VIRY.CZ

Dobrý den,
nejspíše sem někde klikl na něco co jsem neměl a při zapnutí prohlížeče mi vyskakuje záložka se stránkou na Aporasal.net. Zkoušel jsem to nějak smazal v google chrome, ale nenašel jsem to.
Moc Vás teda prosím o radu, jak se toho zbavit a kontrolu logu.
Děkuji.


==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [ZELOTES C-12] => C:\Program Files (x86)\ZELOTES C-12\Monitor.exe [770048 2019-01-23] () [File not signed]
HKLM-x32\...\Run: [V0770Mon.exe] => C:\WINDOWS\V0770Mon.exe
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Run: [Discord] => C:\Users\drEd\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Run: [Steam] => E:\steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952552 2020-11-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\drEd\AppData\Local\Programs\Messenger\Messenger.exe [110793448 2021-04-06] (Facebook, Inc. -> Facebook, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat [2018-02-04] () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2E14EFB0-309E-4794-B7B3-B76BFA2C2FDF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {536680FF-032C-4802-AE57-AE6130731225} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {580E915C-21B4-4EF8-BF97-6B087760B221} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {60704DC3-5F9F-4553-80DA-190FF81CDE55} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {77903F29-A1FA-46BF-9357-B0A295BFD50A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {91AC261D-289B-4BA3-AB4D-15CF8715D485} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A906EEEF-E708-4485-ACEE-F23B584DAC5A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {B0175340-17D9-45B1-A78A-AC82B6363988} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C0A3EC81-FF77-4870-A168-43D12CFD045C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB8E6FEB-1C8B-4E90-BD4F-47E1AAB29C45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {D22E559D-A975-40F0-AD90-26BD81127960} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D2D95BAD-4D4E-4AFA-96FE-28E20A46ED8E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D7408E6B-1F5B-4A46-977A-94D24AF7B378} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {ED1865D0-C53F-4FC4-AC3F-DC3680B77DBF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F68B69AF-CA50-424E-A257-7913287EE857} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 46.28.109.117 master.gamespy.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c80269c4-30e3-4f35-b975-b622b49e8bf1}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\drEd\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-13]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default [2021-04-14]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-29]
CHR Extension: (Dokumenty) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-29]
CHR Extension: (Disk Google) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-29]
CHR Extension: (YouTube) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-29]
CHR Extension: (Tabulky) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Gmail) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-14]
CHR Profile: C:\Users\drEd\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2533952 2021-02-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3479624 2021-02-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13273104 2020-10-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
S3 CtClsFlt; C:\WINDOWS\system32\DRIVERS\CtClsFlt.sys [188408 2015-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-14 11:55 - 2021-04-14 11:56 - 000013090 _____ C:\Users\drEd\Desktop\FRST.txt
2021-04-14 11:55 - 2021-04-14 11:55 - 000000000 ____D C:\FRST
2021-04-14 11:53 - 2021-04-14 11:53 - 002297856 _____ (Farbar) C:\Users\drEd\Desktop\FRST64.exe
2021-04-14 11:43 - 2021-04-14 11:43 - 000388608 _____ (Trend Micro Inc.) C:\Users\drEd\Desktop\hijackthis.exe
2021-04-14 09:26 - 2021-04-14 09:26 - 013534314 _____ C:\Users\drEd\Downloads\Parker.rar
2021-04-14 09:26 - 2021-04-14 09:26 - 000000000 ____D C:\Users\drEd\Downloads\Parker
2021-04-13 17:20 - 2021-04-13 16:28 - 000000000 ____D C:\Windows.old
2021-04-13 17:16 - 2021-04-13 17:20 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-04-13 17:15 - 2021-04-13 17:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-04-13 17:15 - 2021-04-13 17:15 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-04-13 17:13 - 2021-04-13 17:13 - 000000000 ____D C:\ProgramData\ssh
2021-04-13 17:09 - 2021-04-13 17:09 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-04-13 17:09 - 2021-04-13 17:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-04-13 17:09 - 2021-04-13 17:09 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-04-13 17:09 - 2021-04-13 17:09 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-04-13 17:09 - 2021-04-13 17:09 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-04-13 17:09 - 2021-04-13 17:09 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-04-13 17:09 - 2021-04-13 17:09 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-04-13 17:09 - 2021-04-13 17:09 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2021-04-13 17:09 - 2021-04-13 17:09 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-04-13 17:09 - 2021-04-13 17:09 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-04-13 17:09 - 2021-04-13 17:09 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-13 17:08 - 2021-04-13 17:08 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-13 17:08 - 2021-04-13 17:08 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-04-13 17:08 - 2021-04-13 17:08 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-04-13 17:08 - 2021-04-13 17:08 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-04-13 17:08 - 2021-04-13 17:08 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-04-13 17:08 - 2021-04-13 17:08 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-04-13 17:08 - 2021-04-13 17:08 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-04-13 17:08 - 2021-04-13 17:08 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-04-13 17:08 - 2021-04-13 17:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-04-13 17:08 - 2021-04-13 17:08 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-04-13 17:08 - 2021-04-13 17:08 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-04-13 17:08 - 2021-04-13 17:08 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-04-13 17:07 - 2021-04-13 17:07 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-04-13 17:07 - 2021-04-13 17:07 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-04-13 17:07 - 2021-04-13 17:07 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-04-13 17:07 - 2021-04-13 17:07 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-04-13 17:07 - 2021-04-13 17:07 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-04-13 17:07 - 2021-04-13 17:07 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\Program Files\MSBuild
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-04-13 16:30 - 2021-04-14 11:48 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-13 16:30 - 2021-04-13 16:30 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-04-13 16:28 - 2021-04-14 11:41 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-04-13 16:28 - 2021-04-14 11:41 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-04-13 16:28 - 2021-04-14 11:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-13 16:28 - 2021-04-13 16:28 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-04-13 16:28 - 2021-04-13 16:28 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-04-13 16:28 - 2021-04-13 16:28 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-13 16:28 - 2021-04-13 16:28 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-13 16:28 - 2021-04-13 16:28 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-13 16:28 - 2021-04-13 16:28 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-13 16:28 - 2021-04-13 16:28 - 000003042 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-13 16:28 - 2021-04-13 16:28 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2407153952-1791725706-3334685836-1001
2021-04-13 16:28 - 2021-04-13 16:28 - 000002388 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-04-13 16:28 - 2021-04-13 16:28 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-04-13 16:28 - 2021-04-13 16:28 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-04-13 16:28 - 2021-04-13 16:28 - 000000020 ___SH C:\Users\drEd\ntuser.ini
2021-04-13 16:28 - 2021-04-13 16:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-04-13 16:21 - 2021-04-13 16:28 - 000000000 ____D C:\Users\drEd
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Šablony
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Soubory cookie
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Poslední
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Okolní tiskárny
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Okolní síť
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Nabídka Start
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Dokumenty
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Documents\Obrázky
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Documents\Hudba
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Documents\Filmy
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Data aplikací
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\AppData\Local\Data aplikací
2021-04-13 16:21 - 2019-12-07 11:10 - 000001105 _____ C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-13 16:20 - 2021-04-14 11:41 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-13 16:20 - 2021-04-14 10:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-13 16:20 - 2021-04-13 16:20 - 000444936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-13 12:42 - 2021-04-13 14:48 - 2274557952 _____ C:\Users\drEd\Downloads\Vietcong-(Zlatá-edice).iso
2021-04-13 12:33 - 2021-04-13 12:33 - 004285100 _____ C:\Users\drEd\Downloads\(wf)starwarsMaze.rar
2021-04-13 09:12 - 2021-04-13 09:12 - 000000000 ____D C:\ProgramData\Caphyon
2021-04-13 09:11 - 2021-04-13 09:12 - 000000000 ____D C:\Program Files (x86)\Warcraft III - The Frozen Throne
2021-04-13 09:10 - 2021-04-13 09:10 - 000000000 ___HD C:\$AV_ASW
2021-04-13 09:08 - 2021-04-13 09:08 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Blizzard
2021-04-12 18:15 - 2021-04-12 18:15 - 000009397 _____ C:\Users\drEd\Desktop\hry.xlsx
2021-04-12 17:33 - 2021-04-12 17:34 - 318974275 _____ C:\Users\drEd\Downloads\Čeština do Age of Empires II Definitive Edition 1.13.rar
2021-04-07 16:41 - 2021-04-13 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CZC
2021-04-07 16:41 - 2021-04-07 16:41 - 000000000 ____D C:\Program Files (x86)\CZC
2021-04-05 15:31 - 2021-04-13 16:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-05 15:24 - 2021-04-05 15:24 - 000000000 ___HD C:\$WinREAgent
2021-03-25 17:22 - 2021-03-25 17:22 - 007180024 _____ (FastStone Soft) C:\Users\drEd\Downloads\FSViewerSetup75.exe
2021-03-25 15:09 - 2021-03-25 15:09 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-25 15:09 - 2021-03-25 15:09 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-03-23 14:00 - 2021-03-23 14:00 - 000000695 _____ C:\Users\drEd\Desktop\vietcong_old – zástupce.lnk
2021-03-23 13:53 - 2021-03-23 13:53 - 002017840 _____ C:\Users\drEd\Downloads\vcstarterv1.65.1_cz.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-14 11:58 - 2020-12-14 13:47 - 000000000 ____D C:\Users\drEd\AppData\Local\Messenger
2021-04-14 11:57 - 2020-12-14 13:47 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Messenger
2021-04-14 11:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-14 11:53 - 2020-10-29 17:50 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-14 11:48 - 2019-12-07 16:43 - 000716726 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-14 11:48 - 2019-12-07 16:43 - 000144904 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-14 11:45 - 2020-10-29 17:41 - 000000000 ____D C:\Users\drEd\AppData\Local\ClassicShell
2021-04-14 11:43 - 2020-10-29 16:58 - 000000000 ____D C:\Users\drEd\AppData\Local\VirtualStore
2021-04-14 11:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-14 11:41 - 2020-11-23 11:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-14 11:41 - 2020-10-29 17:03 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-04-14 11:41 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-14 09:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-14 00:05 - 2020-11-11 21:00 - 000000000 ____D C:\Users\drEd\AppData\Roaming\TS3Client
2021-04-13 23:44 - 2020-10-29 17:14 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-13 18:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-13 17:26 - 2020-10-29 17:00 - 000000000 ____D C:\Users\drEd\AppData\Local\PlaceholderTileLogoFolder
2021-04-13 17:20 - 2021-01-03 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II
2021-04-13 17:20 - 2020-11-12 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2021-04-13 17:20 - 2020-11-10 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-04-13 17:20 - 2020-11-02 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2021-04-13 17:20 - 2020-10-30 15:40 - 000000000 ____D C:\Program Files\UNP
2021-04-13 17:20 - 2020-10-29 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-13 17:20 - 2020-10-29 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-04-13 17:20 - 2020-10-29 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-04-13 17:20 - 2020-10-29 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2021-04-13 17:20 - 2020-10-29 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-04-13 17:20 - 2020-10-29 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-04-13 17:20 - 2020-10-29 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZELOTES C-12
2021-04-13 17:20 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-04-13 17:20 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-13 17:20 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-04-13 17:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-04-13 17:16 - 2020-11-06 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line 6
2021-04-13 17:16 - 2020-10-29 17:03 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-04-13 17:13 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-04-13 17:13 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-13 17:13 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-13 17:13 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-04-13 17:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-04-13 17:12 - 2019-12-07 16:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-04-13 17:12 - 2019-12-07 16:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-04-13 16:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-04-13 16:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-04-13 16:45 - 2020-10-29 16:58 - 000000000 ____D C:\Users\drEd\AppData\Local\Packages
2021-04-13 16:45 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-04-13 16:29 - 2020-10-29 17:06 - 000000000 ____D C:\ProgramData\Packages
2021-04-13 16:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-13 16:28 - 2020-10-29 17:05 - 000000000 ____D C:\Users\drEd\AppData\Local\D3DSCache
2021-04-13 16:28 - 2020-10-29 16:58 - 000000000 ___RD C:\Users\drEd\3D Objects
2021-04-13 16:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-13 16:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-13 16:28 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-04-13 16:28 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-04-13 16:28 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-13 16:25 - 2020-11-12 23:06 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-13 16:22 - 2021-02-10 10:56 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2021-04-13 16:22 - 2020-11-21 15:43 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2021-04-13 16:22 - 2020-10-29 19:08 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-13 16:22 - 2020-10-29 18:24 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-04-13 16:22 - 2020-10-29 17:44 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-04-13 15:46 - 2020-11-21 15:42 - 000000000 ____D C:\Users\drEd\AppData\Local\JDownloader 2.0
2021-04-13 08:58 - 2020-11-01 12:57 - 000000000 ____D C:\Users\drEd\AppData\Local\CrashDumps
2021-04-12 20:18 - 2020-10-29 17:00 - 000000000 ___RD C:\Users\drEd\OneDrive
2021-04-12 20:00 - 2020-10-29 17:44 - 000000000 ____D C:\Users\drEd\AppData\Roaming\discord
2021-04-11 15:13 - 2020-11-10 15:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-06 10:21 - 2020-12-14 13:47 - 000002324 _____ C:\Users\drEd\Desktop\Messenger.lnk
2021-04-06 10:21 - 2020-11-11 18:56 - 000011415 _____ C:\Users\drEd\Desktop\platby zk.xlsx
2021-04-06 10:10 - 2020-12-03 18:54 - 000011127 _____ C:\Users\drEd\Desktop\vánoce2020.xlsx
2021-04-05 16:19 - 2020-10-29 20:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-25 15:09 - 2020-10-29 17:51 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-03-25 15:08 - 2020-10-29 17:51 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-03-25 15:08 - 2020-10-29 17:51 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-03-25 15:08 - 2020-10-29 17:51 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-03-25 15:08 - 2020-10-29 17:51 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-03-23 02:28 - 2020-10-29 20:17 - 000916304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-03-23 02:28 - 2020-10-29 20:17 - 000437072 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-03-22 11:48 - 2020-10-29 18:27 - 000000000 ____D C:\Users\drEd\AppData\Local\Battle.net

==================== Files in the root of some directories ========

2020-11-01 13:12 - 2020-11-01 13:12 - 018081280 _____ (Luigi Auriemma, e-mail: me@aluigi.org, web: aluigi.org) C:\Users\drEd\AppData\Roaming\extractor.exe
2021-02-09 15:48 - 2021-02-09 15:48 - 000000099 _____ () C:\Users\drEd\AppData\Roaming\LauncherSettings_live.cfg
2020-11-01 13:12 - 2020-11-01 13:12 - 000008999 _____ () C:\Users\drEd\AppData\Roaming\script.bms
2021-02-09 15:42 - 2021-02-09 15:42 - 000002577 _____ () C:\Users\drEd\AppData\Roaming\TheHunterSettings_live.bin
2020-11-12 23:48 - 2020-11-12 23:48 - 000003584 _____ () C:\Users\drEd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-06 18:18 - 2020-11-06 18:19 - 000000071 _____ () C:\Users\drEd\AppData\Local\userPresetInfo.json

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-04-2021
Ran by drEd (14-04-2021 11:59:04)
Running from C:\Users\drEd\Desktop
Windows 10 Pro Version 20H2 19042.867 (X64) (2021-04-13 14:28:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2407153952-1791725706-3334685836-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2407153952-1791725706-3334685836-503 - Limited - Disabled)
drEd (S-1-5-21-2407153952-1791725706-3334685836-1001 - Administrator - Enabled) => C:\Users\drEd
Guest (S-1-5-21-2407153952-1791725706-3334685836-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2407153952-1791725706-3334685836-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ableton Live 9 Suite (HKLM\...\{7AF3ACA2-C6F3-4D19-B8D4-72D45CC240B4}) (Version: 9.0.0.0 - Ableton)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.9.1 - Advanced Micro Devices, Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CZC Guardian GK950 (HKLM-x32\...\CZC Guardian GK950_is1) (Version: 1.0 - CZC.cz s.r.o.)
Discord (HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.128 - Google LLC)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Line 6 Spider V Remote Uninstaller (HKLM-x32\...\Line 6 Spider V Remote Uninstaller) (Version: 2.00 - Line 6)
Live! Cam Sync HD VF0770 Driver (1.00.07.00) (HKLM\...\Creative VF0770) (Version: - Creative Technology Ltd.)
Messenger 97.11.116 (HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 97.11.116 - Facebook, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.75 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E6BD8D0F-BA0D-4A4B-A5A8-C74DEB8365F9}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.93.46608 - Electronic Arts, Inc.)
Port Royale 2 (HKLM-x32\...\Port Royale 2) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Skype verze 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.11.6 - TeamViewer)
Warcraft III - The Frozen Throne v1.26 (HKLM-x32\...\Warcraft III - The Frozen Throne v1.26 1.26) (Version: 1.26 - Blizzard)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
ZELOTES C-12 (HKLM-x32\...\{AC33C3DF-FE4C-4DE5-B72F-20271845456D}_is1) (Version: 1.0 - )

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-04-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-04-13] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 [2021-04-05] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-06 10:21 - 2021-04-06 00:08 - 054230528 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\addon.node
2021-04-06 10:21 - 2021-04-06 00:08 - 000763392 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\keytar.node
2021-04-06 10:21 - 2021-04-06 00:08 - 000750080 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\logging.node
2021-04-06 10:21 - 2021-04-06 00:08 - 001037824 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\spellchecker_win.node
2021-04-06 10:21 - 2021-04-06 00:08 - 001218560 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\systeminfo.node
2021-04-06 10:21 - 2021-04-06 00:08 - 000681984 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\windows.ui.notifications.node
2020-10-29 17:10 - 2015-05-08 14:26 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2020-10-29 17:10 - 2021-04-14 11:41 - 000033792 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2020-10-29 17:30 - 2018-08-06 19:06 - 000049152 _____ () [File not signed] C:\Program Files (x86)\ZELOTES C-12\hiddriver.dll
2020-10-29 17:30 - 2018-11-02 15:22 - 000057344 _____ () [File not signed] C:\Program Files (x86)\ZELOTES C-12\lan.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-09-09 21:49 - 2020-09-09 21:49 - 001583104 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2021-01-03 14:59 - 2021-01-03 14:59 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Origin\LIBEAY32.dll
2021-01-03 14:59 - 2021-01-03 14:59 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Origin\ssleay32.dll
2021-01-03 14:59 - 2021-01-03 14:59 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\Origin\platforms\qwindows.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Core.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Gui.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 001179136 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Network.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 000146432 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5WebSockets.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Widgets.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Xml.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-09-09 21:57 - 2020-09-09 21:57 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-09-09 21:57 - 2020-09-09 21:57 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2021-03-23 13:59 - 000000858 _____ C:\WINDOWS\system32\drivers\etc\hosts
46.28.109.117 master.gamespy.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\drEd\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\kai-oberhauser-UnWYxJ_0WnM-unsplash.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "V0770Mon.exe"
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{CB4CF2DC-32C8-49C5-90EE-614F9E3758F1}G:\games\vietcong\vcded.exe] => (Allow) G:\games\vietcong\vcded.exe () [File not signed]
FirewallRules: [TCP Query User{9E24B78E-D80A-420F-AC56-02A4D0CA0873}G:\games\vietcong\vcded.exe] => (Allow) G:\games\vietcong\vcded.exe () [File not signed]
FirewallRules: [UDP Query User{EBB44F8E-E096-4191-862B-E3F825F32571}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{42C39D80-4AE3-415A-BBE4-128DD6E8B8F8}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{EF347867-E5F3-4637-9A0E-5C49C76637FA}E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable - cz\empires2.exe] => (Allow) E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable - cz\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{4341F791-F620-4ED8-B638-1F1C12A333CB}E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable - cz\empires2.exe] => (Allow) E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable - cz\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{3F506879-2198-4696-A914-A80D42B12B73}E:\q3a\quake3\quake3.exe] => (Allow) E:\q3a\quake3\quake3.exe => No File
FirewallRules: [TCP Query User{466EEC3D-D6AB-4B99-B1C7-6204C5CD35CD}E:\q3a\quake3\quake3.exe] => (Allow) E:\q3a\quake3\quake3.exe => No File
FirewallRules: [UDP Query User{C356EC9A-89BE-457D-96F0-FF34B3C2A001}E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable en, cz + voobly mods + patches\empires2.exe] => (Allow) E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable en, cz + voobly mods + patches\empires2.exe => No File
FirewallRules: [TCP Query User{9774D12C-60EA-4703-9D95-48896AF3FA5E}E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable en, cz + voobly mods + patches\empires2.exe] => (Allow) E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable en, cz + voobly mods + patches\empires2.exe => No File
FirewallRules: [{B5AD51A4-241B-4F98-91B8-E10E4F85E58C}] => (Allow) E:\steam\steamapps\common\theHunter\launcher\launcher.exe (Expansive Worlds AB -> Expansive Worlds)
FirewallRules: [{8B425BEA-D9BA-4948-B3CB-3781D300E29A}] => (Allow) E:\steam\steamapps\common\theHunter\launcher\launcher.exe (Expansive Worlds AB -> Expansive Worlds)
FirewallRules: [{5CF43797-5621-4334-A3A0-B11732C146E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36F1F43F-66CB-4855-A1F8-1DBC050C11C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AFAB59FA-B52D-484C-9824-B5C90B0D612C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1CFF5F34-F9A3-428E-899D-B5E66FE958DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6518FA99-7A05-47A9-9A0D-3D9B03C7878E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE7DD9F9-A42D-4ED1-9192-3E2A01E30454}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC7D3DA3-8605-4575-8CA0-A2365B0E12F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0CC00A0-FFF8-4438-A0CA-6FEB3180E614}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41474BF7-2C62-4EA2-AC2C-0C8507CD9295}] => (Allow) E:\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{5A6787F9-1F25-4F5F-9FAA-CD63577AA210}] => (Allow) E:\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [UDP Query User{9AA41EB4-4906-4EEC-9E64-5A15008DED8D}G:\games\vietcong\vietcong_old.exe] => (Allow) G:\games\vietcong\vietcong_old.exe () [File not signed]
FirewallRules: [TCP Query User{31B0B19C-EB2A-4A50-BDB0-633CB7125267}G:\games\vietcong\vietcong_old.exe] => (Allow) G:\games\vietcong\vietcong_old.exe () [File not signed]
FirewallRules: [{09154272-5643-45EB-97A2-BB7A9325F375}] => (Allow) E:\steam\steamapps\common\Pilgrims\Pilgrims.exe () [File not signed]
FirewallRules: [{81004E48-143D-43E1-B3EF-FAAC5468C805}] => (Allow) E:\steam\steamapps\common\Pilgrims\Pilgrims.exe () [File not signed]
FirewallRules: [{B6A80648-BE7F-4C16-B8AC-E2ABA43995E2}] => (Allow) E:\steam\steamapps\common\Artifact 2.0\game\bin\win64\dcg.exe (Valve -> Valve Software)
FirewallRules: [{D36F8408-CCCD-4FCE-AF06-993DA5864A09}] => (Allow) E:\steam\steamapps\common\Artifact 2.0\game\bin\win64\dcg.exe (Valve -> Valve Software)
FirewallRules: [{5A669738-1456-4D4F-824B-67AB3E7895AC}] => (Allow) E:\steam\steamapps\common\Northgard\ng32\Northgard.exe () [File not signed]
FirewallRules: [{D09C34EA-7C81-4299-85E6-F43A56F78B57}] => (Allow) E:\steam\steamapps\common\Northgard\ng32\Northgard.exe () [File not signed]
FirewallRules: [{EE1927F3-28E6-47DE-AC0D-C90962BDD395}] => (Allow) E:\steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe () [File not signed]
FirewallRules: [{30C2CFBA-FE57-4623-B0C6-423121C93289}] => (Allow) E:\steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe () [File not signed]
FirewallRules: [{ACDFB40F-A3F9-459A-B8E7-E95B79237F98}] => (Allow) E:\steam\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{2CD53C63-79EF-4808-AD3B-05949B1C3CE6}] => (Allow) E:\steam\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [UDP Query User{9FB50C1E-60E2-43F0-B47B-13A2FBD06D9A}E:\steam\steamapps\common\thqbcnp1\gothicremake\binaries\win64\gothicremake.exe] => (Allow) E:\steam\steamapps\common\thqbcnp1\gothicremake\binaries\win64\gothicremake.exe => No File
FirewallRules: [TCP Query User{03A7E6B4-0A47-4172-8E9E-6748DF5E6F57}E:\steam\steamapps\common\thqbcnp1\gothicremake\binaries\win64\gothicremake.exe] => (Allow) E:\steam\steamapps\common\thqbcnp1\gothicremake\binaries\win64\gothicremake.exe => No File
FirewallRules: [{6C41067E-C2EF-469B-9B9C-F5BF3F33FAD2}] => (Allow) E:\steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{5934A774-C8CA-4A0E-8211-DD65EA2383D1}] => (Allow) E:\steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{38D71575-0B8F-4E20-AA9A-798078C08C4C}] => (Allow) E:\steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{F82C9327-5B9A-459F-BF12-5DBFF80E0C66}] => (Allow) E:\steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [UDP Query User{CF021F33-AD1F-479D-BD5C-043764C8F064}E:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe] => (Allow) E:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [TCP Query User{7E433A6E-09EA-4581-A4CC-1F3ABE45E330}E:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe] => (Allow) E:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [UDP Query User{7573565E-2FF3-4B52-BFD7-82659FF2DA3C}E:\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) E:\steam\steamapps\common\thehunter\game\thehunter.exe (Expansive Worlds AB -> Expansive Worlds)
FirewallRules: [TCP Query User{0DD7450D-AD82-4026-AB1B-0A9E84002219}E:\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) E:\steam\steamapps\common\thehunter\game\thehunter.exe (Expansive Worlds AB -> Expansive Worlds)
FirewallRules: [{BE4E8610-A821-4171-9ADE-0854DB6B235D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F63B5CDA-A37B-4CB6-8BC4-FAE8348CA045}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A76D0194-8BE9-45F4-80C8-0577CC599236}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AB3D9BE-3B0C-4554-8A90-617F22D88BF0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95F933BB-137C-49E2-AF7E-ADFEF52354DD}] => (Allow) E:\steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{978C0327-572B-4723-A53C-659EA73CA8BD}] => (Allow) E:\steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{3B9A09BC-918D-42EA-B10D-D65617DB0C7B}] => (Allow) E:\steam\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe (Archaic Entertainment Ltd.) [File not signed]
FirewallRules: [{2A8EEC5C-6852-45F5-B970-C2545D63CD38}] => (Allow) E:\steam\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe (Archaic Entertainment Ltd.) [File not signed]
FirewallRules: [{74BC6CBD-89A0-4DB4-BE8B-F5E1BE5B36C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2B52897D-31DD-4B6B-9A88-66479D533BD4}E:\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) E:\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [TCP Query User{F2D175C4-658F-4EA7-A650-198CB296F899}E:\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) E:\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [{C4AABE67-CCF7-4B00-95F1-740594A23F0F}] => (Allow) E:\OriginLibrary\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{CCAA83FA-E28E-4314-9C9C-6BD2B3473857}] => (Allow) E:\OriginLibrary\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{239F2F54-BB63-4FCB-9AE6-D1432C46F7F8}] => (Allow) E:\OriginLibrary\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{7C170081-181E-42EC-B5A7-7A6BC3024D0B}] => (Allow) E:\OriginLibrary\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{3D37E846-D11B-40C1-BBC0-9E80C1F98829}] => (Allow) E:\steam\steamapps\common\Robin Hood\Game.exe (Spellbound Studios GmbH) [File not signed]
FirewallRules: [{1D50399A-1E60-4137-AA86-CE5E9EEBEC51}] => (Allow) E:\steam\steamapps\common\Robin Hood\Game.exe (Spellbound Studios GmbH) [File not signed]
FirewallRules: [{E4E8B490-918D-4F5F-A2CD-2386CBCE2982}] => (Allow) E:\steam\steamapps\common\ValveTestApp207490\Rayman Origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{A8524174-1DB4-424C-B6C4-B2EB1DD168CF}] => (Allow) E:\steam\steamapps\common\ValveTestApp207490\Rayman Origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{2A085253-53A0-4C10-9202-8F212532ECBC}] => (Allow) E:\steam\steamapps\common\Equilinox\EquilinoxWindows32.exe () [File not signed]
FirewallRules: [{731AFBEF-7937-4214-805F-201721A51960}] => (Allow) E:\steam\steamapps\common\Equilinox\EquilinoxWindows32.exe () [File not signed]
FirewallRules: [{A00F39C7-5F16-49AE-8A3A-98C89A231497}] => (Allow) E:\steam\steamapps\common\Darksburg\Darksburg.exe () [File not signed]
FirewallRules: [{C60D10CD-27BB-4FBB-B1E3-077747A5BB48}] => (Allow) E:\steam\steamapps\common\Darksburg\Darksburg.exe () [File not signed]
FirewallRules: [{5AA37365-5D90-417C-83E4-12F98FAF7D12}] => (Allow) E:\steam\steamapps\common\Gallic Wars Battle Simulator\GallicWars.exe () [File not signed]
FirewallRules: [{71A3A575-4958-4386-84AB-F01E68F6C79D}] => (Allow) E:\steam\steamapps\common\Gallic Wars Battle Simulator\GallicWars.exe () [File not signed]
FirewallRules: [UDP Query User{813F139C-F306-46B7-9CC7-013A1F910765}E:\steam\steamapps\common\quake live\quakelive_steam.exe] => (Allow) E:\steam\steamapps\common\quake live\quakelive_steam.exe (id Software Inc.) [File not signed]
FirewallRules: [TCP Query User{8C0E74C0-14AB-4AB1-BC1A-6A5D12238533}E:\steam\steamapps\common\quake live\quakelive_steam.exe] => (Allow) E:\steam\steamapps\common\quake live\quakelive_steam.exe (id Software Inc.) [File not signed]
FirewallRules: [{7BF165CC-A8E0-415C-8134-EC5AC379A06E}] => (Allow) E:\steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{B6B967B9-B867-4942-B79E-6816472EBC8E}] => (Allow) E:\steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{A5B82005-C570-46ED-84A0-D16F57B385C5}] => (Allow) E:\steam\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [{FED93F88-AE62-4EBE-B309-963376CAF570}] => (Allow) E:\steam\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [UDP Query User{B41A4470-055B-4748-86E1-6CBC6DC43A14}E:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{41A10ED3-AAAD-45E3-B73E-C0BDE9A16F39}E:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{207C880C-E150-41C9-900F-A45C6FD77B45}C:\users\dred\downloads\fullc_041120.exe] => (Allow) C:\users\dred\downloads\fullc_041120.exe (AN-D.cz) [File not signed]
FirewallRules: [TCP Query User{CB6748F9-729D-440A-9F2A-704AE7012425}C:\users\dred\downloads\fullc_041120.exe] => (Allow) C:\users\dred\downloads\fullc_041120.exe (AN-D.cz) [File not signed]
FirewallRules: [{1402370D-0318-48D5-8873-93104909A5C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C6AE8C31-6184-4D70-962A-CFD6AF86F3B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{48078CDB-2E64-480F-BE68-4C828FD880CC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FDCA43CA-EEF4-4BD1-A63C-23F2143829B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{673071CB-6E40-4C59-9D60-7C51D9C91D1F}] => (Allow) E:\steam\steamapps\common\Company of Heroes Relaunch\AutoUpdater.exe (Home) [File not signed]
FirewallRules: [{39B21B31-5DE6-49D4-9984-0A3AB81A51C0}] => (Allow) E:\steam\steamapps\common\Company of Heroes Relaunch\AutoUpdater.exe (Home) [File not signed]
FirewallRules: [{597C5CE6-05B6-460A-89E9-A6F460A9131D}] => (Allow) E:\steam\steamapps\common\ToothAndTail\ToothAndTail.exe (Pocketwatch Games) [File not signed]
FirewallRules: [{4DC5886A-0228-43E3-BAAA-9CA78CFB474A}] => (Allow) E:\steam\steamapps\common\ToothAndTail\ToothAndTail.exe (Pocketwatch Games) [File not signed]
FirewallRules: [{F6FC99FF-8270-47DA-B316-48D172E38EBC}] => (Allow) E:\steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{AB8AD405-ADCB-4A7C-BF08-C9C2E3E7587E}] => (Allow) E:\steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{A562FA1C-354F-4FE1-8D40-12CE14CAC1E7}] => (Allow) E:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{75512151-E20F-4221-99F8-EEE21723F6F2}] => (Allow) E:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{B719E24D-F77B-4794-BD75-F7C34880CFC1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6975869-6CF7-420E-9A1F-5E639BC42F7E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{10CB0D32-0CD1-4869-8E71-99DE05A98D49}] => (Allow) E:\steam\steamapps\common\Driver Booster 6 for Steam\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{FA276397-9E2D-4F39-A9EA-8BC26E2E2198}] => (Allow) E:\steam\steamapps\common\Driver Booster 6 for Steam\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{41C30779-9D83-455C-9C61-5E799A71A80E}] => (Allow) E:\steam\steamapps\common\Call of War\Call of War.exe (Bytro Labs GmbH) [File not signed]
FirewallRules: [{4B5778D2-F902-4AFD-B31B-3FC56357794C}] => (Allow) E:\steam\steamapps\common\Call of War\Call of War.exe (Bytro Labs GmbH) [File not signed]
FirewallRules: [{E45FC1A5-5819-4503-B182-AAE6E09509D2}] => (Allow) E:\steam\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{AFCF63E0-D941-4BCA-8347-5834EA4692BB}] => (Allow) E:\steam\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{5CA42AE6-E72A-43BD-A4F4-777179FBC70F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B3B858EE-53CD-4F92-8B28-1908BB21AF87}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CAE08B67-5126-4FF0-9F69-C2570A18C18B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{533D7BA7-4012-42F8-BBB0-27A149C72F86}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A80F8F3-66ED-482C-82F3-ED93727976F7}] => (Allow) E:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2E69AB14-E06A-48BE-9863-C6C0F765BCDC}] => (Allow) E:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B15887EE-A8E5-4555-B2AB-0B0C0429E96B}] => (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{EB95CA43-F4E8-4EFB-97B7-52ADDF2B8F99}] => (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{2FF1D9F7-F69F-4833-A9FE-5BBD85AFA003}E:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) E:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [UDP Query User{CB5647C8-312B-424C-9A45-9158618B49D8}E:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) E:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6DB1B403-7BFB-4F96-92B3-397DC63456FA}] => (Allow) E:\steam\steamapps\common\Braveland Heroes\braveland_heroes.exe () [File not signed]
FirewallRules: [{1AEFB372-2D70-46EF-8225-D90E86A53666}] => (Allow) E:\steam\steamapps\common\Braveland Heroes\braveland_heroes.exe () [File not signed]
FirewallRules: [{96A89403-7C99-45E4-85D8-059CFF6D7EB8}] => (Allow) E:\steam\steamapps\common\Journeys in Middle-earth\JiME.exe () [File not signed]
FirewallRules: [{683971D9-7892-4AAC-8839-26002C2F364A}] => (Allow) E:\steam\steamapps\common\Journeys in Middle-earth\JiME.exe () [File not signed]
FirewallRules: [{27248A43-D4BC-48F8-A63A-A2FBA6E0FC71}] => (Allow) E:\steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{74724928-8D4C-4E2E-9973-5A8B7D1C36E8}] => (Allow) E:\steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{91A09514-C3FA-4573-A617-33F6E06E55CD}] => (Allow) E:\steam\steamapps\common\Sudden Strike 4\SuddenStrike4.exe () [File not signed]
FirewallRules: [{01542B0E-693B-46DB-AE83-D004753B67E4}] => (Allow) E:\steam\steamapps\common\Sudden Strike 4\SuddenStrike4.exe () [File not signed]
FirewallRules: [{702128FC-742D-4C21-A988-56245B296C31}] => (Allow) E:\steam\steamapps\common\FlameInTheFlood\RiverGame.exe () [File not signed]
FirewallRules: [{64C2AC3A-7A95-44F9-A2C2-63A20CA06420}] => (Allow) E:\steam\steamapps\common\FlameInTheFlood\RiverGame.exe () [File not signed]
FirewallRules: [{A96612BE-1BBC-41A6-B137-24BFD792869E}] => (Allow) E:\steam\steamapps\common\CHUCHEL\Chuchel.exe () [File not signed]
FirewallRules: [{506E47C5-1177-476A-9E35-2229DC8F4567}] => (Allow) E:\steam\steamapps\common\CHUCHEL\Chuchel.exe () [File not signed]
FirewallRules: [{E6AC2D2C-CCB2-4479-AB60-DD2B09975A22}] => (Allow) E:\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{A098FA50-B243-4C50-8537-D520BB177E98}] => (Allow) E:\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{D46C08C6-3121-40E7-91B7-CB3B910A7775}] => (Allow) E:\steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{50FBBDFC-E9AA-4674-8D95-0E8FC9E835C4}] => (Allow) E:\steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{0F6DEB89-A2BB-4B86-9B7D-75AC324D4A1D}] => (Allow) E:\steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{E33994C0-3E63-4535-B0CC-58BBA28F808A}] => (Allow) E:\steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [TCP Query User{3C7063AC-366A-4758-A90F-12FA4B7AB51A}E:\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{829E5D67-A32A-40B8-A1F4-9EDCECB6072C}E:\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{AB323402-CEAA-4C96-8D68-6AFF3547A8B5}E:\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{511B3F3F-5656-4521-9804-8FD5879DD443}E:\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{99EB0478-D8F1-44C0-A579-DB5B6BB65EAD}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ECFA504A-5941-4BB5-8E7B-F5355638CC01}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{D3819CE6-EC4B-4756-A4C8-130565C4E22D}E:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steam\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{519E7D7E-A389-4418-8013-ECF25DC58A65}E:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steam\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{CEDA94BE-88A7-4DFE-BE44-736461ABF55E}] => (Allow) E:\steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{BED49D63-7254-494C-8684-1798774AEB6C}] => (Allow) E:\steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{59547962-D9C9-4C19-BF28-65B55EBCB68B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:25.72 GB) (23%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/13/2021 04:30:47 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/13/2021 04:21:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.


System errors:
=============
Error: (04/14/2021 11:41:08 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 11:41:08 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 12:10:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 12:10:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 12:10:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 12:10:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/13/2021 04:31:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/13/2021 04:31:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===============
Date: 2021-04-14 11:58:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2501 04/07/2014
Motherboard: ASUSTeK COMPUTER INC. M5A97 R2.0
Processor: AMD FX(tm)-8300 Eight-Core Processor
Percentage of memory in use: 39%
Total physical RAM: 16283.5 MB
Available physical RAM: 9802.1 MB
Total Virtual: 18715.5 MB
Available Virtual: 8692.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:25.72 GB) NTFS
Drive d: () (Fixed) (Total:115.14 GB) (Free:47.64 GB) NTFS
Drive e: (Data) (Fixed) (Total:1863.01 GB) (Free:408.59 GB) NTFS
Drive g: (DATA) (Fixed) (Total:319.28 GB) (Free:198.86 GB) NTFS
Drive h: () (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

\\?\Volume{bab95dac-5422-448f-994c-5735cbd50b6a}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{f35b4878-cfcc-437e-8b1b-25d34baead47}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 93ED058E)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C23DD165)
Partition 1: (Not Active) - (Size=115.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=31.3 GB) - (Type=05)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: FA6126BE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Size: 149 GB) (Disk ID: 00097F86)
Partition 1: (Active) - (Size=243 MB) - (Type=83)
Partition 2: (Not Active) - (Size=145.5 GB) - (Type=05)

==================== End of Addition.txt =======================

Zdravím!
Smažte tento soubor: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat a restartujte PC.

Pomohlo, díky moc!

Rádo se stalo!