Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Viry nebo nějaká havěť

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Viry nebo nějaká havěť

#1 Příspěvek od mikkie »

Dobrý den,

po delší době bych opět požádal o pomoc. Windows mi občas hlásí nějaké trojany,pc se mi zdá pomalejší a taky nám v týdnu google zmenil hesla na účtech, že se jich někdo zmocnil. Nejspíš z mého PC, na kterém si malý natahal nějaké hry.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Ran by micha (administrator) on DESKTOP-AUSGJMO (20-08-2022 17:46:01)
Running from C:\Users\micha\Desktop
Loaded Profiles: micha
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1889 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AudioDeviceService.exe ->) (Solid State System) [File not signed] C:\Program Files (x86)\XGAMER Audio 7.1\XGAMER Audio 7.1.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(Discord Inc. -> Discord Inc.) C:\Users\micha\AppData\Local\Discord\app-1.0.9006\Discord.exe <6>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Gaijin Network LTD -> Gaijin) C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(explorer.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2204.1001.3.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SSS) [File not signed] C:\Windows\System32\AudioDeviceService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(TODO: <Company name>) [File not signed] C:\Program Files\CZC G GK1000\CZC G GK1000.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [XGAMER Audio 7.1] => C:\Program Files (x86)\XGAMER Audio 7.1\XGAMER Audio 7.1.exe [10700800 2020-09-09] (Solid State System) [File not signed]
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4230544 2022-07-26] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14074968 2022-06-01] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-08-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [ASRockRuefi] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Gaijin.Net Updater] => C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-05-19] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\MountPoints2: {dc6f74ba-7658-11ea-a65b-a8a159192c9e} - "M:\setup.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Print\Monitors\EPSON L3050 Series 64MonitorBE: C:\Windows\system32\E_YLMBR4E.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-08-02] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.101\Installer\chrmstp.exe [2022-08-20] (Google LLC -> Google LLC)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2022-04-25]
ShortcutTarget: ctfmon.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook.lnk [2021-08-29]
ShortcutTarget: Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B04C152-E85A-47E7-A7B9-A07E445514BE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2237D69A-2074-4A62-BD65-D0397D543BE3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
Task: {2B11136C-2A2C-46D2-928E-BEA0C92DEE68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2EEE66E0-7CED-46DD-87ED-59E25F8511C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {326E497E-5B57-42D8-962F-ADD56552B9AF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3606811E-3920-4A77-8FE1-122ED5C05A4B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51383AA9-AC00-46FC-87B7-164ED2C6F61F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {598E3111-590D-4056-A471-9012AE631505} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23704512 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C5545AF-6213-4FBB-BD7A-D8229AA843DB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23704512 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6466E8C8-CA9E-4FA9-BEBA-AECBC73815F0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {65E6A67E-AB5F-4563-BE09-076B53B2CFD8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C04696D-0593-4FBD-9A7F-F5842FE6E23F} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification => C:\Program Files\PDF Architect 8\architect-launcher.exe --check-notifications (No File)
Task: {707C570A-0EB7-4B4A-8B9B-A32D5526C27D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7713BCDA-595B-4A8F-957E-1542051A49E1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8305B063-CDE9-44E2-B4F9-FC12F96FFB92} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8517064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {886E39CD-6745-458C-BA28-C1EB3D6D8BD9} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
Task: {8BE3C38C-7B6C-4982-B310-CB99A06DCC90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C3A87CD-95E3-42EA-ABAC-8913F90B3745} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
Task: {9CAD41DD-D5CE-483E-A0B0-0138A5619E5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA519617-1BD0-43F4-9FB5-EB14DD5770FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BEC7A5BE-5C84-4FA0-8AD4-9D380388982E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CF7994EF-AFCF-44A9-B300-0599897DA049} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8517064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFC3D011-7CDD-4596-8345-82DBA9B7DDC0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAA7E106-BA9E-4FBF-B4BD-2C1A2F5DBF38} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD27484B-050C-4461-81AB-86793286D3ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4261871939-3680644312-2290833728-1001] => 182.71.146.148:8080
Tcpip\..\Interfaces\{a50b097d-b2f0-400f-88af-6fcafcb09065}: [NameServer] 31.192.72.13,10.0.0.1

Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-20]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2022-08-20]
CHR Notifications: Default -> hxxps://app.smartsupp.com; hxxps://business.facebook.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-20]
CHR Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2020-04-04]
CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2022-08-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-20]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-08-13]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com
CHR HomePage: Profile 1 -> hxxp://www.google.cz/
CHR StartupUrls: Profile 1 -> ""
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
CHR Extension: (Entanglement Web App) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aciahcmjmecflokailenpkdchphgkefd [2021-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29]
CHR Extension: (Eiffel Tower) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppbaibkigenhdcommebegmmmpoolmpip [2021-10-29]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134664 2022-02-24] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AudioDeviceService; C:\Windows\system32\AudioDeviceService.exe [2730496 2020-09-09] (SSS) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-04-26] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4507328 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9114208 2022-08-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-04] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2275928 2022-06-01] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-27] (GOG Sp. z o.o. -> GOG.com)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2458576 2022-07-25] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2020-04-10] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104; C:\WINDOWS\SysWOW64\Drivers\AsrDrv104.sys [34536 2021-12-26] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2020-04-09] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R3 MpKsl4f865b11; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A93862DF-BCA6-4E08-8A30-5AC0C6ED46C9}\MpKslDrv.sys [141576 2022-08-20] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 UAExt; C:\WINDOWS\System32\DRIVERS\UAExt.sys [135264 2020-09-09] (Solid State System Co., Ltd -> Solid State System.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-20 17:46 - 2022-08-20 17:46 - 000028845 _____ C:\Users\micha\Desktop\FRST.txt
2022-08-20 17:45 - 2022-08-20 17:45 - 002371072 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2022-08-17 20:09 - 2022-08-17 20:09 - 001730357 _____ C:\Users\micha\Desktop\Slavonac N.pdf
2022-08-17 20:07 - 2022-08-17 20:07 - 000072423 _____ C:\Users\micha\Desktop\b613a17caa9209-slavonac-n-dop.pdf
2022-08-17 15:28 - 2022-08-17 15:28 - 000001260 _____ C:\Users\micha\Desktop\Cult Of The Lamb.lnk
2022-08-17 15:28 - 2022-08-17 15:28 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Massive Monster
2022-08-17 15:27 - 2022-08-17 15:27 - 000159806 _____ C:\Users\micha\Desktop\Valíček, Lidická 54, Hodonín.pdf
2022-08-15 08:48 - 2022-08-15 08:48 - 007493882 _____ C:\Users\micha\Desktop\CIKO.pdf
2022-08-13 10:07 - 2022-08-13 10:07 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-13 10:07 - 2022-08-13 10:07 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-13 10:07 - 2022-08-13 10:07 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-13 10:07 - 2022-08-13 10:07 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-13 10:06 - 2022-08-13 10:06 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-13 10:06 - 2022-08-13 10:06 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-13 10:06 - 2022-08-13 10:06 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-13 10:06 - 2022-08-13 10:06 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-13 10:02 - 2022-08-13 10:02 - 000000000 ___HD C:\$WinREAgent
2022-08-05 17:37 - 2022-08-05 17:37 - 000000000 ____D C:\Users\micha\AppData\Local\MultiVersus
2022-08-05 17:36 - 2022-08-05 17:37 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2022-08-05 17:30 - 2022-08-05 17:30 - 000000354 _____ C:\Users\micha\Desktop\MultiVersus.url
2022-08-03 08:42 - 2022-08-03 08:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\pdfforge GmbH
2022-08-03 08:42 - 2022-08-03 08:42 - 000000000 ____D C:\ProgramData\PDF Architect 8
2022-08-02 18:26 - 2022-08-02 18:26 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-08-02 18:26 - 2022-08-02 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2022-07-26 20:44 - 2022-07-26 20:44 - 000000000 ____D C:\Program Files\Google
2022-07-21 18:53 - 2022-07-21 18:53 - 000000000 ____D C:\Users\micha\AppData\Local\ToiletChronicles
2022-07-21 18:52 - 2022-07-21 18:52 - 000000223 _____ C:\Users\micha\Desktop\Toilet Chronicles.url
2022-07-21 18:43 - 2022-06-24 05:05 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001472552 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-07-21 18:31 - 2022-06-24 19:20 - 000866344 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-07-21 18:31 - 2022-06-24 19:20 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 001537072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 000771576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 000715304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-07-21 18:31 - 2022-06-24 19:18 - 010270272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 008804416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 003067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 001608232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 001059880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 000845296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 000456200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-07-21 18:31 - 2022-06-24 19:17 - 005734408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-07-21 18:31 - 2022-06-24 19:17 - 005363264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-07-21 18:31 - 2022-06-24 19:17 - 000853568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-07-21 18:31 - 2022-06-24 05:05 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-07-21 18:00 - 2022-07-21 18:00 - 000161771 _____ C:\Users\micha\Desktop\#2022-92 B Lukáš Mačalík, Bohuslavice 4211, Kyjov.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-20 17:46 - 2021-10-21 18:11 - 000000000 ____D C:\FRST
2022-08-20 17:44 - 2020-04-04 10:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-20 17:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-20 17:36 - 2020-04-04 10:18 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-20 17:28 - 2020-12-15 22:23 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2022-08-20 17:27 - 2020-12-15 22:23 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2022-08-20 15:32 - 2020-04-04 11:17 - 000000000 ____D C:\Users\micha\AppData\Local\ClassicShell
2022-08-20 15:12 - 2020-04-04 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-20 11:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-20 11:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-20 10:45 - 2020-04-04 10:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-20 10:27 - 2021-12-21 18:07 - 000002321 _____ C:\Users\micha\Desktop\CurseForge.lnk
2022-08-20 10:27 - 2021-12-21 18:06 - 000000000 ____D C:\Users\micha\AppData\Local\Overwolf
2022-08-20 10:27 - 2021-02-01 19:26 - 000000000 ____D C:\Users\micha
2022-08-19 21:18 - 2020-04-06 16:34 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-19 11:29 - 2022-04-28 13:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-08-19 11:29 - 2021-02-01 19:26 - 000002381 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-19 08:51 - 2021-12-21 18:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-08-16 16:03 - 2021-08-06 17:29 - 000000000 ____D C:\Users\micha\AppData\Roaming\.minecraft
2022-08-15 10:11 - 2020-04-04 10:07 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2022-08-14 21:03 - 2020-04-04 11:02 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2022-08-14 21:01 - 2022-03-27 11:13 - 000000000 ____D C:\Users\micha\AppData\LocalLow\webviewdata
2022-08-14 11:31 - 2021-02-01 19:31 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-14 11:31 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-08-14 11:31 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-08-14 11:31 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-14 11:24 - 2021-02-01 19:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-14 11:24 - 2021-02-01 19:25 - 000545544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-14 11:24 - 2021-02-01 19:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-13 20:36 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-08-13 20:36 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-13 20:36 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-13 10:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-13 10:06 - 2021-02-01 19:29 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-13 10:03 - 2022-04-22 19:20 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-08-13 10:02 - 2020-04-04 23:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-13 10:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-13 10:00 - 2020-06-06 22:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-13 10:00 - 2020-04-04 23:43 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-12 10:31 - 2020-05-31 21:10 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2022-08-10 21:37 - 2022-07-18 13:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-08-10 21:37 - 2022-04-13 14:38 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-08-10 21:37 - 2022-03-28 14:22 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-05 17:37 - 2021-10-25 20:19 - 000000000 ____D C:\Users\micha\AppData\Roaming\EasyAntiCheat
2022-08-02 18:26 - 2021-10-27 10:36 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2022-08-02 18:26 - 2021-10-27 10:36 - 000000000 ____D C:\Program Files\PDFCreator
2022-08-02 07:24 - 2021-02-01 19:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-01 11:54 - 2020-04-04 10:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2022-08-01 11:38 - 2020-06-29 14:32 - 000000000 ____D C:\Blossom Beauty
2022-07-30 14:52 - 2022-03-20 21:30 - 000000000 ____D C:\ProgramData\Autodesk
2022-07-27 09:13 - 2022-04-22 19:21 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-27 09:13 - 2022-04-22 19:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f8bfdbe63d84
2022-07-26 20:52 - 2021-12-20 12:27 - 000000000 ____D C:\Users\micha\AppData\Local\Ubisoft Game Launcher
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\ProgramData\Rockstar Games
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\Program Files\Rockstar Games
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2022-07-21 18:53 - 2021-10-07 16:40 - 000000000 ____D C:\Users\micha\AppData\Local\UnrealEngine
2022-07-21 18:45 - 2020-04-04 11:03 - 000000000 ____D C:\Users\micha\AppData\Local\NVIDIA

==================== Files in the root of some directories ========

2020-07-29 20:21 - 2020-07-29 20:21 - 000056320 _____ (SSS) C:\ProgramData\FinalDeleteFile.exe
2022-04-27 11:50 - 2022-04-27 11:50 - 000007342 _____ () C:\Users\micha\AppData\Local\2573084692
2020-09-27 21:17 - 2020-09-27 21:17 - 000016438 _____ () C:\Users\micha\AppData\Local\partner.bmp
2021-01-10 20:43 - 2021-02-08 19:36 - 000007602 _____ () C:\Users\micha\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by micha (20-08-2022 17:46:51)
Running from C:\Users\micha\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1889 (X64) (2021-02-01 17:30:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4261871939-3680644312-2290833728-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4261871939-3680644312-2290833728-503 - Limited - Disabled)
Guest (S-1-5-21-4261871939-3680644312-2290833728-501 - Limited - Disabled)
micha (S-1-5-21-4261871939-3680644312-2290833728-1001 - Administrator - Enabled) => C:\Users\micha
micha_p24az47 (S-1-5-21-4261871939-3680644312-2290833728-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4261871939-3680644312-2290833728-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASRock Restart to UEFI v1.0.9 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.9 - ASRock Inc.)
A-Tuning v3.0.215 (HKLM-x32\...\A-Tuning_is1) (Version: 3.0.215 - ASRock Inc.)
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Epic (HKLM\...\{B51E6DE5-9A25-47E6-9806-24B4C62D42A6}) (Version: 1.3.1.0 - Manticore Games)
Core Epic Installer (HKLM-x32\...\{531451dd-91d4-4b27-a171-1b9c7f325969}) (Version: 1.3.0.0 - Manticore Games) Hidden
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
Crossout Launcher 1.0.3.144 (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\CrossOutLauncher_is1) (Version: - )
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 1.2.4 - GOG.com)
Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - )
CurseForge (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.205.1.5800 - Overwolf app)
CZC G GK1000 (HKLM-x32\...\CZC G GK1000) (Version: V1.01n - CZC G GK900)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1184 - Disc Soft Ltd)
DCS World OpenBeta (HKLM\...\DCS World OpenBeta_is1) (Version: 2.5 - Eagle Dynamics)
Discord (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.243.5241 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{daaa5ef5-cad5-4ad1-b550-6f3388e65fe0}) (Version: 12.0.243.5241 - Electronic Arts)
Empires of the Undergrowth (HKLM-x32\...\1850642020_is1) (Version: 0.2324 - GOG.com)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{AA6AE72A-371E-4454-9066-3D02BB4BC4E9}) (Version: 3.3.1.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FileZilla Client 3.47.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.47.2.1 - Tim Kosse)
Floating Sandbox 1.16.7.1 (HKLM\...\{E0EFB81F-319E-4AB2-80D9-38374D454C01}) (Version: 1.16.7.1 - Gabriele Giuseppini)
Gas Station Simulator (HKLM-x32\...\Gas Station Simulator_is1) (Version: - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.101 - Google LLC)
I Am Fish (HKLM-x32\...\I Am Fish_is1) (Version: - )
i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC)
Java(TM) SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
Kindergarten 2 v1.23 (HKLM-x32\...\tuttop.com Kindergarten 2 v1.23_is1) (Version: 1.23 - tuttop.com)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.15601.20044 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.15601.20044 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\OneDriveSetup.exe) (Version: 22.166.0807.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
Newgrounds Player (HKLM-x32\...\{B9735123-2823-49F8-8264-372895D39702}) (Version: 1.0.0 - Newgrounds)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.59 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.204.0.1 - Overwolf Ltd.)
PDFCreator (HKLM\...\{53B07CBF-8CF1-4398-AD9C-1EDCC62E9B57}) (Version: 4.4.3 - pdfforge GmbH)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk)
ProFact 5 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version: - )
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.6.589 - Jan Fiala)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.61.899 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
Snowtopia Demo (HKLM-x32\...\1103034679_is1) (Version: 0.9.31.gog - GOG.com)
Snowtopia: Ski Resort Tycoon (HKLM-x32\...\1179524912_is1) (Version: 0.14.27 - GOG.com)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Spotify (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superliminal (HKLM-x32\...\Superliminal_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 128.0.10632 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{1729B0A9-0490-418B-A565-89B4D5BC8F2D}) (Version: 1.2.0.0 - Epic Games, Inc.) Hidden
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: 1.0.0.1 - Electronic Arts, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
XGAMER Audio 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 3.21.2018.104 - SADES)

Packages:
=========
ASTRONEER -> C:\Program Files\WindowsApps\SystemEraSoftworks.29415440E1269_1.25.152.0_x64__ftk5pbg2rayv2 [2022-08-20] (System Era Softworks)
Besiege -> C:\Program Files\WindowsApps\SpiderlingStudios.5821136CAA5A2_0.9.13.0_x64__a408ere9ra7h8 [2022-06-10] (Spiderling Studios Limited)
Best of Wallpapers 2019 Exclusive -> C:\Program Files\WindowsApps\Microsoft.BestofWallpapers2019Exclusive_2.0.0.0_neutral__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation)
Bug Fables: The Everlasting Sapling -> C:\Program Files\WindowsApps\DANGENEntertainment.BugFables_1.0.0.0_x64__zfxw8h9xxzgzt [2022-06-30] (DANGEN Entertainment)
Donut County -> C:\Program Files\WindowsApps\AnnapurnaInteractive.DonutCounty_1.0.3.0_x64__c96c51jf6wkvm [2022-05-04] (Annapurna Interactive)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-19] (Microsoft Corporation)
FAR: Changing Tides Windows Edition -> C:\Program Files\WindowsApps\FrontierDevelopmentsPlc.FARChangingTidesWindowsEdi_1.2.2.0_x64__ft442cafaz8hg [2022-05-15] (Frontier Developments Plc)
Forager -> C:\Program Files\WindowsApps\HumbleBundle.ForagerWin10_1.0.1.2_x64__q2mcdwmzx4qja [2022-02-25] (Humble Bundle)
Gang Beasts -> C:\Program Files\WindowsApps\DoubleFineProductionsInc.GangBeasts_1.0.41.0_x64__s9zt93y1rpe5a [2022-02-25] (Double Fine Productions, Inc.)
Goat Simulator Windows 10 -> C:\Program Files\WindowsApps\DoubleElevenLimited.GoatSimulatorWindows10_1.8.3.2_x64__0hbmw099njyxm [2022-05-17] (Double Eleven Limited)
Gorogoa -> C:\Program Files\WindowsApps\AnnapurnaInteractive.Gorogoa_1.0.7.0_x64__c96c51jf6wkvm [2022-06-19] (Annapurna Interactive)
Human Fall Flat -> C:\Program Files\WindowsApps\CurveDigital.HumanFallFlat_1.6.18.0_x64__1ezqdnbhnc70m [2022-05-17] (Curve Digital)
Kill It With Fire -> C:\Program Files\WindowsApps\tinyBuildGames.KillItWithFire_1.5.36.0_x64__3sz1pp2ynv2xe [2022-02-25] (tinyBuild Games)
Lonely Mountains: Downhill -> C:\Program Files\WindowsApps\Thunderful.LonelyMontainsDownhill_1.4.6.0_x64__8j53pwgd019sy [2022-07-21] (Thunderful Publishing AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-06-28] (Microsoft Corporation)
Minecraft Dungeons -> C:\Program Files\WindowsApps\Microsoft.Lovika_1.15.1.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Studios)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.5.0_x64__8wekyb3d8bbwe [2022-06-12] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.21.0_x64__8wekyb3d8bbwe [2022-08-11] (Microsoft Studios)
Moonglow Bay -> C:\Program Files\WindowsApps\CoatsinkSoftware.MoonglowBay_1.0.24.0_x64__kpgqqsxtm9288 [2022-05-17] (Coatsink Software)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-07-21] (NVIDIA Corp.)
PAW Patrol Mighty Pups Save Adventure Bay -> C:\Program Files\WindowsApps\OutrightGames.628923E2C82A7_1.0.3.0_x64__bnrbc155f0j86 [2022-05-11] (Outright Games Ltd)
Pikuniku Win10 -> C:\Program Files\WindowsApps\DevolverDigital.PikunikuWin10_1.0.3.0_x86__6kzv4j18v0c96 [2022-05-17] (Devolver Digital)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.540.501.0_x86__55nm5eh3cm0pr [2022-08-19] (ROBLOX Corporation)
SkateBIRD -> C:\Program Files\WindowsApps\GlassBottomGames.SkateBIRD_1.7.2.0_x64__vvwbg9g51kf46 [2022-06-29] (Glass Bottom Games)
Totally Accurate Battle Simulator -> C:\Program Files\WindowsApps\LandfallGames.TotallyAccurateBattleSimulator_1.0.4977.0_x64__r2vq7k2y0v9ct [2022-04-27] (Landfall Games)
Townscaper -> C:\Program Files\WindowsApps\RawFury.Townscaper_1.1.6.0_x64__9s0pnehqffj7t [2022-03-14] (Raw Fury)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> L:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> L:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> L:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2021-11-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\nvshext.dll [2022-06-24] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4261871939-3680644312-2290833728-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\micha\Desktop\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\micha\Desktop\Terezka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2018-10-26 10:07 - 2018-10-26 10:07 - 000204800 _____ () [File not signed] C:\Program Files\CZC G GK1000\bin\GK\SonixHidDll.dll
2018-10-26 10:07 - 2018-10-26 10:07 - 000204800 _____ () [File not signed] C:\Program Files\CZC G GK1000\bin\GM\SonixHidDll.dll
2021-04-18 17:23 - 2014-11-02 19:45 - 000029184 _____ () [File not signed] C:\Program Files\PSPad editor\pspshellx64.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2020-04-26 11:02 - 2020-04-26 11:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-26 11:02 - 2020-04-26 11:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-10-27 10:36 - 2022-08-02 18:26 - 000181248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2020-09-09 13:36 - 2017-11-03 11:44 - 000232960 ____N (Solid State System) [File not signed] C:\Program Files (x86)\XGAMER Audio 7.1\DLL3S_UsbAudio16xx_x32.dll
2019-02-14 08:40 - 2019-02-14 08:40 - 001660416 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\css.dll
2019-02-14 08:46 - 2019-02-14 08:46 - 002033152 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\cwt.dll
2019-02-14 08:49 - 2019-02-14 08:49 - 001659904 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\messageprompter.dll
2019-02-14 08:38 - 2019-02-14 08:38 - 001648640 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\messageprovider.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001655808 _____ (SONiX Technology Co., Ltd.) [File not signed] C:\Program Files\CZC G GK1000\Bin\Plugin.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001651200 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\dialoginvoker.dll
2019-02-14 08:28 - 2019-02-14 08:28 - 001633792 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gamingforceledsyncer.dll
2019-02-14 08:51 - 2019-02-14 08:51 - 001665024 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gamingforcemain.dll
2019-02-14 08:52 - 2019-02-14 08:52 - 001656832 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardmacro.dll
2019-02-14 08:38 - 2019-02-14 08:38 - 002036224 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardmain.dll
2019-02-14 08:46 - 2019-02-14 08:46 - 002195968 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardpersister.dll
2019-02-14 08:30 - 2019-02-14 08:30 - 001723904 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardprofile.dll
2019-02-14 08:51 - 2019-02-14 08:51 - 001652736 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardskin.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001680384 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardwriter.dll
2019-02-14 08:24 - 2019-02-14 08:24 - 001656320 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousemacro.dll
2019-02-14 08:27 - 2019-02-14 08:27 - 001936384 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousemain.dll
2019-02-14 08:27 - 2019-02-14 08:27 - 002195456 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousepersister.dll
2019-02-14 08:25 - 2019-02-14 08:25 - 001701888 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmouseprofile.dll
2019-02-14 08:15 - 2019-02-14 08:15 - 001664000 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmouseskin.dll
2019-02-14 08:15 - 2019-02-14 08:15 - 001656832 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousewriter.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6098]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-07-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Control Panel\Desktop\\Wallpaper -> c:\users\micha\desktop\foceni - vanoce 2019\dsc_9982.jpg
DNS Servers: 31.192.72.13 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Trust GXT 354 Headset"
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{29458DEB-89BE-4F55-B362-0A79FF315AC2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{D73F25B8-73D8-4612-9013-00AFC67C6490}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{C535DEAE-95B1-4EC1-9AE3-90F16FB847B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [{D00CE7CD-302D-4FC5-9DBD-BF6946EB2BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [UDP Query User{F873DD99-DACE-47FB-ACB7-FAF5D2D438EF}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [TCP Query User{A54F25F0-65EF-41E6-9DB2-01F8F95FD1E9}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [UDP Query User{446488F3-6A65-4A40-84ED-6D7DD85BC5F2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{0A1E29E9-17F5-49FA-831C-74E987176127}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{54446129-352F-4716-A57E-817CFBE15A09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45E25852-2436-49B6-8730-460ABC3C1F32}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{864198A2-5A02-402B-BFBE-2A6092CE7CBA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{89CCDD86-5ABB-49F9-ADA2-3AA16A9C0DFA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D790B858-A34F-48F3-BAB6-30E18C8B86A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{E45CB1FF-8765-4764-B6E5-03B0CFB43CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [UDP Query User{11C83DD6-66C1-4B2A-95B9-F5595BAAE73F}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{36435545-4B21-4506-82B2-85572F619B25}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DBF5FAC2-3ED8-4AB7-A39F-2F9A785F9F5A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{975D2953-97C3-42CD-98A5-83734BE1D7B2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E1397ADB-175E-4CD9-B12F-39A92FBF12B3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3114659E-1964-4B01-88CD-D008340CB6FA}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{0356A693-A394-4772-B76B-BF4C327CF3EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8E292D98-5399-4BC6-8E9D-0B1CB269BB82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0586D70B-5F9B-4AE4-905B-6D8A0EB68614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6C369FD2-5CA0-46A5-AE4C-89BC129BAD00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{04EE9578-4475-4C45-8938-31CFCAC72E37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1422F21A-0FE6-4E04-8608-E0AB2E1E74A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{59EC471F-33CD-4B0E-8E0A-29665C636ADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{B908D25C-2BCF-4188-BD0F-E397AC0F6BEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{0A77FFB5-C2E5-4D61-B0A6-F50C26917801}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DDF4574-0231-4AB2-8264-9943794F7292}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EDB90044-B689-459D-A928-70A8E53D2179}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{10816914-AC23-4957-AFA6-FF812C9B1605}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{D941A9B7-F0DD-4690-9B9E-BA858CBD8690}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [UDP Query User{E3FF217D-D5A2-4FBB-9AA2-46E08FD69504}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [TCP Query User{D56936D4-1FD9-4590-BA26-F2F4416C32A5}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [UDP Query User{DE0DF6E2-40AE-4912-B825-B7621C54FEA0}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [TCP Query User{37E4D05E-2ADF-410A-B96A-4FE1603EB75E}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{41A171F7-2F8E-4D4F-95D8-B31FB070B856}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [TCP Query User{16CB7910-8372-4FA5-B5A7-0EBBE0A43FC3}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{521A084B-40C8-4B58-8C12-53F500198CC1}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{B9BF3CDA-B02D-439F-B07D-5D3F05AA1C7B}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [UDP Query User{86270292-CED8-4063-A839-B359E378F341}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [TCP Query User{C93EDD0D-A67F-41F0-895E-2D38640EBE4C}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{A95835B6-3EC1-4296-8418-29BB5940536B}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B0E926D1-3F01-4F88-A033-A002297F2EDA}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{10CEBC25-E2FF-48C7-BBB1-F58BCB1C34AB}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [{D7CD4EE0-8A58-464F-ACCA-A17B2148C55D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{B11CE916-FDDE-436A-B8EF-79A0AF4B214D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [TCP Query User{377BB321-3F36-4713-858C-7692531D6C81}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9BC4738A-0940-4863-B160-763A41FE0E5D}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4FD04183-8EA6-4805-801E-5423483A8C55}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{F2020488-A592-44E6-9E22-8D6A528CC181}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{D32ECEE6-8A41-4DCD-9864-F7BBBE30FAB9}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [UDP Query User{C90BFC6A-0916-4EF5-A423-62FF55947D36}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [TCP Query User{03F4F24A-3A93-485A-BABD-9BBAD849A4EB}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{6FB3E471-C6A8-419D-80ED-51F669214912}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [TCP Query User{98B609C7-C84C-450D-BBBB-A2E1B54E100B}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{C32059FD-CA6D-4689-B7E9-C570998E41AB}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [{9BF9EFDA-5843-42BC-A7F1-E1C731CAF214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [{9C7A0D9B-68E2-4472-BCD5-4418278F3639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [TCP Query User{C55AC7D3-0136-4931-8E8E-F9483277C5DA}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [UDP Query User{816377DE-18B1-4961-BDD4-D474969DCFA6}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [{306650B1-0FF2-452E-82F0-EB30A53E9769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [{A8452111-F6DD-4957-8A50-6EECA5FE054E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [TCP Query User{F00BAB0A-4A0E-420B-90BC-3CC38FF11BDE}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{0130D317-847E-4D30-B195-B52A0FD1AC39}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{5EB038E2-3D18-44B7-8E96-890B39F3E827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{68A4ADEA-1C84-4789-A697-CB2D3B816771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{63C9287E-1DB2-4C68-A526-9F5430BF0933}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0F9461A-4F94-4807-BFCD-938B81CD83D9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{45ED595B-3318-4527-A16E-AE92F97115E2}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{F9D771D3-D794-453C-A170-D06223863C87}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [{9561CBB4-7CD3-4A3F-BD3B-6578D946570C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{72ECBBE5-8F9F-4A97-A7BF-C49729ADFABF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{0C42E4E6-CBCB-44FA-B54D-FD0EEAF43784}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [UDP Query User{71DCB3DB-65CE-4AD6-8808-FCC0FE20979C}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [TCP Query User{BCC952E8-88D5-462B-A31F-88AAAA2CD4C9}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [UDP Query User{5F02E16D-3283-4B5A-A892-B478B3808213}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [TCP Query User{70860165-FC28-4A9A-9549-72643AF82E96}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [UDP Query User{06F8E3AC-4E9E-4F99-BC5F-B91E1909A464}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [{D7E833B6-8C9E-4F53-ADCC-237CC74140B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{92558988-B934-43A7-8992-25F6DB7CD255}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{F25D676D-9CB4-4979-8516-FFA50E7624C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division 2\TheDivision2.exe => No File
FirewallRules: [TCP Query User{0E856306-59C5-43ED-BBAB-5A6C6358A2EC}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [UDP Query User{7605C579-E973-4947-92C4-BE006BC64FF1}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [{B2DA71DE-1615-440A-BEB4-9A465F176CF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{3930353B-5ACC-46D7-BFB3-5ABDF047A43B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{01DF4354-EA13-4B39-A5E2-D851CA21DEAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{83AC1B05-9D39-4B0B-9721-60909619376E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [TCP Query User{7D120729-8247-46E1-A96C-2897BE827323}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [UDP Query User{55274E68-151E-453B-BF06-F07E61CCE6E0}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [{D5E9125B-F4C3-4BE3-9C39-4327635141A9}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1DBD88C5-F55B-403D-9D47-7509BA2B3F50}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{82293978-6754-445C-9C19-4517C53B2CBE}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [UDP Query User{6D4F340F-CC84-441A-8F08-7F597798B806}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [{FB08CC40-5BB2-4929-AE72-E844CAA9BC4C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{73AFC565-A221-4AF4-8B01-BF38A7E3AAFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{3E1A716A-73A8-4971-82E0-3292C49B152E}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [UDP Query User{6C09B28E-8BF2-419B-8B46-19F6B2DAAC55}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [{887E5316-A9BD-460F-B213-61A3DD57E396}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{6AA2F05C-B390-46DC-9D2A-3AB006261BE6}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{A4F2B005-89AB-41F1-8F41-F596CDCADBC8}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{1AC4CB70-2406-4DC8-BB08-9AFFDE94FC12}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{68C1325C-7C3E-47E7-8B2E-A83D571D67FA}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe () [File not signed]
FirewallRules: [{4C2AA51F-46E3-4489-B00C-2D5B089EEE79}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe () [File not signed]
FirewallRules: [TCP Query User{126F8DB2-9B37-4333-AC46-EFF8AF828831}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [UDP Query User{B72571F6-F157-4EF2-82FB-C907734020A5}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [TCP Query User{F1BE06E4-5622-4761-B9FA-496F3C93E3EA}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{31CDE955-BC24-491A-89D0-0BD4AC1B4B34}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{ED21F7B5-C7C6-4DE2-8131-044A5F38C7AE}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [{35553D72-31B7-4640-8FD1-E4E099F2862C}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [TCP Query User{CBA75151-CD05-4556-A4C2-47B3C4034E44}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{C012ED2B-A45E-4B0F-91F3-11B38F8D9C6B}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{B20ED7C1-4DC5-4C0E-BB7F-FA796742B8B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [{27433D62-6D09-436E-97E3-C80F1CC17D29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{C526C79D-2F23-4659-8886-74EB1217C5BA}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{2B813FC4-335F-4364-A51B-96934E86E050}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{5398BB7F-69A6-413A-ABA0-D9CFD9C06102}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{4CE251E0-D80C-4B9F-AEBC-560ECD797F9F}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1B203524-5397-4260-9EA2-E79C28F696BF}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [UDP Query User{7729F747-4D8C-43A7-BC5D-C26A526AB26C}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [TCP Query User{6891DA4E-A682-4013-AC9F-93F1F41538A1}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{981D95FE-1B8B-4E50-9157-16E1841EFD0B}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1AEA2C90-34CF-4A28-8A8B-DECE34231209}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{CBD697BB-8858-43F9-8DEA-E68395D8B415}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{BBB18066-1A62-4B6F-AEA7-09012086A685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{23E7748A-E81A-4D11-8B2C-50BEC02C3E01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{FFED7C2C-8DFD-4B87-AB1E-363287DA7B00}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFC43BAF-88F3-432F-8B96-EFD44F22E75D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FEBE6DF-8741-45B6-9D50-1902184F120F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C828F30-3503-4FF6-8558-8311BAA735E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{68320D8A-6F97-411F-8955-B5800497F558}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [UDP Query User{1E6F081F-E513-42C0-89FA-23B782AD3A98}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [TCP Query User{CA702105-D56F-499F-95AB-CA71697C4C0D}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [UDP Query User{840E18C3-0704-49A1-96F4-181A626B6797}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [{59D404D5-8728-49AB-9E06-51D26700D695}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{A96A6F90-7DD2-4995-88AA-0F956DB33A2C}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{7DD20C47-BA5C-4B38-9E5B-536743AA1040}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2DBB5FE-E8B9-4ED4-AA67-937B6DDC8AB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{851C3AE4-EC50-4BE6-BB77-4E72493806F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [TCP Query User{5CA21839-EB81-4030-BE6E-C0D764F54BDB}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [UDP Query User{C39DFB6A-90A8-45A7-9CA5-76C311D46992}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [TCP Query User{1E0AE19E-20F1-443B-906D-065238976E49}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [UDP Query User{50D93168-8FA5-49AA-BABE-A5A8F88B3486}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [{BC45F458-DEB7-4E71-8941-1742EE09E829}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{4A30FB60-8369-40E0-906C-38AB2F7DF5FA}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{3B90E320-F8B7-429E-99E6-314F048244CD}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{D368F37B-76C3-43B0-B0FD-F5AF2D450029}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{DCDA16F5-1AB3-4585-B939-34DA43598E9B}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{592253A9-C2A2-4767-B3BF-DE9B0254A0FC}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{2E8D51BF-5717-4012-BC0A-557AD5122175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{253299C3-BD33-41BB-971A-81703FF02A3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{8038C947-E718-42AB-A08E-AC35AA8961CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{99173CA6-BBAB-422F-8C9A-E36139F022B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7CAD6721-1A87-4A98-98AC-30093FAC3F9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1FC37340-B9F3-46AB-8D02-C8E71A157472}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9D9F2F4E-88B8-4E22-AADB-5A99589DB433}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A4B7A22-EC59-4D80-A5BA-66B42386D2F1}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6E02E418-AA6F-4C92-9374-FFAA59441B23}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [UDP Query User{CD0D9E68-D68A-453C-A9EB-6B166701345C}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [{2F698A77-BA23-4B6C-9E39-3AB00712D141}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{DEDCE339-7914-48FF-A935-F774F7D0F667}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{61C77ED8-359C-49A2-BAE9-7042AE301115}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{77563C0C-B28D-4E56-98D2-9925DBECE044}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7886DA04-B9B3-4D41-A1D6-4E73BD0E46ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{1E3A3B0C-C9CD-40C2-BE64-44C61A972A05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{1B8DAE92-DFB0-437E-91DA-1CAD6D522EBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{5A7A1A69-94E3-4DD4-9285-5CDB74F4AB08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{87293E0F-BF05-439A-AB31-4AE1C27B30B9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{57023810-2F26-4628-B0D6-79A7505BB914}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [UDP Query User{25FAEDB6-0F8B-43CC-B6E6-2710E6889A77}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [{7BBFA194-32C6-4B66-947E-32B2E56C5349}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{485A89EA-FC27-46E1-A38F-2D5672E5C891}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{A978B67D-0222-4395-977E-8EB31E1AB2C7}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{CEA8D197-CE44-4DEC-B781-7EB7043A082E}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{8510B446-E85A-43A7-9F71-5C8D9DE17876}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{29A2E9C7-93CE-4B50-B70B-BC2F4453292D}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0474D4B1-5AEA-4B0C-A2E1-3B1EF26C4574}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/19/2022 06:16:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:10Z. Kód chyby: 0x80070002

Error: (08/19/2022 06:15:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:40Z. Kód chyby: 0x80070002

Error: (08/19/2022 06:15:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:10Z. Kód chyby: 0x80070002

Error: (08/19/2022 06:14:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:40Z. Kód chyby: 0x80070002

Error: (08/19/2022 06:13:31 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:31Z. Kód chyby: 0x80070002

Error: (08/19/2022 06:13:01 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:01Z. Kód chyby: 0x80070002

Error: (08/19/2022 06:12:31 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:31Z. Kód chyby: 0x80070002

Error: (08/19/2022 06:12:01 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:01Z. Kód chyby: 0x80070002


System errors:
=============
Error: (08/19/2022 05:43:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.WindowsFeedbackHub_1.2203.761.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe!App.AppXw175g9nmx2zykh9fyt6xjc0xf8vmj1w6.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2022-08-02 18:27:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {141D31CF-CC1D-41BB-BFBC-4459A3E94F15}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-AUSGJMO\micha

Date: 2022-08-02 18:26:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/ICBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\micha\AppData\Local\Temp\bvaqoypw.gbn\banners-uvfuavr5.fbu\lavasoft_overlay_new_setup_progress_en_836de029-df55-483c-b06e-67c270576b5f-v3.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Users\micha\AppData\Local\Temp\bvaqoypw.gbn\PDFCreatorSetup.exe
Verze bezpečnostních informací: AV: 1.371.1272.0, AS: 1.371.1272.0, NIS: 1.371.1272.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3

Date: 2022-08-02 07:19:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8993F2EB-B663-4604-B693-F687055520FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-08-01 11:36:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\KMSAuto-Net win 10 aktivator.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.371.1208.0, AS: 1.371.1208.0, NIS: 1.371.1208.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3

Date: 2022-08-01 11:36:01
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\KMSAuto-Net win 10 aktivator.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.371.1208.0, AS: 1.371.1208.0, NIS: 1.371.1208.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3

CodeIntegrity:
===============
Date: 2022-08-18 11:25:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-17 17:27:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-24 12:13:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. P3.90 12/09/2019
Motherboard: ASRock B450M Pro4
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 16313.71 MB
Available physical RAM: 9168.39 MB
Total Virtual: 18745.71 MB
Available Virtual: 8404.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.87 GB) (Free:32.42 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: Patriot Burst) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: SAMSUNG HD642JJ) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:224.84 GB) (Free:67.96 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive h: () (Fixed) (Total:224.84 GB) (Free:14.61 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive i: () (Fixed) (Total:222.95 GB) (Free:2.85 GB) (Model: Patriot Burst) NTFS
Drive j: () (Fixed) (Total:146.38 GB) (Free:20.3 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive k: () (Fixed) (Total:247.82 GB) (Free:115.57 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
Drive l: () (Fixed) (Total:683.59 GB) (Free:237.23 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS

\\?\Volume{c4029046-716d-441f-a03d-cce2ceeeb070}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{c6b8d1f4-ded1-4088-bf7e-f6bafaa17d56}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{60e7a5ed-f4f6-7b96-b598-d4e1b1cb3654}\ () (Fixed) (Total:5.27 GB) (Free:0 GB) NTFS
\\?\Volume{19c0c6cf-4c0d-97a3-0d37-e79c8c13d025}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{7e630a01-0000-0000-0000-10c337000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{6ff619c6-97c5-4a7f-bd2f-8251e43ed227}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 7E630A01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=533 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: E274E274)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.7 GB) - (Type=0F Extended)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0775D37C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Viry nebo nějaká havěť

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Re: Viry nebo nějaká havěť

#3 Příspěvek od mikkie »

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-20-2022
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Free VPN for Chrome - VPN Proxy VeePN - majdfhpaihoncoakbjgbdhglocklcgno

***** [ Chromium URLs ] *****

Deleted Spirální stabilizace páteře - Na Úbočí 10, Praha 8, Czech Republic, 00420-284 810 231, spirstab@spirstab.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1926 octets] - [21/10/2021 18:58:01]
AdwCleaner[C00].txt - [1966 octets] - [21/10/2021 18:58:43]
AdwCleaner[S01].txt - [1634 octets] - [21/10/2021 19:31:02]
AdwCleaner[C01].txt - [1804 octets] - [21/10/2021 19:31:07]
AdwCleaner[S02].txt - [1756 octets] - [21/10/2021 19:31:29]
AdwCleaner[C02].txt - [1926 octets] - [21/10/2021 19:31:36]
AdwCleaner[S03].txt - [1878 octets] - [21/10/2021 19:38:05]
AdwCleaner[C03].txt - [2048 octets] - [21/10/2021 19:38:11]
AdwCleaner[S04].txt - [2000 octets] - [21/10/2021 19:47:03]
AdwCleaner[S05].txt - [2061 octets] - [21/10/2021 19:51:29]
AdwCleaner[C05].txt - [2231 octets] - [21/10/2021 20:04:51]
AdwCleaner[S06].txt - [2345 octets] - [20/08/2022 18:20:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########
Nahoru
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Re: Viry nebo nějaká havěť

#4 Příspěvek od mikkie »

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-20-2022
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Free VPN for Chrome - VPN Proxy VeePN - majdfhpaihoncoakbjgbdhglocklcgno

***** [ Chromium URLs ] *****

Deleted Spirální stabilizace páteře - Na Úbočí 10, Praha 8, Czech Republic, 00420-284 810 231, spirstab@spirstab.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1926 octets] - [21/10/2021 18:58:01]
AdwCleaner[C00].txt - [1966 octets] - [21/10/2021 18:58:43]
AdwCleaner[S01].txt - [1634 octets] - [21/10/2021 19:31:02]
AdwCleaner[C01].txt - [1804 octets] - [21/10/2021 19:31:07]
AdwCleaner[S02].txt - [1756 octets] - [21/10/2021 19:31:29]
AdwCleaner[C02].txt - [1926 octets] - [21/10/2021 19:31:36]
AdwCleaner[S03].txt - [1878 octets] - [21/10/2021 19:38:05]
AdwCleaner[C03].txt - [2048 octets] - [21/10/2021 19:38:11]
AdwCleaner[S04].txt - [2000 octets] - [21/10/2021 19:47:03]
AdwCleaner[S05].txt - [2061 octets] - [21/10/2021 19:51:29]
AdwCleaner[C05].txt - [2231 octets] - [21/10/2021 20:04:51]
AdwCleaner[S06].txt - [2345 octets] - [20/08/2022 18:20:15]
AdwCleaner[C06].txt - [2475 octets] - [20/08/2022 18:20:58]
AdwCleaner[S07].txt - [2373 octets] - [20/08/2022 18:22:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C07].txt ##########
Nahoru
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Re: Viry nebo nějaká havěť

#5 Příspěvek od mikkie »

Po projetí aplikací adwcleaner mě (jako posledně) přestalo fungovat vyhledávání ve windows. V žádném vyhledávacím poli (vedle nabídky start, prohledání souborů) nikde mi nejde psát do pole vyhledávání.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Viry nebo nějaká havěť

#6 Příspěvek od Rudy »

IJ. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Re: Viry nebo nějaká havěť

#7 Příspěvek od mikkie »

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [XGAMER Audio 7.1] => C:\Program Files (x86)\XGAMER Audio 7.1\XGAMER Audio 7.1.exe [10700800 2020-09-09] (Solid State System) [File not signed]
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14074968 2022-06-01] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-08-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [ASRockRuefi] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Gaijin.Net Updater] => C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-05-19] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\MountPoints2: {dc6f74ba-7658-11ea-a65b-a8a159192c9e} - "M:\setup.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Print\Monitors\EPSON L3050 Series 64MonitorBE: C:\Windows\system32\E_YLMBR4E.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-08-02] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.101\Installer\chrmstp.exe [2022-08-20] (Google LLC -> Google LLC)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook.lnk [2021-08-29]
ShortcutTarget: Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B04C152-E85A-47E7-A7B9-A07E445514BE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2237D69A-2074-4A62-BD65-D0397D543BE3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
Task: {2B11136C-2A2C-46D2-928E-BEA0C92DEE68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2EEE66E0-7CED-46DD-87ED-59E25F8511C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {326E497E-5B57-42D8-962F-ADD56552B9AF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3606811E-3920-4A77-8FE1-122ED5C05A4B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51383AA9-AC00-46FC-87B7-164ED2C6F61F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {598E3111-590D-4056-A471-9012AE631505} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23704512 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C5545AF-6213-4FBB-BD7A-D8229AA843DB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23704512 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6466E8C8-CA9E-4FA9-BEBA-AECBC73815F0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {65E6A67E-AB5F-4563-BE09-076B53B2CFD8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C04696D-0593-4FBD-9A7F-F5842FE6E23F} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification => C:\Program Files\PDF Architect 8\architect-launcher.exe --check-notifications (No File)
Task: {707C570A-0EB7-4B4A-8B9B-A32D5526C27D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7713BCDA-595B-4A8F-957E-1542051A49E1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8305B063-CDE9-44E2-B4F9-FC12F96FFB92} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8517064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {886E39CD-6745-458C-BA28-C1EB3D6D8BD9} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
Task: {8BE3C38C-7B6C-4982-B310-CB99A06DCC90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C3A87CD-95E3-42EA-ABAC-8913F90B3745} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
Task: {9CAD41DD-D5CE-483E-A0B0-0138A5619E5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA519617-1BD0-43F4-9FB5-EB14DD5770FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BEC7A5BE-5C84-4FA0-8AD4-9D380388982E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CF7994EF-AFCF-44A9-B300-0599897DA049} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8517064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFC3D011-7CDD-4596-8345-82DBA9B7DDC0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAA7E106-BA9E-4FBF-B4BD-2C1A2F5DBF38} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD27484B-050C-4461-81AB-86793286D3ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4261871939-3680644312-2290833728-1001] => 182.71.146.148:8080
Tcpip\..\Interfaces\{a50b097d-b2f0-400f-88af-6fcafcb09065}: [NameServer] 31.192.72.13,10.0.0.1

Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-20]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2022-08-20]
CHR Notifications: Default -> hxxps://app.smartsupp.com; hxxps://business.facebook.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-20]
CHR Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2020-04-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-20]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-08-13]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com
CHR HomePage: Profile 1 -> hxxp://www.google.cz/
CHR StartupUrls: Profile 1 -> ""
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
CHR Extension: (Entanglement Web App) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aciahcmjmecflokailenpkdchphgkefd [2021-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29]
CHR Extension: (Eiffel Tower) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppbaibkigenhdcommebegmmmpoolmpip [2021-10-29]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134664 2022-02-24] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AudioDeviceService; C:\Windows\system32\AudioDeviceService.exe [2730496 2020-09-09] (SSS) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-04-26] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4507328 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9114208 2022-08-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-04] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2275928 2022-06-01] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-27] (GOG Sp. z o.o. -> GOG.com)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2458576 2022-07-25] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2020-04-10] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104; C:\WINDOWS\SysWOW64\Drivers\AsrDrv104.sys [34536 2021-12-26] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2020-04-09] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 UAExt; C:\WINDOWS\System32\DRIVERS\UAExt.sys [135264 2020-09-09] (Solid State System Co., Ltd -> Solid State System.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-20 18:51 - 2022-08-20 18:51 - 000003898 _____ C:\Users\micha\Desktop\ResetWindowsSearchBox.ps1
2022-08-20 18:26 - 2022-08-20 18:28 - 000000000 ____D C:\Users\micha\Desktop\ilovepdf_pages-to-jpg
2022-08-20 18:25 - 2022-08-20 18:25 - 004268664 _____ C:\Users\micha\Desktop\PILÁTES__LETÁK.pdf
2022-08-20 18:19 - 2022-08-20 18:19 - 008551608 _____ (Malwarebytes) C:\Users\micha\Desktop\adwcleaner.exe
2022-08-20 17:46 - 2022-08-20 18:53 - 000020622 _____ C:\Users\micha\Desktop\FRST.txt
2022-08-20 17:45 - 2022-08-20 17:45 - 002371072 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2022-08-17 20:09 - 2022-08-17 20:09 - 001730357 _____ C:\Users\micha\Desktop\Slavonac N.pdf
2022-08-17 20:07 - 2022-08-17 20:07 - 000072423 _____ C:\Users\micha\Desktop\b613a17caa9209-slavonac-n-dop.pdf
2022-08-17 15:28 - 2022-08-17 15:28 - 000001260 _____ C:\Users\micha\Desktop\Cult Of The Lamb.lnk
2022-08-17 15:28 - 2022-08-17 15:28 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Massive Monster
2022-08-17 15:27 - 2022-08-17 15:27 - 000159806 _____ C:\Users\micha\Desktop\Valíček, Lidická 54, Hodonín.pdf
2022-08-15 08:48 - 2022-08-15 08:48 - 007493882 _____ C:\Users\micha\Desktop\CIKO.pdf
2022-08-13 10:07 - 2022-08-13 10:07 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-13 10:07 - 2022-08-13 10:07 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-13 10:07 - 2022-08-13 10:07 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-13 10:07 - 2022-08-13 10:07 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-13 10:06 - 2022-08-13 10:06 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-13 10:06 - 2022-08-13 10:06 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-13 10:06 - 2022-08-13 10:06 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-13 10:06 - 2022-08-13 10:06 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-13 10:02 - 2022-08-13 10:02 - 000000000 ___HD C:\$WinREAgent
2022-08-05 17:37 - 2022-08-05 17:37 - 000000000 ____D C:\Users\micha\AppData\Local\MultiVersus
2022-08-05 17:36 - 2022-08-05 17:37 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2022-08-05 17:30 - 2022-08-05 17:30 - 000000354 _____ C:\Users\micha\Desktop\MultiVersus.url
2022-08-03 08:42 - 2022-08-03 08:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\pdfforge GmbH
2022-08-03 08:42 - 2022-08-03 08:42 - 000000000 ____D C:\ProgramData\PDF Architect 8
2022-08-02 18:26 - 2022-08-02 18:26 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-08-02 18:26 - 2022-08-02 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2022-07-26 20:44 - 2022-07-26 20:44 - 000000000 ____D C:\Program Files\Google
2022-07-21 18:53 - 2022-07-21 18:53 - 000000000 ____D C:\Users\micha\AppData\Local\ToiletChronicles
2022-07-21 18:52 - 2022-07-21 18:52 - 000000223 _____ C:\Users\micha\Desktop\Toilet Chronicles.url
2022-07-21 18:43 - 2022-06-24 05:05 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001472552 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-07-21 18:31 - 2022-06-24 19:20 - 000866344 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-07-21 18:31 - 2022-06-24 19:20 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 001537072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 000771576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 000715304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-07-21 18:31 - 2022-06-24 19:18 - 010270272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 008804416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 003067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 001608232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 001059880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 000845296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 000456200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-07-21 18:31 - 2022-06-24 19:17 - 005734408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-07-21 18:31 - 2022-06-24 19:17 - 005363264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-07-21 18:31 - 2022-06-24 19:17 - 000853568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-07-21 18:31 - 2022-06-24 05:05 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-07-21 18:00 - 2022-07-21 18:00 - 000161771 _____ C:\Users\micha\Desktop\#2022-92 B Lukáš Mačalík, Bohuslavice 4211, Kyjov.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-20 18:53 - 2021-10-21 18:11 - 000000000 ____D C:\FRST
2022-08-20 18:53 - 2020-04-04 10:18 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-20 18:53 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-20 18:51 - 2020-04-04 11:17 - 000000000 ____D C:\Users\micha\AppData\Local\ClassicShell
2022-08-20 18:38 - 2020-04-04 10:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-20 18:30 - 2021-02-01 19:31 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-20 18:30 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-08-20 18:30 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-08-20 18:30 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-20 18:25 - 2020-12-15 22:23 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2022-08-20 18:24 - 2021-12-21 18:07 - 000002321 _____ C:\Users\micha\Desktop\CurseForge.lnk
2022-08-20 18:24 - 2021-12-21 18:06 - 000000000 ____D C:\Users\micha\AppData\Local\Overwolf
2022-08-20 18:24 - 2020-12-15 22:23 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2022-08-20 18:23 - 2021-02-01 19:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-20 18:23 - 2021-02-01 19:26 - 000000000 ____D C:\Users\micha
2022-08-20 18:23 - 2021-02-01 19:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-20 18:23 - 2020-04-04 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-20 18:23 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-20 11:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-20 11:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-20 10:45 - 2020-04-04 10:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-19 21:18 - 2020-04-06 16:34 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-19 11:29 - 2022-04-28 13:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-08-19 11:29 - 2021-02-01 19:26 - 000002381 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-19 08:51 - 2021-12-21 18:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-08-16 16:03 - 2021-08-06 17:29 - 000000000 ____D C:\Users\micha\AppData\Roaming\.minecraft
2022-08-15 10:11 - 2020-04-04 10:07 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2022-08-14 21:03 - 2020-04-04 11:02 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2022-08-14 21:01 - 2022-03-27 11:13 - 000000000 ____D C:\Users\micha\AppData\LocalLow\webviewdata
2022-08-14 11:24 - 2021-02-01 19:25 - 000545544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-13 20:36 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-08-13 20:36 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-13 10:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-13 10:06 - 2021-02-01 19:29 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-13 10:03 - 2022-04-22 19:20 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-08-13 10:02 - 2020-04-04 23:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-13 10:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-13 10:00 - 2020-06-06 22:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-13 10:00 - 2020-04-04 23:43 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-12 10:31 - 2020-05-31 21:10 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2022-08-10 21:37 - 2022-07-18 13:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-08-10 21:37 - 2022-04-13 14:38 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-08-10 21:37 - 2022-03-28 14:22 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-05 17:37 - 2021-10-25 20:19 - 000000000 ____D C:\Users\micha\AppData\Roaming\EasyAntiCheat
2022-08-02 18:26 - 2021-10-27 10:36 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2022-08-02 18:26 - 2021-10-27 10:36 - 000000000 ____D C:\Program Files\PDFCreator
2022-08-02 07:24 - 2021-02-01 19:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-01 11:54 - 2020-04-04 10:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2022-08-01 11:38 - 2020-06-29 14:32 - 000000000 ____D C:\Blossom Beauty
2022-07-30 14:52 - 2022-03-20 21:30 - 000000000 ____D C:\ProgramData\Autodesk
2022-07-27 09:13 - 2022-04-22 19:21 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-27 09:13 - 2022-04-22 19:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f8bfdbe63d84
2022-07-26 20:52 - 2021-12-20 12:27 - 000000000 ____D C:\Users\micha\AppData\Local\Ubisoft Game Launcher
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\ProgramData\Rockstar Games
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\Program Files\Rockstar Games
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2022-07-21 18:53 - 2021-10-07 16:40 - 000000000 ____D C:\Users\micha\AppData\Local\UnrealEngine
2022-07-21 18:45 - 2020-04-04 11:03 - 000000000 ____D C:\Users\micha\AppData\Local\NVIDIA

==================== Files in the root of some directories ========

2020-07-29 20:21 - 2020-07-29 20:21 - 000056320 _____ (SSS) C:\ProgramData\FinalDeleteFile.exe
2022-04-27 11:50 - 2022-04-27 11:50 - 000007342 _____ () C:\Users\micha\AppData\Local\2573084692
2020-09-27 21:17 - 2020-09-27 21:17 - 000016438 _____ () C:\Users\micha\AppData\Local\partner.bmp
2021-01-10 20:43 - 2021-02-08 19:36 - 000007602 _____ () C:\Users\micha\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by micha (20-08-2022 18:54:22)
Running from C:\Users\micha\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1889 (X64) (2021-02-01 17:30:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4261871939-3680644312-2290833728-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4261871939-3680644312-2290833728-503 - Limited - Disabled)
Guest (S-1-5-21-4261871939-3680644312-2290833728-501 - Limited - Disabled)
micha (S-1-5-21-4261871939-3680644312-2290833728-1001 - Administrator - Enabled) => C:\Users\micha
micha_p24az47 (S-1-5-21-4261871939-3680644312-2290833728-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4261871939-3680644312-2290833728-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASRock Restart to UEFI v1.0.9 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.9 - ASRock Inc.)
A-Tuning v3.0.215 (HKLM-x32\...\A-Tuning_is1) (Version: 3.0.215 - ASRock Inc.)
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Epic (HKLM\...\{B51E6DE5-9A25-47E6-9806-24B4C62D42A6}) (Version: 1.3.1.0 - Manticore Games)
Core Epic Installer (HKLM-x32\...\{531451dd-91d4-4b27-a171-1b9c7f325969}) (Version: 1.3.0.0 - Manticore Games) Hidden
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
Crossout Launcher 1.0.3.144 (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\CrossOutLauncher_is1) (Version: - )
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 1.2.4 - GOG.com)
Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - )
CurseForge (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.205.1.5800 - Overwolf app)
CZC G GK1000 (HKLM-x32\...\CZC G GK1000) (Version: V1.01n - CZC G GK900)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1184 - Disc Soft Ltd)
DCS World OpenBeta (HKLM\...\DCS World OpenBeta_is1) (Version: 2.5 - Eagle Dynamics)
Discord (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.243.5241 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{daaa5ef5-cad5-4ad1-b550-6f3388e65fe0}) (Version: 12.0.243.5241 - Electronic Arts)
Empires of the Undergrowth (HKLM-x32\...\1850642020_is1) (Version: 0.2324 - GOG.com)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{AA6AE72A-371E-4454-9066-3D02BB4BC4E9}) (Version: 3.3.1.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FileZilla Client 3.47.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.47.2.1 - Tim Kosse)
Floating Sandbox 1.16.7.1 (HKLM\...\{E0EFB81F-319E-4AB2-80D9-38374D454C01}) (Version: 1.16.7.1 - Gabriele Giuseppini)
Gas Station Simulator (HKLM-x32\...\Gas Station Simulator_is1) (Version: - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.101 - Google LLC)
I Am Fish (HKLM-x32\...\I Am Fish_is1) (Version: - )
i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC)
Java(TM) SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
Kindergarten 2 v1.23 (HKLM-x32\...\tuttop.com Kindergarten 2 v1.23_is1) (Version: 1.23 - tuttop.com)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.15601.20044 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.15601.20044 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\OneDriveSetup.exe) (Version: 22.166.0807.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
Newgrounds Player (HKLM-x32\...\{B9735123-2823-49F8-8264-372895D39702}) (Version: 1.0.0 - Newgrounds)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.59 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.204.0.1 - Overwolf Ltd.)
PDFCreator (HKLM\...\{53B07CBF-8CF1-4398-AD9C-1EDCC62E9B57}) (Version: 4.4.3 - pdfforge GmbH)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk)
ProFact 5 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version: - )
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.6.589 - Jan Fiala)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.61.899 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
Snowtopia Demo (HKLM-x32\...\1103034679_is1) (Version: 0.9.31.gog - GOG.com)
Snowtopia: Ski Resort Tycoon (HKLM-x32\...\1179524912_is1) (Version: 0.14.27 - GOG.com)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Spotify (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superliminal (HKLM-x32\...\Superliminal_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 128.0.10632 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{1729B0A9-0490-418B-A565-89B4D5BC8F2D}) (Version: 1.2.0.0 - Epic Games, Inc.) Hidden
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: 1.0.0.1 - Electronic Arts, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
XGAMER Audio 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 3.21.2018.104 - SADES)

Packages:
=========
ASTRONEER -> C:\Program Files\WindowsApps\SystemEraSoftworks.29415440E1269_1.25.152.0_x64__ftk5pbg2rayv2 [2022-08-20] (System Era Softworks)
Besiege -> C:\Program Files\WindowsApps\SpiderlingStudios.5821136CAA5A2_0.9.13.0_x64__a408ere9ra7h8 [2022-06-10] (Spiderling Studios Limited)
Best of Wallpapers 2019 Exclusive -> C:\Program Files\WindowsApps\Microsoft.BestofWallpapers2019Exclusive_2.0.0.0_neutral__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation)
Bug Fables: The Everlasting Sapling -> C:\Program Files\WindowsApps\DANGENEntertainment.BugFables_1.0.0.0_x64__zfxw8h9xxzgzt [2022-06-30] (DANGEN Entertainment)
Donut County -> C:\Program Files\WindowsApps\AnnapurnaInteractive.DonutCounty_1.0.3.0_x64__c96c51jf6wkvm [2022-05-04] (Annapurna Interactive)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-19] (Microsoft Corporation)
FAR: Changing Tides Windows Edition -> C:\Program Files\WindowsApps\FrontierDevelopmentsPlc.FARChangingTidesWindowsEdi_1.2.2.0_x64__ft442cafaz8hg [2022-05-15] (Frontier Developments Plc)
Forager -> C:\Program Files\WindowsApps\HumbleBundle.ForagerWin10_1.0.1.2_x64__q2mcdwmzx4qja [2022-02-25] (Humble Bundle)
Gang Beasts -> C:\Program Files\WindowsApps\DoubleFineProductionsInc.GangBeasts_1.0.41.0_x64__s9zt93y1rpe5a [2022-02-25] (Double Fine Productions, Inc.)
Goat Simulator Windows 10 -> C:\Program Files\WindowsApps\DoubleElevenLimited.GoatSimulatorWindows10_1.8.3.2_x64__0hbmw099njyxm [2022-05-17] (Double Eleven Limited)
Gorogoa -> C:\Program Files\WindowsApps\AnnapurnaInteractive.Gorogoa_1.0.7.0_x64__c96c51jf6wkvm [2022-06-19] (Annapurna Interactive)
Human Fall Flat -> C:\Program Files\WindowsApps\CurveDigital.HumanFallFlat_1.6.18.0_x64__1ezqdnbhnc70m [2022-05-17] (Curve Digital)
Kill It With Fire -> C:\Program Files\WindowsApps\tinyBuildGames.KillItWithFire_1.5.36.0_x64__3sz1pp2ynv2xe [2022-02-25] (tinyBuild Games)
Lonely Mountains: Downhill -> C:\Program Files\WindowsApps\Thunderful.LonelyMontainsDownhill_1.4.6.0_x64__8j53pwgd019sy [2022-07-21] (Thunderful Publishing AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-06-28] (Microsoft Corporation)
Minecraft Dungeons -> C:\Program Files\WindowsApps\Microsoft.Lovika_1.15.1.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Studios)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.5.0_x64__8wekyb3d8bbwe [2022-06-12] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.21.0_x64__8wekyb3d8bbwe [2022-08-11] (Microsoft Studios)
Moonglow Bay -> C:\Program Files\WindowsApps\CoatsinkSoftware.MoonglowBay_1.0.24.0_x64__kpgqqsxtm9288 [2022-05-17] (Coatsink Software)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-07-21] (NVIDIA Corp.)
PAW Patrol Mighty Pups Save Adventure Bay -> C:\Program Files\WindowsApps\OutrightGames.628923E2C82A7_1.0.3.0_x64__bnrbc155f0j86 [2022-05-11] (Outright Games Ltd)
Pikuniku Win10 -> C:\Program Files\WindowsApps\DevolverDigital.PikunikuWin10_1.0.3.0_x86__6kzv4j18v0c96 [2022-05-17] (Devolver Digital)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.540.501.0_x86__55nm5eh3cm0pr [2022-08-19] (ROBLOX Corporation)
SkateBIRD -> C:\Program Files\WindowsApps\GlassBottomGames.SkateBIRD_1.7.2.0_x64__vvwbg9g51kf46 [2022-06-29] (Glass Bottom Games)
Totally Accurate Battle Simulator -> C:\Program Files\WindowsApps\LandfallGames.TotallyAccurateBattleSimulator_1.0.4977.0_x64__r2vq7k2y0v9ct [2022-04-27] (Landfall Games)
Townscaper -> C:\Program Files\WindowsApps\RawFury.Townscaper_1.1.6.0_x64__9s0pnehqffj7t [2022-03-14] (Raw Fury)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> L:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> L:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> L:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2021-11-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\nvshext.dll [2022-06-24] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4261871939-3680644312-2290833728-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\micha\Desktop\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\micha\Desktop\Terezka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2018-10-26 10:07 - 2018-10-26 10:07 - 000204800 _____ () [File not signed] C:\Program Files\CZC G GK1000\bin\GK\SonixHidDll.dll
2018-10-26 10:07 - 2018-10-26 10:07 - 000204800 _____ () [File not signed] C:\Program Files\CZC G GK1000\bin\GM\SonixHidDll.dll
2021-04-18 17:23 - 2014-11-02 19:45 - 000029184 _____ () [File not signed] C:\Program Files\PSPad editor\pspshellx64.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2020-04-26 11:02 - 2020-04-26 11:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-26 11:02 - 2020-04-26 11:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-10-27 10:36 - 2022-08-02 18:26 - 000181248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2020-09-09 13:36 - 2017-11-03 11:44 - 000232960 ____N (Solid State System) [File not signed] C:\Program Files (x86)\XGAMER Audio 7.1\DLL3S_UsbAudio16xx_x32.dll
2019-02-14 08:40 - 2019-02-14 08:40 - 001660416 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\css.dll
2019-02-14 08:46 - 2019-02-14 08:46 - 002033152 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\cwt.dll
2019-02-14 08:49 - 2019-02-14 08:49 - 001659904 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\messageprompter.dll
2019-02-14 08:38 - 2019-02-14 08:38 - 001648640 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\messageprovider.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001655808 _____ (SONiX Technology Co., Ltd.) [File not signed] C:\Program Files\CZC G GK1000\Bin\Plugin.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001651200 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\dialoginvoker.dll
2019-02-14 08:28 - 2019-02-14 08:28 - 001633792 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gamingforceledsyncer.dll
2019-02-14 08:51 - 2019-02-14 08:51 - 001665024 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gamingforcemain.dll
2019-02-14 08:52 - 2019-02-14 08:52 - 001656832 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardmacro.dll
2019-02-14 08:38 - 2019-02-14 08:38 - 002036224 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardmain.dll
2019-02-14 08:46 - 2019-02-14 08:46 - 002195968 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardpersister.dll
2019-02-14 08:30 - 2019-02-14 08:30 - 001723904 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardprofile.dll
2019-02-14 08:51 - 2019-02-14 08:51 - 001652736 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardskin.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001680384 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardwriter.dll
2019-02-14 08:24 - 2019-02-14 08:24 - 001656320 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousemacro.dll
2019-02-14 08:27 - 2019-02-14 08:27 - 001936384 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousemain.dll
2019-02-14 08:27 - 2019-02-14 08:27 - 002195456 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousepersister.dll
2019-02-14 08:25 - 2019-02-14 08:25 - 001701888 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmouseprofile.dll
2019-02-14 08:15 - 2019-02-14 08:15 - 001664000 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmouseskin.dll
2019-02-14 08:15 - 2019-02-14 08:15 - 001656832 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousewriter.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6098]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-07-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Control Panel\Desktop\\Wallpaper -> c:\users\micha\desktop\foceni - vanoce 2019\dsc_9982.jpg
DNS Servers: 31.192.72.13 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Trust GXT 354 Headset"
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{29458DEB-89BE-4F55-B362-0A79FF315AC2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{D73F25B8-73D8-4612-9013-00AFC67C6490}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{C535DEAE-95B1-4EC1-9AE3-90F16FB847B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [{D00CE7CD-302D-4FC5-9DBD-BF6946EB2BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [UDP Query User{F873DD99-DACE-47FB-ACB7-FAF5D2D438EF}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [TCP Query User{A54F25F0-65EF-41E6-9DB2-01F8F95FD1E9}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [UDP Query User{446488F3-6A65-4A40-84ED-6D7DD85BC5F2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{0A1E29E9-17F5-49FA-831C-74E987176127}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{54446129-352F-4716-A57E-817CFBE15A09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45E25852-2436-49B6-8730-460ABC3C1F32}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{864198A2-5A02-402B-BFBE-2A6092CE7CBA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{89CCDD86-5ABB-49F9-ADA2-3AA16A9C0DFA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D790B858-A34F-48F3-BAB6-30E18C8B86A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{E45CB1FF-8765-4764-B6E5-03B0CFB43CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [UDP Query User{11C83DD6-66C1-4B2A-95B9-F5595BAAE73F}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{36435545-4B21-4506-82B2-85572F619B25}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DBF5FAC2-3ED8-4AB7-A39F-2F9A785F9F5A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{975D2953-97C3-42CD-98A5-83734BE1D7B2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E1397ADB-175E-4CD9-B12F-39A92FBF12B3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3114659E-1964-4B01-88CD-D008340CB6FA}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{0356A693-A394-4772-B76B-BF4C327CF3EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8E292D98-5399-4BC6-8E9D-0B1CB269BB82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0586D70B-5F9B-4AE4-905B-6D8A0EB68614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6C369FD2-5CA0-46A5-AE4C-89BC129BAD00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{04EE9578-4475-4C45-8938-31CFCAC72E37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1422F21A-0FE6-4E04-8608-E0AB2E1E74A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{59EC471F-33CD-4B0E-8E0A-29665C636ADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{B908D25C-2BCF-4188-BD0F-E397AC0F6BEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{0A77FFB5-C2E5-4D61-B0A6-F50C26917801}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DDF4574-0231-4AB2-8264-9943794F7292}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EDB90044-B689-459D-A928-70A8E53D2179}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{10816914-AC23-4957-AFA6-FF812C9B1605}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{D941A9B7-F0DD-4690-9B9E-BA858CBD8690}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [UDP Query User{E3FF217D-D5A2-4FBB-9AA2-46E08FD69504}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [TCP Query User{D56936D4-1FD9-4590-BA26-F2F4416C32A5}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [UDP Query User{DE0DF6E2-40AE-4912-B825-B7621C54FEA0}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [TCP Query User{37E4D05E-2ADF-410A-B96A-4FE1603EB75E}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{41A171F7-2F8E-4D4F-95D8-B31FB070B856}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [TCP Query User{16CB7910-8372-4FA5-B5A7-0EBBE0A43FC3}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{521A084B-40C8-4B58-8C12-53F500198CC1}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{B9BF3CDA-B02D-439F-B07D-5D3F05AA1C7B}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [UDP Query User{86270292-CED8-4063-A839-B359E378F341}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [TCP Query User{C93EDD0D-A67F-41F0-895E-2D38640EBE4C}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{A95835B6-3EC1-4296-8418-29BB5940536B}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B0E926D1-3F01-4F88-A033-A002297F2EDA}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{10CEBC25-E2FF-48C7-BBB1-F58BCB1C34AB}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [{D7CD4EE0-8A58-464F-ACCA-A17B2148C55D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{B11CE916-FDDE-436A-B8EF-79A0AF4B214D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [TCP Query User{377BB321-3F36-4713-858C-7692531D6C81}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9BC4738A-0940-4863-B160-763A41FE0E5D}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4FD04183-8EA6-4805-801E-5423483A8C55}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{F2020488-A592-44E6-9E22-8D6A528CC181}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{D32ECEE6-8A41-4DCD-9864-F7BBBE30FAB9}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [UDP Query User{C90BFC6A-0916-4EF5-A423-62FF55947D36}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [TCP Query User{03F4F24A-3A93-485A-BABD-9BBAD849A4EB}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{6FB3E471-C6A8-419D-80ED-51F669214912}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [TCP Query User{98B609C7-C84C-450D-BBBB-A2E1B54E100B}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{C32059FD-CA6D-4689-B7E9-C570998E41AB}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [{9BF9EFDA-5843-42BC-A7F1-E1C731CAF214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [{9C7A0D9B-68E2-4472-BCD5-4418278F3639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [TCP Query User{C55AC7D3-0136-4931-8E8E-F9483277C5DA}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [UDP Query User{816377DE-18B1-4961-BDD4-D474969DCFA6}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [{306650B1-0FF2-452E-82F0-EB30A53E9769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [{A8452111-F6DD-4957-8A50-6EECA5FE054E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [TCP Query User{F00BAB0A-4A0E-420B-90BC-3CC38FF11BDE}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{0130D317-847E-4D30-B195-B52A0FD1AC39}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{5EB038E2-3D18-44B7-8E96-890B39F3E827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{68A4ADEA-1C84-4789-A697-CB2D3B816771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{63C9287E-1DB2-4C68-A526-9F5430BF0933}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0F9461A-4F94-4807-BFCD-938B81CD83D9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{45ED595B-3318-4527-A16E-AE92F97115E2}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{F9D771D3-D794-453C-A170-D06223863C87}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [{9561CBB4-7CD3-4A3F-BD3B-6578D946570C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{72ECBBE5-8F9F-4A97-A7BF-C49729ADFABF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{0C42E4E6-CBCB-44FA-B54D-FD0EEAF43784}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [UDP Query User{71DCB3DB-65CE-4AD6-8808-FCC0FE20979C}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [TCP Query User{BCC952E8-88D5-462B-A31F-88AAAA2CD4C9}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [UDP Query User{5F02E16D-3283-4B5A-A892-B478B3808213}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [TCP Query User{70860165-FC28-4A9A-9549-72643AF82E96}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [UDP Query User{06F8E3AC-4E9E-4F99-BC5F-B91E1909A464}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [{D7E833B6-8C9E-4F53-ADCC-237CC74140B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{92558988-B934-43A7-8992-25F6DB7CD255}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{F25D676D-9CB4-4979-8516-FFA50E7624C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division 2\TheDivision2.exe => No File
FirewallRules: [TCP Query User{0E856306-59C5-43ED-BBAB-5A6C6358A2EC}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [UDP Query User{7605C579-E973-4947-92C4-BE006BC64FF1}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [{B2DA71DE-1615-440A-BEB4-9A465F176CF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{3930353B-5ACC-46D7-BFB3-5ABDF047A43B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{01DF4354-EA13-4B39-A5E2-D851CA21DEAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{83AC1B05-9D39-4B0B-9721-60909619376E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [TCP Query User{7D120729-8247-46E1-A96C-2897BE827323}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [UDP Query User{55274E68-151E-453B-BF06-F07E61CCE6E0}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [{D5E9125B-F4C3-4BE3-9C39-4327635141A9}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1DBD88C5-F55B-403D-9D47-7509BA2B3F50}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{82293978-6754-445C-9C19-4517C53B2CBE}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [UDP Query User{6D4F340F-CC84-441A-8F08-7F597798B806}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [{FB08CC40-5BB2-4929-AE72-E844CAA9BC4C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{73AFC565-A221-4AF4-8B01-BF38A7E3AAFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{3E1A716A-73A8-4971-82E0-3292C49B152E}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [UDP Query User{6C09B28E-8BF2-419B-8B46-19F6B2DAAC55}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [{887E5316-A9BD-460F-B213-61A3DD57E396}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{6AA2F05C-B390-46DC-9D2A-3AB006261BE6}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{A4F2B005-89AB-41F1-8F41-F596CDCADBC8}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{1AC4CB70-2406-4DC8-BB08-9AFFDE94FC12}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{68C1325C-7C3E-47E7-8B2E-A83D571D67FA}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe () [File not signed]
FirewallRules: [{4C2AA51F-46E3-4489-B00C-2D5B089EEE79}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe () [File not signed]
FirewallRules: [TCP Query User{126F8DB2-9B37-4333-AC46-EFF8AF828831}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [UDP Query User{B72571F6-F157-4EF2-82FB-C907734020A5}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [TCP Query User{F1BE06E4-5622-4761-B9FA-496F3C93E3EA}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{31CDE955-BC24-491A-89D0-0BD4AC1B4B34}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{ED21F7B5-C7C6-4DE2-8131-044A5F38C7AE}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [{35553D72-31B7-4640-8FD1-E4E099F2862C}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [TCP Query User{CBA75151-CD05-4556-A4C2-47B3C4034E44}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{C012ED2B-A45E-4B0F-91F3-11B38F8D9C6B}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{B20ED7C1-4DC5-4C0E-BB7F-FA796742B8B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [{27433D62-6D09-436E-97E3-C80F1CC17D29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{C526C79D-2F23-4659-8886-74EB1217C5BA}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{2B813FC4-335F-4364-A51B-96934E86E050}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{5398BB7F-69A6-413A-ABA0-D9CFD9C06102}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{4CE251E0-D80C-4B9F-AEBC-560ECD797F9F}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1B203524-5397-4260-9EA2-E79C28F696BF}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [UDP Query User{7729F747-4D8C-43A7-BC5D-C26A526AB26C}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [TCP Query User{6891DA4E-A682-4013-AC9F-93F1F41538A1}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{981D95FE-1B8B-4E50-9157-16E1841EFD0B}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1AEA2C90-34CF-4A28-8A8B-DECE34231209}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{CBD697BB-8858-43F9-8DEA-E68395D8B415}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{BBB18066-1A62-4B6F-AEA7-09012086A685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{23E7748A-E81A-4D11-8B2C-50BEC02C3E01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{FFED7C2C-8DFD-4B87-AB1E-363287DA7B00}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFC43BAF-88F3-432F-8B96-EFD44F22E75D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FEBE6DF-8741-45B6-9D50-1902184F120F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C828F30-3503-4FF6-8558-8311BAA735E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{68320D8A-6F97-411F-8955-B5800497F558}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [UDP Query User{1E6F081F-E513-42C0-89FA-23B782AD3A98}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [TCP Query User{CA702105-D56F-499F-95AB-CA71697C4C0D}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [UDP Query User{840E18C3-0704-49A1-96F4-181A626B6797}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [{59D404D5-8728-49AB-9E06-51D26700D695}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{A96A6F90-7DD2-4995-88AA-0F956DB33A2C}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{7DD20C47-BA5C-4B38-9E5B-536743AA1040}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2DBB5FE-E8B9-4ED4-AA67-937B6DDC8AB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{851C3AE4-EC50-4BE6-BB77-4E72493806F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [TCP Query User{5CA21839-EB81-4030-BE6E-C0D764F54BDB}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [UDP Query User{C39DFB6A-90A8-45A7-9CA5-76C311D46992}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [TCP Query User{1E0AE19E-20F1-443B-906D-065238976E49}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [UDP Query User{50D93168-8FA5-49AA-BABE-A5A8F88B3486}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [{BC45F458-DEB7-4E71-8941-1742EE09E829}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{4A30FB60-8369-40E0-906C-38AB2F7DF5FA}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{3B90E320-F8B7-429E-99E6-314F048244CD}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{D368F37B-76C3-43B0-B0FD-F5AF2D450029}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{DCDA16F5-1AB3-4585-B939-34DA43598E9B}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{592253A9-C2A2-4767-B3BF-DE9B0254A0FC}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{2E8D51BF-5717-4012-BC0A-557AD5122175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{253299C3-BD33-41BB-971A-81703FF02A3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{8038C947-E718-42AB-A08E-AC35AA8961CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{99173CA6-BBAB-422F-8C9A-E36139F022B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7CAD6721-1A87-4A98-98AC-30093FAC3F9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1FC37340-B9F3-46AB-8D02-C8E71A157472}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9D9F2F4E-88B8-4E22-AADB-5A99589DB433}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A4B7A22-EC59-4D80-A5BA-66B42386D2F1}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6E02E418-AA6F-4C92-9374-FFAA59441B23}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [UDP Query User{CD0D9E68-D68A-453C-A9EB-6B166701345C}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [{2F698A77-BA23-4B6C-9E39-3AB00712D141}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{DEDCE339-7914-48FF-A935-F774F7D0F667}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{61C77ED8-359C-49A2-BAE9-7042AE301115}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{77563C0C-B28D-4E56-98D2-9925DBECE044}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7886DA04-B9B3-4D41-A1D6-4E73BD0E46ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{1E3A3B0C-C9CD-40C2-BE64-44C61A972A05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{1B8DAE92-DFB0-437E-91DA-1CAD6D522EBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{5A7A1A69-94E3-4DD4-9285-5CDB74F4AB08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{87293E0F-BF05-439A-AB31-4AE1C27B30B9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{57023810-2F26-4628-B0D6-79A7505BB914}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [UDP Query User{25FAEDB6-0F8B-43CC-B6E6-2710E6889A77}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [{7BBFA194-32C6-4B66-947E-32B2E56C5349}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{485A89EA-FC27-46E1-A38F-2D5672E5C891}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{A978B67D-0222-4395-977E-8EB31E1AB2C7}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{CEA8D197-CE44-4DEC-B781-7EB7043A082E}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{8510B446-E85A-43A7-9F71-5C8D9DE17876}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{29A2E9C7-93CE-4B50-B70B-BC2F4453292D}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0474D4B1-5AEA-4B0C-A2E1-3B1EF26C4574}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/20/2022 06:55:06 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-21T16:51:06Z. Kód chyby: 0x80070002

Error: (08/20/2022 06:54:36 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-21T16:50:36Z. Kód chyby: 0x80070002

Error: (08/20/2022 06:54:06 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-21T16:51:06Z. Kód chyby: 0x80070002

Error: (08/20/2022 06:53:36 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-21T16:50:36Z. Kód chyby: 0x80070002

Error: (08/20/2022 06:53:06 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-21T16:51:06Z. Kód chyby: 0x80070002

Error: (08/20/2022 06:52:36 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-21T16:50:36Z. Kód chyby: 0x80070002

Error: (08/20/2022 06:52:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (08/20/2022 06:50:53 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-21T16:22:53Z. Kód chyby: 0x80070002


System errors:
=============
Error: (08/20/2022 06:24:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/20/2022 06:24:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (08/20/2022 06:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/20/2022 06:22:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (08/20/2022 06:22:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/20/2022 06:20:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/20/2022 06:20:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/20/2022 06:20:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2022-08-02 18:27:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {141D31CF-CC1D-41BB-BFBC-4459A3E94F15}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-AUSGJMO\micha

Date: 2022-08-02 18:26:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/ICBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\micha\AppData\Local\Temp\bvaqoypw.gbn\banners-uvfuavr5.fbu\lavasoft_overlay_new_setup_progress_en_836de029-df55-483c-b06e-67c270576b5f-v3.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Users\micha\AppData\Local\Temp\bvaqoypw.gbn\PDFCreatorSetup.exe
Verze bezpečnostních informací: AV: 1.371.1272.0, AS: 1.371.1272.0, NIS: 1.371.1272.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3

Date: 2022-08-02 07:19:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8993F2EB-B663-4604-B693-F687055520FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-08-01 11:36:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\KMSAuto-Net win 10 aktivator.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.371.1208.0, AS: 1.371.1208.0, NIS: 1.371.1208.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3

Date: 2022-08-01 11:36:01
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\KMSAuto-Net win 10 aktivator.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.371.1208.0, AS: 1.371.1208.0, NIS: 1.371.1208.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3

CodeIntegrity:
===============
Date: 2022-08-18 11:25:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-17 17:27:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-24 12:13:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. P3.90 12/09/2019
Motherboard: ASRock B450M Pro4
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 41%
Total physical RAM: 16313.71 MB
Available physical RAM: 9544.52 MB
Total Virtual: 18745.71 MB
Available Virtual: 9246.62 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.87 GB) (Free:31.85 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: Patriot Burst) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: SAMSUNG HD642JJ) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:224.84 GB) (Free:67.95 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive h: () (Fixed) (Total:224.84 GB) (Free:14.61 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive i: () (Fixed) (Total:222.95 GB) (Free:2.85 GB) (Model: Patriot Burst) NTFS
Drive j: () (Fixed) (Total:146.38 GB) (Free:20.3 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive k: () (Fixed) (Total:247.82 GB) (Free:115.57 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
Drive l: () (Fixed) (Total:683.59 GB) (Free:237.23 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS

\\?\Volume{c4029046-716d-441f-a03d-cce2ceeeb070}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{c6b8d1f4-ded1-4088-bf7e-f6bafaa17d56}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{19c0c6cf-4c0d-97a3-0d37-e79c8c13d025}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{60e7a5ed-f4f6-7b96-b598-d4e1b1cb3654}\ () (Fixed) (Total:5.27 GB) (Free:0 GB) NTFS
\\?\Volume{7e630a01-0000-0000-0000-10c337000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{6ff619c6-97c5-4a7f-bd2f-8251e43ed227}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 7E630A01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=533 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: E274E274)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.7 GB) - (Type=0F Extended)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0775D37C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Viry nebo nějaká havěť

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [ASRockRuefi] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\MountPoints2: {dc6f74ba-7658-11ea-a65b-a8a159192c9e} - "M:\setup.exe"
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {6C04696D-0593-4FBD-9A7F-F5842FE6E23F} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification => C:\Program Files\PDF Architect 8\architect-launcher.exe --check-notifications (No File)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6098]
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [TCP Query User{D56936D4-1FD9-4590-BA26-F2F4416C32A5}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [UDP Query User{DE0DF6E2-40AE-4912-B825-B7621C54FEA0}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [TCP Query User{16CB7910-8372-4FA5-B5A7-0EBBE0A43FC3}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{521A084B-40C8-4B58-8C12-53F500198CC1}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{B9BF3CDA-B02D-439F-B07D-5D3F05AA1C7B}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [UDP Query User{86270292-CED8-4063-A839-B359E378F341}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [TCP Query User{C93EDD0D-A67F-41F0-895E-2D38640EBE4C}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{A95835B6-3EC1-4296-8418-29BB5940536B}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B0E926D1-3F01-4F88-A033-A002297F2EDA}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{10CEBC25-E2FF-48C7-BBB1-F58BCB1C34AB}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{377BB321-3F36-4713-858C-7692531D6C81}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9BC4738A-0940-4863-B160-763A41FE0E5D}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4FD04183-8EA6-4805-801E-5423483A8C55}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{F2020488-A592-44E6-9E22-8D6A528CC181}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{D32ECEE6-8A41-4DCD-9864-F7BBBE30FAB9}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [UDP Query User{C90BFC6A-0916-4EF5-A423-62FF55947D36}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [TCP Query User{03F4F24A-3A93-485A-BABD-9BBAD849A4EB}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{6FB3E471-C6A8-419D-80ED-51F669214912}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [TCP Query User{98B609C7-C84C-450D-BBBB-A2E1B54E100B}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{C32059FD-CA6D-4689-B7E9-C570998E41AB}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [{9BF9EFDA-5843-42BC-A7F1-E1C731CAF214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [{9C7A0D9B-68E2-4472-BCD5-4418278F3639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [{306650B1-0FF2-452E-82F0-EB30A53E9769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [{A8452111-F6DD-4957-8A50-6EECA5FE054E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [TCP Query User{0C42E4E6-CBCB-44FA-B54D-FD0EEAF43784}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [UDP Query User{71DCB3DB-65CE-4AD6-8808-FCC0FE20979C}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [{F25D676D-9CB4-4979-8516-FFA50E7624C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division 2\TheDivision2.exe => No File
FirewallRules: [TCP Query User{126F8DB2-9B37-4333-AC46-EFF8AF828831}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [UDP Query User{B72571F6-F157-4EF2-82FB-C907734020A5}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [TCP Query User{5CA21839-EB81-4030-BE6E-C0D764F54BDB}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [UDP Query User{C39DFB6A-90A8-45A7-9CA5-76C311D46992}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [{7BBFA194-32C6-4B66-947E-32B2E56C5349}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{485A89EA-FC27-46E1-A38F-2D5672E5C891}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{A978B67D-0222-4395-977E-8EB31E1AB2C7}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{CEA8D197-CE44-4DEC-B781-7EB7043A082E}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
C:\Users\micha\AppData\Local\Temp
G:\KMSAuto-Net win 10 aktivator.zip


EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Re: Viry nebo nějaká havěť

#9 Příspěvek od mikkie »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by micha (20-08-2022 20:14:29) Run:2
Running from C:\Users\micha\Desktop
Loaded Profiles: micha
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [ASRockRuefi] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\MountPoints2: {dc6f74ba-7658-11ea-a65b-a8a159192c9e} - "M:\setup.exe"
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {6C04696D-0593-4FBD-9A7F-F5842FE6E23F} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification => C:\Program Files\PDF Architect 8\architect-launcher.exe --check-notifications (No File)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6098]
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [TCP Query User{D56936D4-1FD9-4590-BA26-F2F4416C32A5}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [UDP Query User{DE0DF6E2-40AE-4912-B825-B7621C54FEA0}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [TCP Query User{16CB7910-8372-4FA5-B5A7-0EBBE0A43FC3}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{521A084B-40C8-4B58-8C12-53F500198CC1}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{B9BF3CDA-B02D-439F-B07D-5D3F05AA1C7B}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [UDP Query User{86270292-CED8-4063-A839-B359E378F341}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [TCP Query User{C93EDD0D-A67F-41F0-895E-2D38640EBE4C}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{A95835B6-3EC1-4296-8418-29BB5940536B}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B0E926D1-3F01-4F88-A033-A002297F2EDA}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{10CEBC25-E2FF-48C7-BBB1-F58BCB1C34AB}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{377BB321-3F36-4713-858C-7692531D6C81}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9BC4738A-0940-4863-B160-763A41FE0E5D}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4FD04183-8EA6-4805-801E-5423483A8C55}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{F2020488-A592-44E6-9E22-8D6A528CC181}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{D32ECEE6-8A41-4DCD-9864-F7BBBE30FAB9}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [UDP Query User{C90BFC6A-0916-4EF5-A423-62FF55947D36}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [TCP Query User{03F4F24A-3A93-485A-BABD-9BBAD849A4EB}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{6FB3E471-C6A8-419D-80ED-51F669214912}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [TCP Query User{98B609C7-C84C-450D-BBBB-A2E1B54E100B}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{C32059FD-CA6D-4689-B7E9-C570998E41AB}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [{9BF9EFDA-5843-42BC-A7F1-E1C731CAF214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [{9C7A0D9B-68E2-4472-BCD5-4418278F3639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [{306650B1-0FF2-452E-82F0-EB30A53E9769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [{A8452111-F6DD-4957-8A50-6EECA5FE054E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [TCP Query User{0C42E4E6-CBCB-44FA-B54D-FD0EEAF43784}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [UDP Query User{71DCB3DB-65CE-4AD6-8808-FCC0FE20979C}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [{F25D676D-9CB4-4979-8516-FFA50E7624C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division 2\TheDivision2.exe => No File
FirewallRules: [TCP Query User{126F8DB2-9B37-4333-AC46-EFF8AF828831}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [UDP Query User{B72571F6-F157-4EF2-82FB-C907734020A5}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [TCP Query User{5CA21839-EB81-4030-BE6E-C0D764F54BDB}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [UDP Query User{C39DFB6A-90A8-45A7-9CA5-76C311D46992}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [{7BBFA194-32C6-4B66-947E-32B2E56C5349}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{485A89EA-FC27-46E1-A38F-2D5672E5C891}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{A978B67D-0222-4395-977E-8EB31E1AB2C7}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{CEA8D197-CE44-4DEC-B781-7EB7043A082E}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
C:\Users\micha\AppData\Local\Temp
G:\KMSAuto-Net win 10 aktivator.zip


EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EPSDNMON" => removed successfully
"HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
"HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockRuefi" => removed successfully
"HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc6f74ba-7658-11ea-a65b-a8a159192c9e} => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C04696D-0593-4FBD-9A7F-F5842FE6E23F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C04696D-0593-4FBD-9A7F-F5842FE6E23F}" => removed successfully
C:\WINDOWS\System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pdfforge GmbH\PDF Architect 8\App Notification" => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D56936D4-1FD9-4590-BA26-F2F4416C32A5}C:\games\wobbly life v0.2.0\wobbly life.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DE0DF6E2-40AE-4912-B825-B7621C54FEA0}C:\games\wobbly life v0.2.0\wobbly life.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{16CB7910-8372-4FA5-B5A7-0EBBE0A43FC3}C:\wobbly.life.v0.6.6\wobbly life.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{521A084B-40C8-4B58-8C12-53F500198CC1}C:\wobbly.life.v0.6.6\wobbly life.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B9BF3CDA-B02D-439F-B07D-5D3F05AA1C7B}C:\hry\superliminal\superliminal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{86270292-CED8-4063-A839-B359E378F341}C:\hry\superliminal\superliminal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C93EDD0D-A67F-41F0-895E-2D38640EBE4C}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A95835B6-3EC1-4296-8418-29BB5940536B}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B0E926D1-3F01-4F88-A033-A002297F2EDA}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{10CEBC25-E2FF-48C7-BBB1-F58BCB1C34AB}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{377BB321-3F36-4713-858C-7692531D6C81}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9BC4738A-0940-4863-B160-763A41FE0E5D}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4FD04183-8EA6-4805-801E-5423483A8C55}C:\games\wobbly.life.v0.6.6\wobbly life.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F2020488-A592-44E6-9E22-8D6A528CC181}C:\games\wobbly.life.v0.6.6\wobbly life.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D32ECEE6-8A41-4DCD-9864-F7BBBE30FAB9}C:\games\i am fish\iamfish.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C90BFC6A-0916-4EF5-A423-62FF55947D36}C:\games\i am fish\iamfish.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{03F4F24A-3A93-485A-BABD-9BBAD849A4EB}L:\downloads\house.builder\house builder\housebuilder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6FB3E471-C6A8-419D-80ED-51F669214912}L:\downloads\house.builder\house builder\housebuilder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{98B609C7-C84C-450D-BBBB-A2E1B54E100B}C:\games\house builder\housebuilder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C32059FD-CA6D-4689-B7E9-C570998E41AB}C:\games\house builder\housebuilder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BF9EFDA-5843-42BC-A7F1-E1C731CAF214}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C7A0D9B-68E2-4472-BCD5-4418278F3639}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{306650B1-0FF2-452E-82F0-EB30A53E9769}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A8452111-F6DD-4957-8A50-6EECA5FE054E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0C42E4E6-CBCB-44FA-B54D-FD0EEAF43784}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{71DCB3DB-65CE-4AD6-8808-FCC0FE20979C}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F25D676D-9CB4-4979-8516-FFA50E7624C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{126F8DB2-9B37-4333-AC46-EFF8AF828831}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B72571F6-F157-4EF2-82FB-C907734020A5}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5CA21839-EB81-4030-BE6E-C0D764F54BDB}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C39DFB6A-90A8-45A7-9CA5-76C311D46992}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BBFA194-32C6-4B66-947E-32B2E56C5349}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{485A89EA-FC27-46E1-A38F-2D5672E5C891}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A978B67D-0222-4395-977E-8EB31E1AB2C7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CEA8D197-CE44-4DEC-B781-7EB7043A082E}" => removed successfully
C:\Users\micha\AppData\Local\Temp => moved successfully
"G:\KMSAuto-Net win 10 aktivator.zip" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 416904168 B
Java, Discord, Steam htmlcache => 669762200 B
Windows/system/drivers => 323026026 B
Edge => 0 B
Chrome => 1548331631 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 181412 B
NetworkService => 401416 B
micha => 165788422 B

RecycleBin => 43286121 B
EmptyTemp: => 3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:16:21 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Viry nebo nějaká havěť

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Re: Viry nebo nějaká havěť

#11 Příspěvek od mikkie »

Omlouvám se za pozdní reakci.. Zatím se vše tváří v pořádku.

Musel jsem ale ručně přidat ctfmon.exe do Po spuštění, jinak mi nefungovalo zadávat nic do polí s vyhledáváním
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Viry nebo nějaká havěť

#12 Příspěvek od Rudy »

Aha. Asi se vloudila nějaká chybička. Úmyslně smazán nebyl.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“