikc\AppData\Local\Packages
2021-01-27 17:33 - 2017-09-22 22:47 - 000000000 ____D C:\Users\erikc\AppData\Local\CrashDumps
2021-01-27 15:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-27 11:27 - 2018-01-05 21:35 - 000000000 ____D C:\GOG Games
2021-01-25 19:08 - 2017-08-23 15:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-25 15:16 - 2020-09-05 06:14 - 002637436 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 15:16 - 2020-09-05 01:50 - 000710396 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-25 15:16 - 2020-09-05 01:50 - 000146130 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-25 15:16 - 2017-09-02 15:19 - 000731240 _____ C:\WINDOWS\system32\perfh01B.dat
2021-01-25 15:16 - 2017-09-02 15:19 - 000210414 _____ C:\WINDOWS\system32\perfc01B.dat
2021-01-24 11:20 - 2019-12-03 19:29 - 000000000 ____D C:\Users\erikc\AppData\Local\Vivox
2021-01-23 17:49 - 2020-06-20 07:49 - 000000000 ____D C:\Program Files (x86)\Assassin's Creed Origins
2021-01-23 15:17 - 2020-10-30 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-01-23 15:17 - 2020-10-30 17:18 - 000000000 ____D C:\Riot Games
2021-01-23 15:17 - 2017-08-23 15:02 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-01-23 02:34 - 2020-09-05 05:48 - 000491272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-23 02:34 - 2020-08-01 19:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-23 02:33 - 2020-09-05 06:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-23 02:33 - 2020-09-05 05:48 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-23 02:31 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-23 02:29 - 2020-12-07 09:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-23 02:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-23 02:28 - 2019-12-07 15:41 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-23 02:28 - 2019-12-07 15:41 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-23 02:28 - 2019-12-07 15:41 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-23 02:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-23 02:27 - 2019-05-04 22:30 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Discord
2021-01-23 02:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-22 20:07 - 2020-04-13 15:16 - 000002368 _____ C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-22 20:07 - 2020-04-13 15:16 - 000002360 _____ C:\Users\erikc\Desktop\Microsoft Teams.lnk
2021-01-22 11:50 - 2018-05-27 11:04 - 000000000 ____D C:\games
2021-01-20 15:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-20 13:01 - 2019-05-04 22:30 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-01-20 13:01 - 2019-05-04 22:29 - 000000000 ____D C:\Users\erikc\AppData\Local\Discord
2021-01-19 22:01 - 2017-09-08 11:33 - 000000000 ____D C:\Users\erikc\AppData\Local\Battle.net
2021-01-19 18:10 - 2018-01-13 17:04 - 000000000 ____D C:\Hry
2021-01-19 15:55 - 2017-09-08 11:35 - 000000000 ____D C:\Users\erikc\AppData\Local\Blizzard Entertainment
2021-01-18 12:10 - 2020-01-24 18:48 - 000000000 ____D C:\Users\erikc\AppData\Roaming\Anki2
2021-01-18 08:47 - 2020-09-05 06:23 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-18 08:47 - 2020-09-05 06:23 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-17 16:34 - 2020-09-05 02:38 - 000000000 ____D C:\Users\erikc
2021-01-15 17:21 - 2017-09-08 11:34 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2021-01-15 06:33 - 2020-09-15 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-14 02:17 - 2020-09-05 05:56 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 12:38 - 2017-10-11 16:01 - 000000000 ___RD C:\Users\erikc\3D Objects
2021-01-13 02:20 - 2017-08-23 17:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 02:15 - 2017-08-23 17:07 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-11 12:26 - 2020-05-12 15:28 - 000000000 ____D C:\ProgramData\GOG.com
2021-01-11 10:22 - 2018-01-04 17:33 - 000000000 ____D C:\Users\erikc\AppData\Local\SKIDROW
2021-01-06 21:05 - 2017-08-23 15:34 - 000000000 ____D C:\ProgramData\Electronic Arts
2021-01-06 21:04 - 2018-11-19 18:31 - 000000000 ____D C:\ProgramData\PopCap Games
2021-01-06 17:08 - 2018-06-14 19:05 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2021-01-04 17:38 - 2018-07-30 11:05 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-01-02 15:11 - 2018-11-28 10:52 - 000000000 ____D C:\Users\erikc\Zotero
2021-01-02 13:48 - 2020-12-31 12:17 - 002815094 _____ C:\Users\erikc\Downloads\COVID-19-geographic-disbtribution-worldwide (2).xlsx
==================== Files in the root of some directories ========
2020-12-13 12:05 - 2021-01-26 21:03 - 000000232 _____ () C:\Users\erikc\AppData\Roaming\debug.log
2019-03-21 14:49 - 2002-08-29 18:33 - 000319488 _____ () C:\Users\erikc\AppData\Roaming\MafiaSetup.exe
2019-12-04 15:11 - 2019-12-04 15:11 - 000007602 _____ () C:\Users\erikc\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by erikc (01-02-2021 15:52:50)
Running from C:\Users\erikc\Desktop
Windows 10 Pro Version 20H2 19042.746 (X64) (2020-09-05 05:24:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3540141402-2491340951-2446622603-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3540141402-2491340951-2446622603-503 - Limited - Disabled)
erikc (S-1-5-21-3540141402-2491340951-2446622603-1001 - Administrator - Enabled) => C:\Users\erikc
Guest (S-1-5-21-3540141402-2491340951-2446622603-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3540141402-2491340951-2446622603-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
AMD Product Verification Tool version 1.0.4.8 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.4.8 - AMD)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{81322601-C53F-4D9B-A432-F773DFFE9E43}) (Version: 1.11.22.454 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 1.11.22.454 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.19 - )
Apocalipsis (HKLM-x32\...\Apocalipsis_is1) (Version: - )
ArcGIS Pro (HKLM\...\{612674FE-4B64-4254-A9AD-C31568C89EA4}) (Version: 2.6.24783 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS Pro (HKLM\...\ArcGISPro) (Version: 2.6.24783 - Environmental Systems Research Institute, Inc.)
ARIS EXPRESS (HKLM-x32\...\{49ABE0DF-5BC9-40E8-8996-7A2938BFB5C2}) (Version: 2.4 - Software AG)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
ASUS USB-AC51 WLAN Card Utilities & Driver (HKLM-x32\...\{DDEA12A2-E130-4318-ABE3-8D4E20367E66}) (Version: 1.0.1.6 - ASUS)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.6.4.1728 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.64.43202 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Black Mesa (HKLM-x32\...\Black Mesa EARLY ACCESS_is1) (Version: - Crowbar Collective)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.5.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.8.03052 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{A0BF8512-42C5-4C38-A304-1F0F333543CA}) (Version: 4.8.03052 - Cisco Systems, Inc.) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{4C8D0EC5-51B9-4F7E-94C1-ACCAE55330ED}) (Version: 3.34.161 - Corsair)
Counter-Strike 1.6 (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Counter-Strike 1.6) (Version: - )
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
CPUID HWMonitor Pro 1.40 (HKLM\...\CPUID HWMonitorPro_is1) (Version: 1.40 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Český dabing do hry Dear Esther (HKLM-x32\...\Český dabing do hry Dear Esther) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dead Space™ (HKLM-x32\...\{9789E33B-317A-44B2-AF9A-FF8708AD93E0}) (Version: 3.0.0.222 - Electronic Arts)
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.941.0 - Electronic Arts)
Dear Esther (HKLM-x32\...\Dear Esther_is1) (Version: - )
Dear Esther Landmark Edition (HKLM-x32\...\{E98F70AF-6022-4E84-AC6A-25FA6A870494}) (Version: 1.0.0.0 - Curve Digital)
Discord (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DOOMEternal version final (HKLM-x32\...\DOOMEternal_is1) (Version: final - The)
dr.fone toolkit for Android (Version 8.3.3) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.3.64 - Wondershare Technology Co.,Ltd.)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F.E.A.R. Platinum Collection (HKLM-x32\...\1423058413_is1) (Version: 2.0.0.5 - GOG.com)
Fallout 4 Complete Pack (HKLM-x32\...\Fallout 4 Complete Pack_is1) (Version: 1.7 - Bethesda Softworks)
Flexibooks 4.6.1 (64 bit) (HKLM\...\{D36F5D15-E633-45E7-803B-4FC66F183092}) (Version: 4.6.1 - Fraus Media s.r.o. 2016)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - )
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
Games Manager (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\GamesManager) (Version: 2.16.2.1015 - iWin Inc.)
GeneDoc (HKLM-x32\...\GeneDoc) (Version: - )
Glorious Model D Software (HKLM-x32\...\{4D18F84D-F67A-47B8-B7BB-C2832B1D6C92}_is1) (Version: 1.0.3 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Harry Potter TM (HKLM-x32\...\{3F50AF3B-8997-4916-0095-99D63DDB785A}) (Version: - )
Heroes of Might and Magic V (HKLM-x32\...\{9B22D57A-5338-49A5-AC08-70FE3E8B878B}) (Version: 1.6 - Ubisoft)
Ignition (HKLM-x32\...\1914950878_is1) (Version: 2.0.0.2 - GOG.com)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Jewel Quest Mysteries The Seventh Gate Collectors Edition (HKLM-x32\...\Jewel Quest Mysteries The Seventh Gate Collectors EditionFinal) (Version: Final - AllSmartGames)
Jewel Quest: The Sapphire Dragon -- Collector's Edition (HKLM-x32\...\Jewel Quest: The Sapphire Dragon -- Collector's Edition) (Version: 1.0.0.1 - iWin.com)
KeePass Password Safe 1.36 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.36 - Dominik Reichl)
Kodi (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Kodi) (Version: - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Luxor 2 HD version 12.11.05.0001 (HKLM-x32\...\{9C5E20CE-15E2-46A7-B9F6-A1FA55238646}_is1) (Version: 12.11.05.0001 - Killjoy & Pain, Inc.)
Luxor 2 version 2.0.6.15 (HKLM-x32\...\{B3C5082A-F30E-4783-97BE-69B3DC6F04B9}_is1) (Version: 2.0.6.15 - Pain, Inc.)
Luxor Evolved version 12.02.15.0004 (HKLM-x32\...\{D9D7D5EB-C419-4649-8840-8373EE3F8124}_is1) (Version: 12.02.15.0004 - Killjoy & Pain, Inc.)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{96beb4ed-a553-4319-87a3-e1c63b9f46d1}) (Version: 2.88.802.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool Mobile Recovery for Android version 1.0.1.1 (HKLM\...\{905006A1-C1B1-4544-B897-D3F1CDF10728}_is1) (Version: 1.0.1.1 - MiniTool Solution Ltd.)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Grafický ovládač 456.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.55 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Pohádka o Mrazíkovi, Ivanovi a Nastěnce (HKLM-x32\...\Pohadka) (Version: - )
Polda 5 verze 1.0 (HKLM-x32\...\Polda 5_is1) (Version: 1.0 - )
Polda 6 verze 1.0 (HKLM-x32\...\Polda 6_is1) (Version: 1.0 - Centauri production)
Polda IV (HKLM-x32\...\Polda IV_is1) (Version: - )
Polda V (HKLM-x32\...\Polda V_is1) (Version: - )
Polda verze 1.0 (HKLM-x32\...\{4FCB8F8A-44D0-41D3-851B-DA07D8283966}_is1) (Version: 1.0 - )
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
ProM 6.9 (HKLM-x32\...\ProM 6.9 Regular) (Version: Regular - processmining.org)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
qBittorrent 3.3.15 (HKLM-x32\...\qBittorrent) (Version: 3.3.15 - The qBittorrent project)
RAGE - Complete Edition (HKLM-x32\...\{1CE92F1B-0821-4291-9462-B59170A0965D}) (Version: 1.0.0 - Bethesda Softworks) Hidden
RAGE - Complete Edition (HKLM-x32\...\RAGE - Complete Edition 1.0.0) (Version: 1.0.0 - Bethesda Softworks)
RapidMiner Studio (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\RapidMiner Studio) (Version: 9.5.0.0 - RapidMiner)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG5700 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5700 series) (Version: - Canon Inc.)
Resident Evil 5 Gold Edition version 1.0.0.129 (HKLM-x32\...\Resident Evil 5 Gold Edition_is1) (Version: 1.0.0.129 - Mr DJ)
RetroArch 1.8.6 (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\RetroArch) (Version: 1.8.6 - libretro)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
Sequencher 5.4.6 (HKLM-x32\...\{9063E77B-B332-4750-8374-937D6FCBB888}) (Version: 5.4.6 - Gene Codes Corporation)
Snoopy vs. The Red Baron(TM) version 1.0 (HKLM-x32\...\Snoopy vs. The Red Baron(TM)_is1) (Version: 1.0 - )
Spore™ (HKLM-x32\...\{4BDCC41C-FFE7-40a4-BCB6-B558916868F7}) (Version: 1.7.0.0 - Electronic Arts)
Star Wars JK II Jedi Outcast (HKLM-x32\...\{8681B1E6-CD96-46EF-9065-CE0D1085ED99}) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
Stronghold HD (HKLM-x32\...\1207658712_is1) (Version: 1.41 - GOG.com)
Subnautica (HKLM-x32\...\Subnautica_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.10.5 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.18.0.20 - GOG.com)
Tetris Effect (HKLM-x32\...\Tetris Effect_is1) (Version: - )
The Curse of Monkey Island™ (HKLM-x32\...\1528148981_is1) (Version: 1.0 - GOG.com)
The Longing (HKLM-x32\...\The Longing_is1) (Version: - )
The Simpsons - Hit & Run (HKLM-x32\...\The Simpsons - Hit & Run_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.60.54.1020 - Electronic Arts Inc.)
The Treasures Of Montezuma 2 (HKLM-x32\...\The Treasures Of Montezuma 2) (Version: - Alawar Entertainment Inc.)
This War of Mine verze 1.4.1 (HKLM-x32\...\This War of Mine_is1) (Version: 1.4.1 - 11 bit studios)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Ultima Online Enhanced Client (HKLM-x32\...\Ultima Online Enhanced) (Version: - Electronic Arts)
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VMware Horizon Client (HKLM\...\{E6D407E4-66C9-4D6A-89DD-9A53FCF57BC7}) (Version: 5.2.0.7817 - VMware, Inc.) Hidden
VMware Horizon Client (HKLM-x32\...\{1f396f63-5049-48d6-804f-85d733a67875}) (Version: 5.2.0.7817 - VMware, Inc.)
VMware Horizon HTML5 Multimedia Redirection Client (HKLM\...\{8F183FEA-082F-4718-A196-301359752CAD}) (Version: 7.10.0 - VMware, Inc.) Hidden
VMware Horizon Media Engine 10.0.0.599 (64-bit) (HKLM\...\{A68CBEF3-FADD-425C-8901-A26CFB4938AD}) (Version: 10.0.0.599 - VMware, Inc.) Hidden
VooPoo version 1.5.1.39 (HKLM-x32\...\{1FDBBBBD-8720-42CB-9326-6CF2AE68F8B7}_is1) (Version: 1.5.1.39 - KunShan XW-TEC)
Windows Driver Package - Android USB Driver (WinUSB) AndroidUsbDeviceClass (11/11/2016 11.0.0000.00000) (HKLM\...\4F390F96D29747EB6ED21CEDF0A85F0A52622E03) (Version: 11/11/2016 11.0.0000.00000 - Android USB Driver)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Filmora X(Build 10.0.0.94) (HKLM\...\Wondershare Filmora X_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare Recoverit(Build 8.0.5.24) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 8.0.5.24 - Wondershare Software Co.,Ltd.)
World of Goo (HKLM-x32\...\1421855536_is1) (Version: 2.1.0.2 - GOG.com)
Worms Armageddon (HKLM-x32\...\1462173886_is1) (Version: 2.0.0.2 - GOG.com)
Worms W.M.D. (HKLM-x32\...\1448620034_is1) (Version: 2.0.0.2 - GOG.com)
Worms W.M.D. All Stars Pack (HKLM-x32\...\2041366294_is1) (Version: 2.0.0.2 - GOG.com)
Zimní Hrátky (HKLM-x32\...\Zimní Hrátky) (Version: - )
Zoo Tycoon 2 - Extinct Animals (HKLM-x32\...\{15292416-A464-4FBA-BB96-7298EAACFC07}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zoo Tycoon 2 - Extinct Animals (HKLM-x32\...\InstallShield_{15292416-A464-4FBA-BB96-7298EAACFC07}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoom (HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\ZoomUMX) (Version: 5.3.0 (52670.0921) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 5.0.58 (x86 en-US)) (Version: 5.0.58 - Corporation for Digital Scholarship)
Packages:
=========
Aerial Beaches PREMIUM -> C:\Program Files\WindowsApps\Microsoft.AerialBeachesPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-16] (Microsoft Corporation)
Aerial Iceland PREMIUM -> C:\Program Files\WindowsApps\Microsoft.AerialIcelandPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-17] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1940.2.0_x86__kgqvnymyfvs32 [2021-01-26] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.185.400.0_x86__kgqvnymyfvs32 [2021-01-21] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-04-21] (Canon Inc.)
Cat Expressions -> C:\Program Files\WindowsApps\Microsoft.CatExpressions_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-19] (Microsoft Corporation)
Coastal Germany by Frank Hojenski -> C:\Program Files\WindowsApps\Microsoft.CoastalGermanybyFrankHojenski_1.0.0.0_neutral__8wekyb3d8bbwe [2017-09-14] (Microsoft Corporation)
Color Explosion -> C:\Program Files\WindowsApps\Microsoft.ColorExplosion_1.0.0.0_neutral__8wekyb3d8bbwe [2020-11-05] (Microsoft Corporation)
Dark Skies by Tracy Hymas -> C:\Program Files\WindowsApps\Microsoft.DarkSkiesbyTracyHymas_1.0.0.0_neutral__8wekyb3d8bbwe [2018-02-08] (Microsoft Corporation)
Desert Beauty PREMIUM -> C:\Program Files\WindowsApps\Microsoft.DesertBeautyPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-16] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-22] (Facebook Inc)
Goat Simulator Windows 10 -> C:\Program Files\WindowsApps\DoubleElevenLimited.GoatSimulatorWindows10_1.8.3.2_x64__0hbmw099njyxm [2020-12-27] (Double Eleven Limited)
Halo -> C:\Program Files\WindowsApps\Microsoft.Tomp_1.0.4723.0_x64__8wekyb3d8bbwe [2020-12-27] (Microsoft Studios)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2020-12-27] (Keeper Security Inc)
Mardi Gras Masks -> C:\Program Files\WindowsApps\Microsoft.MardiGrasMasks_1.0.0.0_neutral__8wekyb3d8bbwe [2018-02-08] (Microsoft Corporation)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.3.1.1_x86__h6adky7gbf63m [2021-01-15] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-16] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-21] (NVIDIA Corp.)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2020-12-27] (Plex)
Spiraling Fractals PREMIUM -> C:\Program Files\WindowsApps\Microsoft.SpiralingFractalsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
The Grand Canyon National Park -> C:\Program Files\WindowsApps\Microsoft.TheGrandCanyonNationalPark_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
World National Parks -> C:\Program Files\WindowsApps\Microsoft.WorldNationalParks_1.0.0.0_neutral__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3540141402-2491340951-2446622603-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\erikc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3540141402-2491340951-2446622603-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\erikc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-3540141402-2491340951-2446622603-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9cb6a07d60163933\nvshext.dll [2020-09-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3540141402-2491340951-2446622603-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-27 12:01 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-11-27 12:01 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2020-09-30 14:03 - 2020-09-30 14:03 - 000352256 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ActionsConverters.dll
2020-09-30 13:30 - 2020-09-30 13:30 - 000759808 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyCommands.dll
2020-09-30 13:30 - 2020-09-30 13:30 - 000743936 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyNotifications.dll
2020-09-30 13:29 - 2020-09-30 13:29 - 000537600 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\MobileProto.dll
2020-09-30 13:30 - 2020-09-30 13:30 - 000203776 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ModelHelpers.dll
2020-09-30 13:29 - 2020-09-30 13:29 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2020-09-30 13:29 - 2020-09-30 13:29 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2017-08-25 18:30 - 2014-04-09 05:25 - 000071680 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssmp3.asi
2017-08-25 18:30 - 2014-04-09 05:25 - 000153088 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssvoice.asi
2017-10-22 09:49 - 2010-08-27 12:46 - 000602624 _____ () [File not signed] C:\WINDOWS\System32\SafeQCairoLib64.dll
2017-10-22 09:49 - 2010-09-29 14:13 - 009028096 _____ () [File not signed] C:\WINDOWS\System32\SAFEQVS64.DLL
2018-07-30 11:10 - 2015-01-09 07:45 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2018-07-30 11:10 - 2015-01-09 07:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2018-07-20 18:04 - 2015-03-17 07:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-09-22 14:30 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-09-10 13:52 - 2015-02-27 09:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2017-08-25 18:30 - 2014-05-03 02:16 - 000440320 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mss32.DLL
2017-08-25 18:30 - 2014-04-09 05:25 - 000055296 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mssdsp.flt
2020-08-18 14:10 - 2020-08-18 14:10 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-08-14 17:29 - 2020-12-16 19:33 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-08-14 17:29 - 2020-12-16 19:33 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-09-02 12:55 - 2020-09-02 12:55 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2020-09-02 12:55 - 2020-09-02 12:55 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2020-08-14 17:29 - 2020-12-16 19:33 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-12-16 19:34 - 2020-12-16 19:33 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-09-10 13:52 - 2017-06-21 08:24 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2019-09-10 13:52 - 2017-06-21 08:24 - 000198144 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll
2020-11-27 12:01 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-04-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-04-12] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2018-04-16 18:43 - 000000876 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 view-localhost # view localhost server
2017-12-30 23:12 - 2017-12-30 23:17 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\EasyPHP-DevServer-14.1VC9\binaries\php\php_runningversion;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\erikc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3540141402-2491340951-2446622603-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8F416A57-EB2E-4184-ADB8-551E2A24B5DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{CB26C26E-1CE1-4F9A-A920-17F0E2DBE770}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{7851BDCA-9B43-4150-8C33-DB2D49227AD7}] => (Allow) S:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E5038165-BF6F-416B-AFEA-B016B0901A4E}] => (Allow) S:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6D686139-BD1D-4D1B-B3D3-E8EA676FA03C}] => (Allow) C:\Program Files (x86)\Mr DJ\Resident Evil 5 Gold Edition\Launcher.exe (CAPCOM CO., LTD.) [File not signed]
FirewallRules: [{9541C9DF-065F-447B-AEE2-3B2D731A3C1D}] => (Allow) C:\Program Files (x86)\Mr DJ\Resident Evil 5 Gold Edition\Launcher.exe (CAPCOM CO., LTD.) [File not signed]
FirewallRules: [{76F1ECE2-872A-4AA0-9CBA-E01E3C01DA58}] => (Allow) S:\Hry\AssassinsCreedSyndicate\ACS.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{978592D2-25E5-406E-B283-5A50E7FD089F}] => (Allow) S:\SteamLibrary\steamapps\common\ValveTestApp207490\Rayman Origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{9DC39113-FC6F-43B5-AF85-918795AD7B3E}] => (Allow) S:\SteamLibrary\steamapps\common\ValveTestApp207490\Rayman Origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{E9F1A920-4479-4D33-A5C2-398D3ED2FCB3}] => (Allow) C:\Users\erikc\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{44E85BFA-546C-47C2-B60B-E9C45733972B}] => (Allow) C:\Users\erikc\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{371E56C7-9EC4-4F5E-A411-C478E3C13809}] => (Block) S:\Hry\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{40935129-01F5-424A-B675-654AB65F4DB7}] => (Block) S:\Hry\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{7E78DEDF-1EC1-4BA0-9B3B-46AA7236CFEC}] => (Block) S:\Hry\DOOMEternal\DOOMEternalx64vk.exe (id Software) [File not signed]
FirewallRules: [{EE35A9C4-6183-4DAF-B9BC-E284FF751507}] => (Block) S:\Hry\DOOMEternal\DOOMEternalx64vk +com_skipSignInManager 1.exe => No File
FirewallRules: [{BA6FF8D4-12B3-492C-B1B6-82BB575AE769}] => (Allow) S:\SteamLibrary\steamapps\common\Backbone Prologue\Detective.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{00B7F606-4D1D-4D90-846E-4FC83222BA21}] => (Allow) S:\SteamLibrary\steamapps\common\Backbone Prologue\Detective.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E3CA85CE-7028-4189-B924-0FBDB3AFFC30}] => (Allow) C:\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{987C13C4-1A12-49E6-A782-063C92D40CBF}] => (Allow) C:\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{DFEC4384-5F5A-4AEA-8CEE-687FD292D7CE}] => (Allow) C:\The Sims 4\Game\Bin_LE\TS4.exe => No File
FirewallRules: [{F29771BE-D130-48E9-BCEB-138A2EA7A3F5}] => (Allow) C:\The Sims 4\Game\Bin_LE\TS4.exe => No File
FirewallRules: [{73C40E4B-8671-4532-9F9E-C750AC0D7922}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{7D6AB5AC-83BD-4FED-BD74-E827E226A73D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{9E7FE868-E187-41AC-8457-666D6103BBA0}] => (Allow) S:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{F03C942F-6B35-4E4F-B1E1-5AD338840AE3}] => (Allow) S:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{7C0830B8-7D3C-4721-8BCA-088D26009CD7}] => (Allow) S:\SteamLibrary\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{37E75CF4-EF1C-434D-8D97-8B43B0110E7F}] => (Allow) S:\SteamLibrary\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{E4CE4F28-DAC8-407F-8854-C241F7B89319}] => (Allow) S:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{B150A964-4492-4CE2-8709-FB895A187B97}] => (Allow) S:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{685623FB-8B3E-4DA2-8EC3-4C74C6695B18}] => (Allow) S:\SteamLibrary\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{640EAC3A-3FD4-4652-AB06-25F415FC0777}] => (Allow) S:\SteamLibrary\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{CF4AB286-586D-46F0-B528-EA457CCC156F}] => (Allow) S:\SteamLibrary\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{0F2AE2D5-6020-4B42-90AE-D96F1A0CBF4D}] => (Allow) S:\SteamLibrary\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{BA891F77-3A88-4503-945D-405D0F193786}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{1D852620-95FF-4AA6-A264-7FB7F67E1146}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{79EFCF7A-7F61-4E3C-BC16-88545DB80ADC}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{FF305539-E0A5-4D12-A69C-BD8D29F4E3A0}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{8C35AEA3-6120-411C-84AD-A973FE5D30FE}] => (Allow) S:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe => No File
FirewallRules: [{7FFB22DA-2966-41F7-A700-366B27639883}] => (Allow) S:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe => No File
FirewallRules: [{745DBF62-72FA-493E-ACC1-C460F3B4CD87}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe => No File
FirewallRules: [{406819D5-B9A5-454A-92E2-63976885643C}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe => No File
FirewallRules: [{740EF7C7-C6C7-41CD-BBF1-C4BB77EBF132}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe => No File
FirewallRules: [{823D57D3-1AC5-405E-A473-59ACDD3C0CA2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe => No File
FirewallRules: [{5C530F74-5EA4-42AA-8120-8FE0EBA3CB65}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{F4618E23-B85D-4DD5-8ED4-7FF0CBEC7760}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{C334593F-C820-48BA-A40B-0126E9318C1F}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{9D69C140-716A-4410-9DAB-96E39D85A805}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{B2939C82-8916-4560-A65E-F83C3AF8047C}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe (Electronic Arts, Inc. -> )
FirewallRules: [{E5230A01-4E12-494F-B16A-D236D2527FE4}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe (Electronic Arts, Inc. -> )
FirewallRules: [{541FD3F9-4F79-48D6-8EB6-2AC558124B2E}] => (Allow) C:\Program Files (x86)\Mr DJ\Tom Clancys Splinter Cell Chaos Thheory\System\SPLINTERCELL3.EXE => No File
FirewallRules: [{2AB0EC2D-6D98-44A3-AAF5-CFCFFA289992}] => (Allow) C:\Program Files (x86)\Mr DJ\Tom Clancys Splinter Cell Chaos Thheory\System\SPLINTERCELL3.EXE => No File
FirewallRules: [{2D804EE0-7530-40E7-A705-F991761C6720}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0A6FC896-1E46-404A-8526-892BBD4DA3F4}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4ACAA214-31E6-44B8-906C-3849BC86D241}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [{2597E9A8-3C50-4DFB-8968-1FDBBBAA256E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [{8BFAFC48-2EC3-4071-9867-8825CC3ADD1D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{65D75BE7-5644-4D9B-AB85-940E4BFBE4AB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{09DBD04B-1FC3-4B61-8DB7-FD53F22356F1}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{992C31ED-E50E-41E0-961D-92C298B7964B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{6E2C83ED-2AC3-4C31-9A21-FD057FFD9F9F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{E80CE407-50D6-416D-95A6-1B6E4A58058B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{6D1F7658-6BB6-4FD2-8032-88696C10678F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E9988C7B-3327-4526-9475-7172C0D588B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D972A826-99D5-4CF5-9679-83291C53D720}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{CDB2186E-55FB-4363-9210-6AD1B9C15C5C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{C50A9F1E-0DC7-45E7-A51D-F98DF0E24ECA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{FC57E694-1920-48FD-AB69-C0885FDD51C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{18BF9534-64C4-4E38-888F-0E84FB7CF7ED}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{980275C0-3672-42D5-A654-78F1BBE5DA52}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{3329E35C-0830-4538-B3AB-F77117DEFAEF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B0871973-6229-4A3F-91FE-DCC03E386E8D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{18BBA805-8D76-4DE5-B428-11AD29326052}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{F378A7BF-5181-419C-A1C2-480E2A59BE80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{C044A3F9-B57A-4670-BD31-9D8FD8559597}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{B87B0445-065B-44DA-9D41-218F44075479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{547AEB40-4F2F-4AF2-B82D-018C0C38D8A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe (Obsidian Entertainment, Inc.) [File not signed]
FirewallRules: [{E41B77AE-0AED-4296-AC59-1C70DEAC8460}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe (Obsidian Entertainment, Inc.) [File not signed]
FirewallRules: [{AB48F2C0-2F37-4641-9EE3-A1E3F3266AC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe (Telltale Games) [File not signed]
FirewallRules: [{4CDB7B62-458E-418F-A335-EAC21DE1A76B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe (Telltale Games) [File not signed]
FirewallRules: [{544AE2F4-62EB-426F-9293-D941621A4287}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [{C1A940D4-A987-46CD-A2C2-555AB677A536}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [{D2C23E49-D1C3-4F89-BE02-A328882FE0C9}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{69382621-C421-47B1-BB43-6D10A897A587}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{BD1F64C5-F61C-461E-9181-CF5283640E4C}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe => No File
FirewallRules: [{BA35F0A1-6FF5-4239-8C8B-F1BEDDF25527}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe => No File
FirewallRules: [{0FA5059A-E14A-4EF5-B24B-8E1996E389FB}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe => No File
FirewallRules: [{C4A6F38E-D556-47E0-9270-317CC1B8328A}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe => No File
FirewallRules: [{F9402AFD-BE44-49AB-BFCD-2EDE1EA8FF97}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{515E4DF1-25A0-46E1-82F6-B2F09A1F5E6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{981CDA1A-73E8-4056-A011-2C23A3000544}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{8E608F4D-7D93-4AA0-BD81-72C53FB5AE03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ATLAS\ShooterGame\Binaries\Win64\AtlasGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{86DC58E7-D546-4561-952A-89B433140620}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{786A3D1F-A722-42AA-A8F1-07FC6B60D6C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{7AE211DE-F0DF-45AB-A142-A7B0541E78AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{C61DD992-2357-4112-AA0C-3E6D598917CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E68CB315-ED24-490A-B3B1-683B3F2F3164}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{A1E30164-061B-4300-B938-8640E350E5C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{EBA892DD-8DAE-4FFC-945B-E62E6A267EE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{ECA96765-7964-489A-99E9-2EA480E4B744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{ACFEBACE-F653-4511-B705-6EDF3CDA8B9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rayman Raving Rabbids\CheckApplication.exe (Ubisoft) [File not signed]
FirewallRules: [{4446A0BA-58B0-43B4-B8E8-2AE3B86653DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rayman Raving Rabbids\CheckApplication.exe (Ubisoft) [File not signed]
FirewallRules: [{E53DDB21-822A-425C-B9C0-5C4925EE8A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Finding Nemo\NemoAdv.exe () [File not signed]
FirewallRules: [{0ECBFE25-5076-4273-9B9D-3FB0FBBDDC1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Finding Nemo\NemoAdv.exe () [File not signed]
FirewallRules: [{3BD9A422-35B9-4381-B8E1-53B8254937C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{915F22F2-3FEE-4B87-8BA3-59B297345866}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{627D1DBB-5CD0-4ED1-8915-2A545D97A605}] => (Allow) S:\Hry\Assasin s creed UNITY\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{68E8A1AE-AAC4-4EDD-9AD3-01602FD93675}] => (Allow) S:\Hry\Assasin s creed UNITY\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{F067D500-699C-4466-A279-D350CC3BA113}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe () [File not signed]
FirewallRules: [{E30397E3-EFBC-4C98-BAFB-DF63E846D195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe () [File not signed]
FirewallRules: [{B3180220-7198-4B1A-BF7D-CC8383F280A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pagan Online\Pagan.exe (Mad Head Games doo Novi Sad -> Mad Head Games)
FirewallRules: [{3C5CCCB3-FF7B-44FA-BD93-503052281478}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pagan Online\Pagan.exe (Mad Head Games doo Novi Sad -> Mad Head Games)
FirewallRules: [{79984AB9-50FD-4DBB-B226-2FE4F9464639}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2003D416-C51A-4889-BCD6-4AA770EC9651}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1DAF4326-64AC-45D1-A829-60DBAE40529D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6970DB4C-53EB-44F4-842A-BA32075D51E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BE56847B-0651-45F1-92F2-7BBC71C1D8BB}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe (Electronic Arts, Inc. -> )
FirewallRules: [{BE2C83DE-79AC-4A86-97EB-316EB891CDC3}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe (Electronic Arts, Inc. -> )
FirewallRules: [{1ED50408-46D4-4269-9D4F-B062746AFD24}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{705A9442-0E9F-4A06-A561-07231723E439}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D9D269F1-4474-4AE0-AE88-DCC09805187C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4AB8338-7F09-4D89-BE14-94EA5872C6F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BBFC103B-C427-4E89-9732-E296A04C5389}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FA0C54B6-EB9E-4823-9354-8DAE95948F50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{60B03521-AA19-42C3-9202-3ACA094EFF90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{7F7AD086-DC37-44EC-807F-D1D524044358}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{10D1083B-19B2-4276-BAA4-9A546D229E6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{BE5F7A20-0573-4C9F-9768-EB2EC7BDDB3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{7F686191-DD27-4470-9D1D-F72D54FB4F3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{F8B2D191-F2A7-4676-B1EC-64F5EAA7E38C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{6D95F418-CD10-4870-842E-1B76C28206F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{F6033780-F5DD-4E59-9196-D8760F8FD5AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{B2224EA8-37D3-47E4-BFB0-DB2ADFC0A9D0}] => (Allow) S:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{4E37B2A2-383D-48D9-8265-7E9CE21B9157}] => (Allow) S:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{0E52198A-708B-4B96-842C-E265EDD850EE}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{063A1E6C-0F06-4EFC-8DD8-0CF13BB68A25}] => (Allow) S:\Origin\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{E6BA8E8C-D055-4210-8F51-6F1EBDF2F190}] => (Allow) S:\Origin\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{C42200A4-3FED-45AA-82CA-9FAD3D0D9F18}] => (Allow) S:\Origin\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{B7BEA9C0-6FB2-4FBE-9B65-AC094CD554A3}] => (Allow) S:\Origin\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{DAEE5C60-7B7E-4682-B00F-21099E5843E9}] => (Allow) S:\Origin\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{2A851480-0A52-4294-B059-E7FEE4489466}] => (Allow) S:\Origin\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{98251135-F736-4573-8D6E-A0F50DB7B407}] => (Allow) S:\Origin\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D8373397-669D-4420-AC89-671B08B9045C}] => (Allow) S:\Origin\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D3B1A0E5-CC85-474C-895B-003AAA47C77A}] => (Allow) S:\Origin\Peggle Deluxe\Peggle.exe (Electronic Arts -> )
FirewallRules: [{588AA2E2-1FEC-4B75-984D-5B8E584D6D54}] => (Allow) S:\Origin\Peggle Deluxe\Peggle.exe (Electronic Arts -> )
FirewallRules: [{45710F7D-79BB-49BB-9B89-A3546B3692EC}] => (Allow) S:\Origin\Plants vs. Zombies\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{E29785AA-09DC-4490-9905-2577C974AB67}] => (Allow) S:\Origin\Plants vs. Zombies\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{52163A1C-EF35-47CC-988C-AD302DE4333D}] => (Allow) S:\Origin\Spore\Sporebin\SporeApp.exe (Electronic Arts -> Maxis, a division of Electronic Arts Inc.)
FirewallRules: [{343ACA17-E869-41FB-ABF7-ABFBDE178641}] => (Allow) S:\Origin\Spore\Sporebin\SporeApp.exe (Electronic Arts -> Maxis, a division of Electronic Arts Inc.)
FirewallRules: [{14978C07-1BD8-4BB0-9514-943EEA5D0FBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{CA397D76-7557-458F-8155-178E56E442B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{05BE03F8-DCC6-45B2-AA9D-314A9F087D13}] => (Allow) S:\Origin\Dear Esther\DearEsther.exe (Electronic Arts, Inc. -> )
FirewallRules: [{4964C9D7-1379-49F6-8724-FB650077074E}] => (Allow) S:\Origin\Dear Esther\DearEsther.exe (Electronic Arts, Inc. -> )
FirewallRules: [{E46937B1-0790-419E-9183-1539EB38271B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B3212B0-A103-4BB5-AA7C-9E41C5318DF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1B47870-390A-4A51-B242-ACE911DC013B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DB644A1-A598-468B-8066-E8C3EDFA6DF0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6CDD2E5E-28C9-487C-85A9-641D166F8414}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57DF0CB9-670E-449B-A622-DE2A2A7E4A73}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A07B5085-4565-4D7D-8540-C217C7A08B36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HROT\HROT.exe () [File not signed]
FirewallRules: [{BD2B4BB5-3ED6-4E4A-AC2C-79836E57686A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HROT\HROT.exe () [File not signed]
==================== Restore Points =========================
27-01-2021 12:13:32 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/01/2021 03:31:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wmiprvse.exe, verzia: 10.0.19041.546, časová značka: 0x5da7ab91
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0x80131623
Odstup chyby: 0x00007ffdf5fa200f
Identifikácia chybujúceho procesu: 0x2038
Čas spustenia chybujúcej aplikácie: 0x01d6f8a6f43c006f
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: 090b0fa1-1f3a-4786-b645-7d73f9c2650d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (02/01/2021 03:31:40 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Unexpected exception thrown from the provider:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (02/01/2021 03:31:39 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/01/2021 03:31:39 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (02/01/2021 03:31:39 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (02/01/2021 03:22:35 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (02/01/2021 01:14:26 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (02/01/2021 11:14:17 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
System errors:
=============
Error: (02/01/2021 09:10:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server Microsoft.People_10.1909.12456.0_x64__8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXv1pa150fssxfwf8qn0j65z3gp1qhwkcs.mca did not register with DCOM within the required timeout.
Error: (01/29/2021 09:52:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Error: (01/28/2021 10:25:13 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server Microsoft.Wallet_2.4.18324.0_x64__8wekyb3d8bbwe!App.AppXgvxkrr1tm1jwgecmqbxe81yfbwpjdn1h.mca did not register with DCOM within the required timeout.
Error: (01/28/2021 10:25:13 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server NcsiUwpApp_1000.19041.423.0_neutral_neutral_8wekyb3d8bbwe!App.AppXw175g9nmx2zykh9fyt6xjc0xf8vmj1w6.mca did not register with DCOM within the required timeout.
Error: (01/28/2021 10:25:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby BFE bol dosiahnutý časový limit (30000 ms).
Error: (01/27/2021 11:27:32 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume G:.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (01/27/2021 11:27:32 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume G:.
The exact nature of the corruption is unknown. The file system structures need to be scanned and fixed offline.
Error: (01/26/2021 11:14:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I382RG4)
Description: The server microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2020-12-16 14:09:23.5230000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Name: HackTool:Win32/AutoKMS.E!MSR
ID: 2147743252
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\erikc\AppData\Local\Temp\Rar$DRa4184.40342\Microsoft Office 2010 CZ Professional Plus key aktivátor\Office 2010 Toolkit.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.329.501.0, AS: 1.329.501.0, NIS: 1.329.501.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2020-12-16 14:08:15.3130000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Name: HackTool:Win32/AutoKMS.E!MSR
ID: 2147743252
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\erikc\AppData\Local\Temp\Rar$DRa4184.40342\Microsoft Office 2010 CZ Professional Plus key aktivátor\Office 2010 Toolkit.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.329.501.0, AS: 1.329.501.0, NIS: 1.329.501.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2020-12-16 14:08:07.3370000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Name: HackTool:Win32/AutoKMS.E!MSR
ID: 2147743252
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\erikc\AppData\Local\Temp\Rar$DRa4184.40342\Microsoft Office 2010 CZ Professional Plus key aktivátor\Office 2010 Toolkit.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.329.501.0, AS: 1.329.501.0, NIS: 1.329.501.0
Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2020-11-01 10:51:53.8260000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.251.28.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17600.5
Error code: 0x80240022
Error description: Program nemôže skontrolovať aktualizácie definícií.
CodeIntegrity:
===================================
Date: 2021-02-01 13:11:25.9870000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 13:11:25.6510000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0930000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0910000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0880000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0860000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:58:01.0800000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-01 10:57:57.6750000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2.JM 06/27/2019
Motherboard: Micro-Star International Co., Ltd A320M PRO-VD/S (MS-7A36)
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 51%
Total physical RAM: 16335.2 MB
Available physical RAM: 7968.14 MB
Total Virtual: 20186.66 MB
Available Virtual: 8226.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.35 GB) (Free:86.37 GB) NTFS
Drive g: (USB SanDisk) (Removable) (Total:28.64 GB) (Free:4.4 GB) NTFS
Drive s: (STORAGE ONLY 5400RPM) (Fixed) (Total:931.51 GB) (Free:65.2 GB) NTFS
\\?\Volume{dd92de8b-9156-446a-ab07-5936ad8bcc3f}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{ed6a65ec-6b5f-4e6f-bbc0-808cffd9d5f0}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{21989455-015a-497f-9cc5-552fd85ea617}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E38729AB)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 28.6 GB) (Disk ID: 5D5E30E0)
Partition 1: (Active) - (Size=28.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: 
