Viry nebo nějaká havěť
Napsal: 20 srp 2022 16:49
Dobrý den,
po delší době bych opět požádal o pomoc. Windows mi občas hlásí nějaké trojany,pc se mi zdá pomalejší a taky nám v týdnu google zmenil hesla na účtech, že se jich někdo zmocnil. Nejspíš z mého PC, na kterém si malý natahal nějaké hry.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Ran by micha (administrator) on DESKTOP-AUSGJMO (20-08-2022 17:46:01)
Running from C:\Users\micha\Desktop
Loaded Profiles: micha
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1889 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AudioDeviceService.exe ->) (Solid State System) [File not signed] C:\Program Files (x86)\XGAMER Audio 7.1\XGAMER Audio 7.1.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(Discord Inc. -> Discord Inc.) C:\Users\micha\AppData\Local\Discord\app-1.0.9006\Discord.exe <6>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Gaijin Network LTD -> Gaijin) C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(explorer.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2204.1001.3.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SSS) [File not signed] C:\Windows\System32\AudioDeviceService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(TODO: <Company name>) [File not signed] C:\Program Files\CZC G GK1000\CZC G GK1000.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [XGAMER Audio 7.1] => C:\Program Files (x86)\XGAMER Audio 7.1\XGAMER Audio 7.1.exe [10700800 2020-09-09] (Solid State System) [File not signed]
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4230544 2022-07-26] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14074968 2022-06-01] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-08-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [ASRockRuefi] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Gaijin.Net Updater] => C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-05-19] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\MountPoints2: {dc6f74ba-7658-11ea-a65b-a8a159192c9e} - "M:\setup.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Print\Monitors\EPSON L3050 Series 64MonitorBE: C:\Windows\system32\E_YLMBR4E.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-08-02] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.101\Installer\chrmstp.exe [2022-08-20] (Google LLC -> Google LLC)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2022-04-25]
ShortcutTarget: ctfmon.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook.lnk [2021-08-29]
ShortcutTarget: Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B04C152-E85A-47E7-A7B9-A07E445514BE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2237D69A-2074-4A62-BD65-D0397D543BE3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
Task: {2B11136C-2A2C-46D2-928E-BEA0C92DEE68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2EEE66E0-7CED-46DD-87ED-59E25F8511C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {326E497E-5B57-42D8-962F-ADD56552B9AF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3606811E-3920-4A77-8FE1-122ED5C05A4B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51383AA9-AC00-46FC-87B7-164ED2C6F61F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {598E3111-590D-4056-A471-9012AE631505} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23704512 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C5545AF-6213-4FBB-BD7A-D8229AA843DB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23704512 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6466E8C8-CA9E-4FA9-BEBA-AECBC73815F0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {65E6A67E-AB5F-4563-BE09-076B53B2CFD8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C04696D-0593-4FBD-9A7F-F5842FE6E23F} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification => C:\Program Files\PDF Architect 8\architect-launcher.exe --check-notifications (No File)
Task: {707C570A-0EB7-4B4A-8B9B-A32D5526C27D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7713BCDA-595B-4A8F-957E-1542051A49E1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8305B063-CDE9-44E2-B4F9-FC12F96FFB92} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8517064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {886E39CD-6745-458C-BA28-C1EB3D6D8BD9} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
Task: {8BE3C38C-7B6C-4982-B310-CB99A06DCC90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C3A87CD-95E3-42EA-ABAC-8913F90B3745} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
Task: {9CAD41DD-D5CE-483E-A0B0-0138A5619E5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA519617-1BD0-43F4-9FB5-EB14DD5770FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BEC7A5BE-5C84-4FA0-8AD4-9D380388982E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CF7994EF-AFCF-44A9-B300-0599897DA049} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8517064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFC3D011-7CDD-4596-8345-82DBA9B7DDC0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAA7E106-BA9E-4FBF-B4BD-2C1A2F5DBF38} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD27484B-050C-4461-81AB-86793286D3ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-4261871939-3680644312-2290833728-1001] => 182.71.146.148:8080
Tcpip\..\Interfaces\{a50b097d-b2f0-400f-88af-6fcafcb09065}: [NameServer] 31.192.72.13,10.0.0.1
Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-20]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2022-08-20]
CHR Notifications: Default -> hxxps://app.smartsupp.com; hxxps://business.facebook.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-20]
CHR Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2020-04-04]
CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2022-08-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-20]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-08-13]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com
CHR HomePage: Profile 1 -> hxxp://www.google.cz/
CHR StartupUrls: Profile 1 -> ""
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
CHR Extension: (Entanglement Web App) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aciahcmjmecflokailenpkdchphgkefd [2021-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29]
CHR Extension: (Eiffel Tower) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppbaibkigenhdcommebegmmmpoolmpip [2021-10-29]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134664 2022-02-24] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AudioDeviceService; C:\Windows\system32\AudioDeviceService.exe [2730496 2020-09-09] (SSS) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-04-26] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4507328 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9114208 2022-08-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-04] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2275928 2022-06-01] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-27] (GOG Sp. z o.o. -> GOG.com)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2458576 2022-07-25] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2020-04-10] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104; C:\WINDOWS\SysWOW64\Drivers\AsrDrv104.sys [34536 2021-12-26] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2020-04-09] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R3 MpKsl4f865b11; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A93862DF-BCA6-4E08-8A30-5AC0C6ED46C9}\MpKslDrv.sys [141576 2022-08-20] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 UAExt; C:\WINDOWS\System32\DRIVERS\UAExt.sys [135264 2020-09-09] (Solid State System Co., Ltd -> Solid State System.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-20 17:46 - 2022-08-20 17:46 - 000028845 _____ C:\Users\micha\Desktop\FRST.txt
2022-08-20 17:45 - 2022-08-20 17:45 - 002371072 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2022-08-17 20:09 - 2022-08-17 20:09 - 001730357 _____ C:\Users\micha\Desktop\Slavonac N.pdf
2022-08-17 20:07 - 2022-08-17 20:07 - 000072423 _____ C:\Users\micha\Desktop\b613a17caa9209-slavonac-n-dop.pdf
2022-08-17 15:28 - 2022-08-17 15:28 - 000001260 _____ C:\Users\micha\Desktop\Cult Of The Lamb.lnk
2022-08-17 15:28 - 2022-08-17 15:28 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Massive Monster
2022-08-17 15:27 - 2022-08-17 15:27 - 000159806 _____ C:\Users\micha\Desktop\Valíček, Lidická 54, Hodonín.pdf
2022-08-15 08:48 - 2022-08-15 08:48 - 007493882 _____ C:\Users\micha\Desktop\CIKO.pdf
2022-08-13 10:07 - 2022-08-13 10:07 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-13 10:07 - 2022-08-13 10:07 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-13 10:07 - 2022-08-13 10:07 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-13 10:07 - 2022-08-13 10:07 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-13 10:06 - 2022-08-13 10:06 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-13 10:06 - 2022-08-13 10:06 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-13 10:06 - 2022-08-13 10:06 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-13 10:06 - 2022-08-13 10:06 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-13 10:02 - 2022-08-13 10:02 - 000000000 ___HD C:\$WinREAgent
2022-08-05 17:37 - 2022-08-05 17:37 - 000000000 ____D C:\Users\micha\AppData\Local\MultiVersus
2022-08-05 17:36 - 2022-08-05 17:37 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2022-08-05 17:30 - 2022-08-05 17:30 - 000000354 _____ C:\Users\micha\Desktop\MultiVersus.url
2022-08-03 08:42 - 2022-08-03 08:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\pdfforge GmbH
2022-08-03 08:42 - 2022-08-03 08:42 - 000000000 ____D C:\ProgramData\PDF Architect 8
2022-08-02 18:26 - 2022-08-02 18:26 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-08-02 18:26 - 2022-08-02 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2022-07-26 20:44 - 2022-07-26 20:44 - 000000000 ____D C:\Program Files\Google
2022-07-21 18:53 - 2022-07-21 18:53 - 000000000 ____D C:\Users\micha\AppData\Local\ToiletChronicles
2022-07-21 18:52 - 2022-07-21 18:52 - 000000223 _____ C:\Users\micha\Desktop\Toilet Chronicles.url
2022-07-21 18:43 - 2022-06-24 05:05 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001472552 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-07-21 18:31 - 2022-06-24 19:20 - 000866344 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-07-21 18:31 - 2022-06-24 19:20 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 001537072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 000771576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 000715304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-07-21 18:31 - 2022-06-24 19:18 - 010270272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 008804416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 003067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 001608232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 001059880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 000845296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 000456200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-07-21 18:31 - 2022-06-24 19:17 - 005734408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-07-21 18:31 - 2022-06-24 19:17 - 005363264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-07-21 18:31 - 2022-06-24 19:17 - 000853568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-07-21 18:31 - 2022-06-24 05:05 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-07-21 18:00 - 2022-07-21 18:00 - 000161771 _____ C:\Users\micha\Desktop\#2022-92 B Lukáš Mačalík, Bohuslavice 4211, Kyjov.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-20 17:46 - 2021-10-21 18:11 - 000000000 ____D C:\FRST
2022-08-20 17:44 - 2020-04-04 10:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-20 17:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-20 17:36 - 2020-04-04 10:18 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-20 17:28 - 2020-12-15 22:23 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2022-08-20 17:27 - 2020-12-15 22:23 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2022-08-20 15:32 - 2020-04-04 11:17 - 000000000 ____D C:\Users\micha\AppData\Local\ClassicShell
2022-08-20 15:12 - 2020-04-04 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-20 11:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-20 11:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-20 10:45 - 2020-04-04 10:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-20 10:27 - 2021-12-21 18:07 - 000002321 _____ C:\Users\micha\Desktop\CurseForge.lnk
2022-08-20 10:27 - 2021-12-21 18:06 - 000000000 ____D C:\Users\micha\AppData\Local\Overwolf
2022-08-20 10:27 - 2021-02-01 19:26 - 000000000 ____D C:\Users\micha
2022-08-19 21:18 - 2020-04-06 16:34 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-19 11:29 - 2022-04-28 13:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-08-19 11:29 - 2021-02-01 19:26 - 000002381 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-19 08:51 - 2021-12-21 18:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-08-16 16:03 - 2021-08-06 17:29 - 000000000 ____D C:\Users\micha\AppData\Roaming\.minecraft
2022-08-15 10:11 - 2020-04-04 10:07 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2022-08-14 21:03 - 2020-04-04 11:02 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2022-08-14 21:01 - 2022-03-27 11:13 - 000000000 ____D C:\Users\micha\AppData\LocalLow\webviewdata
2022-08-14 11:31 - 2021-02-01 19:31 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-14 11:31 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-08-14 11:31 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-08-14 11:31 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-14 11:24 - 2021-02-01 19:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-14 11:24 - 2021-02-01 19:25 - 000545544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-14 11:24 - 2021-02-01 19:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-13 20:36 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-08-13 20:36 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-13 20:36 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-13 10:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-13 10:06 - 2021-02-01 19:29 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-13 10:03 - 2022-04-22 19:20 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-08-13 10:02 - 2020-04-04 23:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-13 10:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-13 10:00 - 2020-06-06 22:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-13 10:00 - 2020-04-04 23:43 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-12 10:31 - 2020-05-31 21:10 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2022-08-10 21:37 - 2022-07-18 13:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-08-10 21:37 - 2022-04-13 14:38 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-08-10 21:37 - 2022-03-28 14:22 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-05 17:37 - 2021-10-25 20:19 - 000000000 ____D C:\Users\micha\AppData\Roaming\EasyAntiCheat
2022-08-02 18:26 - 2021-10-27 10:36 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2022-08-02 18:26 - 2021-10-27 10:36 - 000000000 ____D C:\Program Files\PDFCreator
2022-08-02 07:24 - 2021-02-01 19:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-01 11:54 - 2020-04-04 10:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2022-08-01 11:38 - 2020-06-29 14:32 - 000000000 ____D C:\Blossom Beauty
2022-07-30 14:52 - 2022-03-20 21:30 - 000000000 ____D C:\ProgramData\Autodesk
2022-07-27 09:13 - 2022-04-22 19:21 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-27 09:13 - 2022-04-22 19:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f8bfdbe63d84
2022-07-26 20:52 - 2021-12-20 12:27 - 000000000 ____D C:\Users\micha\AppData\Local\Ubisoft Game Launcher
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\ProgramData\Rockstar Games
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\Program Files\Rockstar Games
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2022-07-21 18:53 - 2021-10-07 16:40 - 000000000 ____D C:\Users\micha\AppData\Local\UnrealEngine
2022-07-21 18:45 - 2020-04-04 11:03 - 000000000 ____D C:\Users\micha\AppData\Local\NVIDIA
==================== Files in the root of some directories ========
2020-07-29 20:21 - 2020-07-29 20:21 - 000056320 _____ (SSS) C:\ProgramData\FinalDeleteFile.exe
2022-04-27 11:50 - 2022-04-27 11:50 - 000007342 _____ () C:\Users\micha\AppData\Local\2573084692
2020-09-27 21:17 - 2020-09-27 21:17 - 000016438 _____ () C:\Users\micha\AppData\Local\partner.bmp
2021-01-10 20:43 - 2021-02-08 19:36 - 000007602 _____ () C:\Users\micha\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by micha (20-08-2022 17:46:51)
Running from C:\Users\micha\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1889 (X64) (2021-02-01 17:30:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4261871939-3680644312-2290833728-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4261871939-3680644312-2290833728-503 - Limited - Disabled)
Guest (S-1-5-21-4261871939-3680644312-2290833728-501 - Limited - Disabled)
micha (S-1-5-21-4261871939-3680644312-2290833728-1001 - Administrator - Enabled) => C:\Users\micha
micha_p24az47 (S-1-5-21-4261871939-3680644312-2290833728-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4261871939-3680644312-2290833728-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASRock Restart to UEFI v1.0.9 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.9 - ASRock Inc.)
A-Tuning v3.0.215 (HKLM-x32\...\A-Tuning_is1) (Version: 3.0.215 - ASRock Inc.)
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Epic (HKLM\...\{B51E6DE5-9A25-47E6-9806-24B4C62D42A6}) (Version: 1.3.1.0 - Manticore Games)
Core Epic Installer (HKLM-x32\...\{531451dd-91d4-4b27-a171-1b9c7f325969}) (Version: 1.3.0.0 - Manticore Games) Hidden
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
Crossout Launcher 1.0.3.144 (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\CrossOutLauncher_is1) (Version: - )
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 1.2.4 - GOG.com)
Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - )
CurseForge (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.205.1.5800 - Overwolf app)
CZC G GK1000 (HKLM-x32\...\CZC G GK1000) (Version: V1.01n - CZC G GK900)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1184 - Disc Soft Ltd)
DCS World OpenBeta (HKLM\...\DCS World OpenBeta_is1) (Version: 2.5 - Eagle Dynamics)
Discord (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.243.5241 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{daaa5ef5-cad5-4ad1-b550-6f3388e65fe0}) (Version: 12.0.243.5241 - Electronic Arts)
Empires of the Undergrowth (HKLM-x32\...\1850642020_is1) (Version: 0.2324 - GOG.com)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{AA6AE72A-371E-4454-9066-3D02BB4BC4E9}) (Version: 3.3.1.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FileZilla Client 3.47.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.47.2.1 - Tim Kosse)
Floating Sandbox 1.16.7.1 (HKLM\...\{E0EFB81F-319E-4AB2-80D9-38374D454C01}) (Version: 1.16.7.1 - Gabriele Giuseppini)
Gas Station Simulator (HKLM-x32\...\Gas Station Simulator_is1) (Version: - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.101 - Google LLC)
I Am Fish (HKLM-x32\...\I Am Fish_is1) (Version: - )
i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC)
Java(TM) SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
Kindergarten 2 v1.23 (HKLM-x32\...\tuttop.com Kindergarten 2 v1.23_is1) (Version: 1.23 - tuttop.com)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.15601.20044 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.15601.20044 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\OneDriveSetup.exe) (Version: 22.166.0807.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
Newgrounds Player (HKLM-x32\...\{B9735123-2823-49F8-8264-372895D39702}) (Version: 1.0.0 - Newgrounds)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.59 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.204.0.1 - Overwolf Ltd.)
PDFCreator (HKLM\...\{53B07CBF-8CF1-4398-AD9C-1EDCC62E9B57}) (Version: 4.4.3 - pdfforge GmbH)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk)
ProFact 5 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version: - )
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.6.589 - Jan Fiala)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.61.899 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
Snowtopia Demo (HKLM-x32\...\1103034679_is1) (Version: 0.9.31.gog - GOG.com)
Snowtopia: Ski Resort Tycoon (HKLM-x32\...\1179524912_is1) (Version: 0.14.27 - GOG.com)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Spotify (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superliminal (HKLM-x32\...\Superliminal_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 128.0.10632 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{1729B0A9-0490-418B-A565-89B4D5BC8F2D}) (Version: 1.2.0.0 - Epic Games, Inc.) Hidden
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: 1.0.0.1 - Electronic Arts, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
XGAMER Audio 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 3.21.2018.104 - SADES)
Packages:
=========
ASTRONEER -> C:\Program Files\WindowsApps\SystemEraSoftworks.29415440E1269_1.25.152.0_x64__ftk5pbg2rayv2 [2022-08-20] (System Era Softworks)
Besiege -> C:\Program Files\WindowsApps\SpiderlingStudios.5821136CAA5A2_0.9.13.0_x64__a408ere9ra7h8 [2022-06-10] (Spiderling Studios Limited)
Best of Wallpapers 2019 Exclusive -> C:\Program Files\WindowsApps\Microsoft.BestofWallpapers2019Exclusive_2.0.0.0_neutral__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation)
Bug Fables: The Everlasting Sapling -> C:\Program Files\WindowsApps\DANGENEntertainment.BugFables_1.0.0.0_x64__zfxw8h9xxzgzt [2022-06-30] (DANGEN Entertainment)
Donut County -> C:\Program Files\WindowsApps\AnnapurnaInteractive.DonutCounty_1.0.3.0_x64__c96c51jf6wkvm [2022-05-04] (Annapurna Interactive)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-19] (Microsoft Corporation)
FAR: Changing Tides Windows Edition -> C:\Program Files\WindowsApps\FrontierDevelopmentsPlc.FARChangingTidesWindowsEdi_1.2.2.0_x64__ft442cafaz8hg [2022-05-15] (Frontier Developments Plc)
Forager -> C:\Program Files\WindowsApps\HumbleBundle.ForagerWin10_1.0.1.2_x64__q2mcdwmzx4qja [2022-02-25] (Humble Bundle)
Gang Beasts -> C:\Program Files\WindowsApps\DoubleFineProductionsInc.GangBeasts_1.0.41.0_x64__s9zt93y1rpe5a [2022-02-25] (Double Fine Productions, Inc.)
Goat Simulator Windows 10 -> C:\Program Files\WindowsApps\DoubleElevenLimited.GoatSimulatorWindows10_1.8.3.2_x64__0hbmw099njyxm [2022-05-17] (Double Eleven Limited)
Gorogoa -> C:\Program Files\WindowsApps\AnnapurnaInteractive.Gorogoa_1.0.7.0_x64__c96c51jf6wkvm [2022-06-19] (Annapurna Interactive)
Human Fall Flat -> C:\Program Files\WindowsApps\CurveDigital.HumanFallFlat_1.6.18.0_x64__1ezqdnbhnc70m [2022-05-17] (Curve Digital)
Kill It With Fire -> C:\Program Files\WindowsApps\tinyBuildGames.KillItWithFire_1.5.36.0_x64__3sz1pp2ynv2xe [2022-02-25] (tinyBuild Games)
Lonely Mountains: Downhill -> C:\Program Files\WindowsApps\Thunderful.LonelyMontainsDownhill_1.4.6.0_x64__8j53pwgd019sy [2022-07-21] (Thunderful Publishing AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-06-28] (Microsoft Corporation)
Minecraft Dungeons -> C:\Program Files\WindowsApps\Microsoft.Lovika_1.15.1.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Studios)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.5.0_x64__8wekyb3d8bbwe [2022-06-12] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.21.0_x64__8wekyb3d8bbwe [2022-08-11] (Microsoft Studios)
Moonglow Bay -> C:\Program Files\WindowsApps\CoatsinkSoftware.MoonglowBay_1.0.24.0_x64__kpgqqsxtm9288 [2022-05-17] (Coatsink Software)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-07-21] (NVIDIA Corp.)
PAW Patrol Mighty Pups Save Adventure Bay -> C:\Program Files\WindowsApps\OutrightGames.628923E2C82A7_1.0.3.0_x64__bnrbc155f0j86 [2022-05-11] (Outright Games Ltd)
Pikuniku Win10 -> C:\Program Files\WindowsApps\DevolverDigital.PikunikuWin10_1.0.3.0_x86__6kzv4j18v0c96 [2022-05-17] (Devolver Digital)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.540.501.0_x86__55nm5eh3cm0pr [2022-08-19] (ROBLOX Corporation)
SkateBIRD -> C:\Program Files\WindowsApps\GlassBottomGames.SkateBIRD_1.7.2.0_x64__vvwbg9g51kf46 [2022-06-29] (Glass Bottom Games)
Totally Accurate Battle Simulator -> C:\Program Files\WindowsApps\LandfallGames.TotallyAccurateBattleSimulator_1.0.4977.0_x64__r2vq7k2y0v9ct [2022-04-27] (Landfall Games)
Townscaper -> C:\Program Files\WindowsApps\RawFury.Townscaper_1.1.6.0_x64__9s0pnehqffj7t [2022-03-14] (Raw Fury)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> L:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> L:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> L:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2021-11-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\nvshext.dll [2022-06-24] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4261871939-3680644312-2290833728-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\micha\Desktop\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\micha\Desktop\Terezka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2018-10-26 10:07 - 2018-10-26 10:07 - 000204800 _____ () [File not signed] C:\Program Files\CZC G GK1000\bin\GK\SonixHidDll.dll
2018-10-26 10:07 - 2018-10-26 10:07 - 000204800 _____ () [File not signed] C:\Program Files\CZC G GK1000\bin\GM\SonixHidDll.dll
2021-04-18 17:23 - 2014-11-02 19:45 - 000029184 _____ () [File not signed] C:\Program Files\PSPad editor\pspshellx64.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2020-04-26 11:02 - 2020-04-26 11:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-26 11:02 - 2020-04-26 11:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-10-27 10:36 - 2022-08-02 18:26 - 000181248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2020-09-09 13:36 - 2017-11-03 11:44 - 000232960 ____N (Solid State System) [File not signed] C:\Program Files (x86)\XGAMER Audio 7.1\DLL3S_UsbAudio16xx_x32.dll
2019-02-14 08:40 - 2019-02-14 08:40 - 001660416 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\css.dll
2019-02-14 08:46 - 2019-02-14 08:46 - 002033152 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\cwt.dll
2019-02-14 08:49 - 2019-02-14 08:49 - 001659904 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\messageprompter.dll
2019-02-14 08:38 - 2019-02-14 08:38 - 001648640 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\messageprovider.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001655808 _____ (SONiX Technology Co., Ltd.) [File not signed] C:\Program Files\CZC G GK1000\Bin\Plugin.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001651200 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\dialoginvoker.dll
2019-02-14 08:28 - 2019-02-14 08:28 - 001633792 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gamingforceledsyncer.dll
2019-02-14 08:51 - 2019-02-14 08:51 - 001665024 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gamingforcemain.dll
2019-02-14 08:52 - 2019-02-14 08:52 - 001656832 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardmacro.dll
2019-02-14 08:38 - 2019-02-14 08:38 - 002036224 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardmain.dll
2019-02-14 08:46 - 2019-02-14 08:46 - 002195968 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardpersister.dll
2019-02-14 08:30 - 2019-02-14 08:30 - 001723904 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardprofile.dll
2019-02-14 08:51 - 2019-02-14 08:51 - 001652736 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardskin.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001680384 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardwriter.dll
2019-02-14 08:24 - 2019-02-14 08:24 - 001656320 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousemacro.dll
2019-02-14 08:27 - 2019-02-14 08:27 - 001936384 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousemain.dll
2019-02-14 08:27 - 2019-02-14 08:27 - 002195456 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousepersister.dll
2019-02-14 08:25 - 2019-02-14 08:25 - 001701888 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmouseprofile.dll
2019-02-14 08:15 - 2019-02-14 08:15 - 001664000 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmouseskin.dll
2019-02-14 08:15 - 2019-02-14 08:15 - 001656832 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousewriter.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6098]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-07-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Control Panel\Desktop\\Wallpaper -> c:\users\micha\desktop\foceni - vanoce 2019\dsc_9982.jpg
DNS Servers: 31.192.72.13 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Trust GXT 354 Headset"
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\StartupApproved\Run: => "Spotify"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{29458DEB-89BE-4F55-B362-0A79FF315AC2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{D73F25B8-73D8-4612-9013-00AFC67C6490}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{C535DEAE-95B1-4EC1-9AE3-90F16FB847B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [{D00CE7CD-302D-4FC5-9DBD-BF6946EB2BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [UDP Query User{F873DD99-DACE-47FB-ACB7-FAF5D2D438EF}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [TCP Query User{A54F25F0-65EF-41E6-9DB2-01F8F95FD1E9}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [UDP Query User{446488F3-6A65-4A40-84ED-6D7DD85BC5F2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{0A1E29E9-17F5-49FA-831C-74E987176127}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{54446129-352F-4716-A57E-817CFBE15A09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45E25852-2436-49B6-8730-460ABC3C1F32}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{864198A2-5A02-402B-BFBE-2A6092CE7CBA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{89CCDD86-5ABB-49F9-ADA2-3AA16A9C0DFA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D790B858-A34F-48F3-BAB6-30E18C8B86A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{E45CB1FF-8765-4764-B6E5-03B0CFB43CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [UDP Query User{11C83DD6-66C1-4B2A-95B9-F5595BAAE73F}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{36435545-4B21-4506-82B2-85572F619B25}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DBF5FAC2-3ED8-4AB7-A39F-2F9A785F9F5A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{975D2953-97C3-42CD-98A5-83734BE1D7B2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E1397ADB-175E-4CD9-B12F-39A92FBF12B3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3114659E-1964-4B01-88CD-D008340CB6FA}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{0356A693-A394-4772-B76B-BF4C327CF3EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8E292D98-5399-4BC6-8E9D-0B1CB269BB82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0586D70B-5F9B-4AE4-905B-6D8A0EB68614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6C369FD2-5CA0-46A5-AE4C-89BC129BAD00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{04EE9578-4475-4C45-8938-31CFCAC72E37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1422F21A-0FE6-4E04-8608-E0AB2E1E74A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{59EC471F-33CD-4B0E-8E0A-29665C636ADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{B908D25C-2BCF-4188-BD0F-E397AC0F6BEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{0A77FFB5-C2E5-4D61-B0A6-F50C26917801}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DDF4574-0231-4AB2-8264-9943794F7292}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EDB90044-B689-459D-A928-70A8E53D2179}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{10816914-AC23-4957-AFA6-FF812C9B1605}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{D941A9B7-F0DD-4690-9B9E-BA858CBD8690}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [UDP Query User{E3FF217D-D5A2-4FBB-9AA2-46E08FD69504}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [TCP Query User{D56936D4-1FD9-4590-BA26-F2F4416C32A5}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [UDP Query User{DE0DF6E2-40AE-4912-B825-B7621C54FEA0}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [TCP Query User{37E4D05E-2ADF-410A-B96A-4FE1603EB75E}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{41A171F7-2F8E-4D4F-95D8-B31FB070B856}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [TCP Query User{16CB7910-8372-4FA5-B5A7-0EBBE0A43FC3}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{521A084B-40C8-4B58-8C12-53F500198CC1}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{B9BF3CDA-B02D-439F-B07D-5D3F05AA1C7B}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [UDP Query User{86270292-CED8-4063-A839-B359E378F341}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [TCP Query User{C93EDD0D-A67F-41F0-895E-2D38640EBE4C}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{A95835B6-3EC1-4296-8418-29BB5940536B}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B0E926D1-3F01-4F88-A033-A002297F2EDA}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{10CEBC25-E2FF-48C7-BBB1-F58BCB1C34AB}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [{D7CD4EE0-8A58-464F-ACCA-A17B2148C55D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{B11CE916-FDDE-436A-B8EF-79A0AF4B214D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [TCP Query User{377BB321-3F36-4713-858C-7692531D6C81}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9BC4738A-0940-4863-B160-763A41FE0E5D}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4FD04183-8EA6-4805-801E-5423483A8C55}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{F2020488-A592-44E6-9E22-8D6A528CC181}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{D32ECEE6-8A41-4DCD-9864-F7BBBE30FAB9}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [UDP Query User{C90BFC6A-0916-4EF5-A423-62FF55947D36}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [TCP Query User{03F4F24A-3A93-485A-BABD-9BBAD849A4EB}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{6FB3E471-C6A8-419D-80ED-51F669214912}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [TCP Query User{98B609C7-C84C-450D-BBBB-A2E1B54E100B}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{C32059FD-CA6D-4689-B7E9-C570998E41AB}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [{9BF9EFDA-5843-42BC-A7F1-E1C731CAF214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [{9C7A0D9B-68E2-4472-BCD5-4418278F3639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [TCP Query User{C55AC7D3-0136-4931-8E8E-F9483277C5DA}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [UDP Query User{816377DE-18B1-4961-BDD4-D474969DCFA6}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [{306650B1-0FF2-452E-82F0-EB30A53E9769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [{A8452111-F6DD-4957-8A50-6EECA5FE054E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [TCP Query User{F00BAB0A-4A0E-420B-90BC-3CC38FF11BDE}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{0130D317-847E-4D30-B195-B52A0FD1AC39}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{5EB038E2-3D18-44B7-8E96-890B39F3E827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{68A4ADEA-1C84-4789-A697-CB2D3B816771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{63C9287E-1DB2-4C68-A526-9F5430BF0933}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0F9461A-4F94-4807-BFCD-938B81CD83D9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{45ED595B-3318-4527-A16E-AE92F97115E2}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{F9D771D3-D794-453C-A170-D06223863C87}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [{9561CBB4-7CD3-4A3F-BD3B-6578D946570C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{72ECBBE5-8F9F-4A97-A7BF-C49729ADFABF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{0C42E4E6-CBCB-44FA-B54D-FD0EEAF43784}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [UDP Query User{71DCB3DB-65CE-4AD6-8808-FCC0FE20979C}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [TCP Query User{BCC952E8-88D5-462B-A31F-88AAAA2CD4C9}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [UDP Query User{5F02E16D-3283-4B5A-A892-B478B3808213}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [TCP Query User{70860165-FC28-4A9A-9549-72643AF82E96}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [UDP Query User{06F8E3AC-4E9E-4F99-BC5F-B91E1909A464}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [{D7E833B6-8C9E-4F53-ADCC-237CC74140B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{92558988-B934-43A7-8992-25F6DB7CD255}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{F25D676D-9CB4-4979-8516-FFA50E7624C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division 2\TheDivision2.exe => No File
FirewallRules: [TCP Query User{0E856306-59C5-43ED-BBAB-5A6C6358A2EC}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [UDP Query User{7605C579-E973-4947-92C4-BE006BC64FF1}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [{B2DA71DE-1615-440A-BEB4-9A465F176CF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{3930353B-5ACC-46D7-BFB3-5ABDF047A43B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{01DF4354-EA13-4B39-A5E2-D851CA21DEAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{83AC1B05-9D39-4B0B-9721-60909619376E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [TCP Query User{7D120729-8247-46E1-A96C-2897BE827323}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [UDP Query User{55274E68-151E-453B-BF06-F07E61CCE6E0}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [{D5E9125B-F4C3-4BE3-9C39-4327635141A9}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1DBD88C5-F55B-403D-9D47-7509BA2B3F50}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{82293978-6754-445C-9C19-4517C53B2CBE}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [UDP Query User{6D4F340F-CC84-441A-8F08-7F597798B806}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [{FB08CC40-5BB2-4929-AE72-E844CAA9BC4C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{73AFC565-A221-4AF4-8B01-BF38A7E3AAFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{3E1A716A-73A8-4971-82E0-3292C49B152E}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [UDP Query User{6C09B28E-8BF2-419B-8B46-19F6B2DAAC55}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [{887E5316-A9BD-460F-B213-61A3DD57E396}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{6AA2F05C-B390-46DC-9D2A-3AB006261BE6}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{A4F2B005-89AB-41F1-8F41-F596CDCADBC8}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{1AC4CB70-2406-4DC8-BB08-9AFFDE94FC12}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{68C1325C-7C3E-47E7-8B2E-A83D571D67FA}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe () [File not signed]
FirewallRules: [{4C2AA51F-46E3-4489-B00C-2D5B089EEE79}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe () [File not signed]
FirewallRules: [TCP Query User{126F8DB2-9B37-4333-AC46-EFF8AF828831}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [UDP Query User{B72571F6-F157-4EF2-82FB-C907734020A5}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [TCP Query User{F1BE06E4-5622-4761-B9FA-496F3C93E3EA}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{31CDE955-BC24-491A-89D0-0BD4AC1B4B34}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{ED21F7B5-C7C6-4DE2-8131-044A5F38C7AE}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [{35553D72-31B7-4640-8FD1-E4E099F2862C}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [TCP Query User{CBA75151-CD05-4556-A4C2-47B3C4034E44}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{C012ED2B-A45E-4B0F-91F3-11B38F8D9C6B}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{B20ED7C1-4DC5-4C0E-BB7F-FA796742B8B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [{27433D62-6D09-436E-97E3-C80F1CC17D29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{C526C79D-2F23-4659-8886-74EB1217C5BA}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{2B813FC4-335F-4364-A51B-96934E86E050}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{5398BB7F-69A6-413A-ABA0-D9CFD9C06102}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{4CE251E0-D80C-4B9F-AEBC-560ECD797F9F}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1B203524-5397-4260-9EA2-E79C28F696BF}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [UDP Query User{7729F747-4D8C-43A7-BC5D-C26A526AB26C}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [TCP Query User{6891DA4E-A682-4013-AC9F-93F1F41538A1}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{981D95FE-1B8B-4E50-9157-16E1841EFD0B}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1AEA2C90-34CF-4A28-8A8B-DECE34231209}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{CBD697BB-8858-43F9-8DEA-E68395D8B415}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{BBB18066-1A62-4B6F-AEA7-09012086A685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{23E7748A-E81A-4D11-8B2C-50BEC02C3E01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{FFED7C2C-8DFD-4B87-AB1E-363287DA7B00}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFC43BAF-88F3-432F-8B96-EFD44F22E75D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FEBE6DF-8741-45B6-9D50-1902184F120F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C828F30-3503-4FF6-8558-8311BAA735E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{68320D8A-6F97-411F-8955-B5800497F558}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [UDP Query User{1E6F081F-E513-42C0-89FA-23B782AD3A98}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [TCP Query User{CA702105-D56F-499F-95AB-CA71697C4C0D}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [UDP Query User{840E18C3-0704-49A1-96F4-181A626B6797}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [{59D404D5-8728-49AB-9E06-51D26700D695}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{A96A6F90-7DD2-4995-88AA-0F956DB33A2C}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{7DD20C47-BA5C-4B38-9E5B-536743AA1040}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2DBB5FE-E8B9-4ED4-AA67-937B6DDC8AB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{851C3AE4-EC50-4BE6-BB77-4E72493806F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [TCP Query User{5CA21839-EB81-4030-BE6E-C0D764F54BDB}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [UDP Query User{C39DFB6A-90A8-45A7-9CA5-76C311D46992}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [TCP Query User{1E0AE19E-20F1-443B-906D-065238976E49}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [UDP Query User{50D93168-8FA5-49AA-BABE-A5A8F88B3486}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [{BC45F458-DEB7-4E71-8941-1742EE09E829}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{4A30FB60-8369-40E0-906C-38AB2F7DF5FA}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{3B90E320-F8B7-429E-99E6-314F048244CD}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{D368F37B-76C3-43B0-B0FD-F5AF2D450029}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{DCDA16F5-1AB3-4585-B939-34DA43598E9B}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{592253A9-C2A2-4767-B3BF-DE9B0254A0FC}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{2E8D51BF-5717-4012-BC0A-557AD5122175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{253299C3-BD33-41BB-971A-81703FF02A3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{8038C947-E718-42AB-A08E-AC35AA8961CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{99173CA6-BBAB-422F-8C9A-E36139F022B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7CAD6721-1A87-4A98-98AC-30093FAC3F9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1FC37340-B9F3-46AB-8D02-C8E71A157472}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9D9F2F4E-88B8-4E22-AADB-5A99589DB433}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A4B7A22-EC59-4D80-A5BA-66B42386D2F1}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6E02E418-AA6F-4C92-9374-FFAA59441B23}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [UDP Query User{CD0D9E68-D68A-453C-A9EB-6B166701345C}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [{2F698A77-BA23-4B6C-9E39-3AB00712D141}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{DEDCE339-7914-48FF-A935-F774F7D0F667}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{61C77ED8-359C-49A2-BAE9-7042AE301115}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{77563C0C-B28D-4E56-98D2-9925DBECE044}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7886DA04-B9B3-4D41-A1D6-4E73BD0E46ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{1E3A3B0C-C9CD-40C2-BE64-44C61A972A05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{1B8DAE92-DFB0-437E-91DA-1CAD6D522EBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{5A7A1A69-94E3-4DD4-9285-5CDB74F4AB08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{87293E0F-BF05-439A-AB31-4AE1C27B30B9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{57023810-2F26-4628-B0D6-79A7505BB914}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [UDP Query User{25FAEDB6-0F8B-43CC-B6E6-2710E6889A77}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [{7BBFA194-32C6-4B66-947E-32B2E56C5349}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{485A89EA-FC27-46E1-A38F-2D5672E5C891}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{A978B67D-0222-4395-977E-8EB31E1AB2C7}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{CEA8D197-CE44-4DEC-B781-7EB7043A082E}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{8510B446-E85A-43A7-9F71-5C8D9DE17876}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{29A2E9C7-93CE-4B50-B70B-BC2F4453292D}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0474D4B1-5AEA-4B0C-A2E1-3B1EF26C4574}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/19/2022 06:16:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:10Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:15:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:40Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:15:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:10Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:14:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:40Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:13:31 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:31Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:13:01 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:01Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:12:31 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:31Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:12:01 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:01Z. Kód chyby: 0x80070002
System errors:
=============
Error: (08/19/2022 05:43:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.WindowsFeedbackHub_1.2203.761.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe!App.AppXw175g9nmx2zykh9fyt6xjc0xf8vmj1w6.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2022-08-02 18:27:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {141D31CF-CC1D-41BB-BFBC-4459A3E94F15}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-AUSGJMO\micha
Date: 2022-08-02 18:26:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/ICBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\micha\AppData\Local\Temp\bvaqoypw.gbn\banners-uvfuavr5.fbu\lavasoft_overlay_new_setup_progress_en_836de029-df55-483c-b06e-67c270576b5f-v3.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Users\micha\AppData\Local\Temp\bvaqoypw.gbn\PDFCreatorSetup.exe
Verze bezpečnostních informací: AV: 1.371.1272.0, AS: 1.371.1272.0, NIS: 1.371.1272.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3
Date: 2022-08-02 07:19:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8993F2EB-B663-4604-B693-F687055520FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-08-01 11:36:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\KMSAuto-Net win 10 aktivator.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.371.1208.0, AS: 1.371.1208.0, NIS: 1.371.1208.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3
Date: 2022-08-01 11:36:01
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\KMSAuto-Net win 10 aktivator.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.371.1208.0, AS: 1.371.1208.0, NIS: 1.371.1208.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3
CodeIntegrity:
===============
Date: 2022-08-18 11:25:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-06-17 17:27:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-24 12:13:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.90 12/09/2019
Motherboard: ASRock B450M Pro4
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 16313.71 MB
Available physical RAM: 9168.39 MB
Total Virtual: 18745.71 MB
Available Virtual: 8404.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.87 GB) (Free:32.42 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: Patriot Burst) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: SAMSUNG HD642JJ) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:224.84 GB) (Free:67.96 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive h: () (Fixed) (Total:224.84 GB) (Free:14.61 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive i: () (Fixed) (Total:222.95 GB) (Free:2.85 GB) (Model: Patriot Burst) NTFS
Drive j: () (Fixed) (Total:146.38 GB) (Free:20.3 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive k: () (Fixed) (Total:247.82 GB) (Free:115.57 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
Drive l: () (Fixed) (Total:683.59 GB) (Free:237.23 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
\\?\Volume{c4029046-716d-441f-a03d-cce2ceeeb070}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{c6b8d1f4-ded1-4088-bf7e-f6bafaa17d56}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{60e7a5ed-f4f6-7b96-b598-d4e1b1cb3654}\ () (Fixed) (Total:5.27 GB) (Free:0 GB) NTFS
\\?\Volume{19c0c6cf-4c0d-97a3-0d37-e79c8c13d025}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{7e630a01-0000-0000-0000-10c337000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{6ff619c6-97c5-4a7f-bd2f-8251e43ed227}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 7E630A01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=533 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: E274E274)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.7 GB) - (Type=0F Extended)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0775D37C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.
==================== End of Addition.txt =======================
po delší době bych opět požádal o pomoc. Windows mi občas hlásí nějaké trojany,pc se mi zdá pomalejší a taky nám v týdnu google zmenil hesla na účtech, že se jich někdo zmocnil. Nejspíš z mého PC, na kterém si malý natahal nějaké hry.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Ran by micha (administrator) on DESKTOP-AUSGJMO (20-08-2022 17:46:01)
Running from C:\Users\micha\Desktop
Loaded Profiles: micha
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1889 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AudioDeviceService.exe ->) (Solid State System) [File not signed] C:\Program Files (x86)\XGAMER Audio 7.1\XGAMER Audio 7.1.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(Discord Inc. -> Discord Inc.) C:\Users\micha\AppData\Local\Discord\app-1.0.9006\Discord.exe <6>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Gaijin Network LTD -> Gaijin) C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(explorer.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2204.1001.3.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SSS) [File not signed] C:\Windows\System32\AudioDeviceService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(TODO: <Company name>) [File not signed] C:\Program Files\CZC G GK1000\CZC G GK1000.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [XGAMER Audio 7.1] => C:\Program Files (x86)\XGAMER Audio 7.1\XGAMER Audio 7.1.exe [10700800 2020-09-09] (Solid State System) [File not signed]
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4230544 2022-07-26] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14074968 2022-06-01] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-08-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [ASRockRuefi] => [X]
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Gaijin.Net Updater] => C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-05-19] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\MountPoints2: {dc6f74ba-7658-11ea-a65b-a8a159192c9e} - "M:\setup.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Print\Monitors\EPSON L3050 Series 64MonitorBE: C:\Windows\system32\E_YLMBR4E.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-08-02] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.101\Installer\chrmstp.exe [2022-08-20] (Google LLC -> Google LLC)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2022-04-25]
ShortcutTarget: ctfmon.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook.lnk [2021-08-29]
ShortcutTarget: Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B04C152-E85A-47E7-A7B9-A07E445514BE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2237D69A-2074-4A62-BD65-D0397D543BE3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
Task: {2B11136C-2A2C-46D2-928E-BEA0C92DEE68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2EEE66E0-7CED-46DD-87ED-59E25F8511C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {326E497E-5B57-42D8-962F-ADD56552B9AF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3606811E-3920-4A77-8FE1-122ED5C05A4B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51383AA9-AC00-46FC-87B7-164ED2C6F61F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {598E3111-590D-4056-A471-9012AE631505} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23704512 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C5545AF-6213-4FBB-BD7A-D8229AA843DB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23704512 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6466E8C8-CA9E-4FA9-BEBA-AECBC73815F0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {65E6A67E-AB5F-4563-BE09-076B53B2CFD8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C04696D-0593-4FBD-9A7F-F5842FE6E23F} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification => C:\Program Files\PDF Architect 8\architect-launcher.exe --check-notifications (No File)
Task: {707C570A-0EB7-4B4A-8B9B-A32D5526C27D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7713BCDA-595B-4A8F-957E-1542051A49E1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8305B063-CDE9-44E2-B4F9-FC12F96FFB92} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8517064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {886E39CD-6745-458C-BA28-C1EB3D6D8BD9} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
Task: {8BE3C38C-7B6C-4982-B310-CB99A06DCC90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C3A87CD-95E3-42EA-ABAC-8913F90B3745} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation)
Task: {9CAD41DD-D5CE-483E-A0B0-0138A5619E5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA519617-1BD0-43F4-9FB5-EB14DD5770FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BEC7A5BE-5C84-4FA0-8AD4-9D380388982E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CF7994EF-AFCF-44A9-B300-0599897DA049} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8517064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFC3D011-7CDD-4596-8345-82DBA9B7DDC0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAA7E106-BA9E-4FBF-B4BD-2C1A2F5DBF38} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD27484B-050C-4461-81AB-86793286D3ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-4261871939-3680644312-2290833728-1001] => 182.71.146.148:8080
Tcpip\..\Interfaces\{a50b097d-b2f0-400f-88af-6fcafcb09065}: [NameServer] 31.192.72.13,10.0.0.1
Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-20]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2022-08-20]
CHR Notifications: Default -> hxxps://app.smartsupp.com; hxxps://business.facebook.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-20]
CHR Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2020-04-04]
CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2022-08-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-20]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-08-13]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com
CHR HomePage: Profile 1 -> hxxp://www.google.cz/
CHR StartupUrls: Profile 1 -> ""
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
CHR Extension: (Entanglement Web App) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aciahcmjmecflokailenpkdchphgkefd [2021-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29]
CHR Extension: (Eiffel Tower) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppbaibkigenhdcommebegmmmpoolmpip [2021-10-29]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134664 2022-02-24] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AudioDeviceService; C:\Windows\system32\AudioDeviceService.exe [2730496 2020-09-09] (SSS) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-04-26] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124064 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4507328 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9114208 2022-08-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-04] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2275928 2022-06-01] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-27] (GOG Sp. z o.o. -> GOG.com)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2458576 2022-07-25] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2020-04-10] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104; C:\WINDOWS\SysWOW64\Drivers\AsrDrv104.sys [34536 2021-12-26] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2020-04-09] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R3 MpKsl4f865b11; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A93862DF-BCA6-4E08-8A30-5AC0C6ED46C9}\MpKslDrv.sys [141576 2022-08-20] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 UAExt; C:\WINDOWS\System32\DRIVERS\UAExt.sys [135264 2020-09-09] (Solid State System Co., Ltd -> Solid State System.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-20 17:46 - 2022-08-20 17:46 - 000028845 _____ C:\Users\micha\Desktop\FRST.txt
2022-08-20 17:45 - 2022-08-20 17:45 - 002371072 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2022-08-17 20:09 - 2022-08-17 20:09 - 001730357 _____ C:\Users\micha\Desktop\Slavonac N.pdf
2022-08-17 20:07 - 2022-08-17 20:07 - 000072423 _____ C:\Users\micha\Desktop\b613a17caa9209-slavonac-n-dop.pdf
2022-08-17 15:28 - 2022-08-17 15:28 - 000001260 _____ C:\Users\micha\Desktop\Cult Of The Lamb.lnk
2022-08-17 15:28 - 2022-08-17 15:28 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Massive Monster
2022-08-17 15:27 - 2022-08-17 15:27 - 000159806 _____ C:\Users\micha\Desktop\Valíček, Lidická 54, Hodonín.pdf
2022-08-15 08:48 - 2022-08-15 08:48 - 007493882 _____ C:\Users\micha\Desktop\CIKO.pdf
2022-08-13 10:07 - 2022-08-13 10:07 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-13 10:07 - 2022-08-13 10:07 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-13 10:07 - 2022-08-13 10:07 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-13 10:07 - 2022-08-13 10:07 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-13 10:06 - 2022-08-13 10:06 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-13 10:06 - 2022-08-13 10:06 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-13 10:06 - 2022-08-13 10:06 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-13 10:06 - 2022-08-13 10:06 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-13 10:02 - 2022-08-13 10:02 - 000000000 ___HD C:\$WinREAgent
2022-08-05 17:37 - 2022-08-05 17:37 - 000000000 ____D C:\Users\micha\AppData\Local\MultiVersus
2022-08-05 17:36 - 2022-08-05 17:37 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2022-08-05 17:30 - 2022-08-05 17:30 - 000000354 _____ C:\Users\micha\Desktop\MultiVersus.url
2022-08-03 08:42 - 2022-08-03 08:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\pdfforge GmbH
2022-08-03 08:42 - 2022-08-03 08:42 - 000000000 ____D C:\ProgramData\PDF Architect 8
2022-08-02 18:26 - 2022-08-02 18:26 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-08-02 18:26 - 2022-08-02 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2022-07-26 20:44 - 2022-07-26 20:44 - 000000000 ____D C:\Program Files\Google
2022-07-21 18:53 - 2022-07-21 18:53 - 000000000 ____D C:\Users\micha\AppData\Local\ToiletChronicles
2022-07-21 18:52 - 2022-07-21 18:52 - 000000223 _____ C:\Users\micha\Desktop\Toilet Chronicles.url
2022-07-21 18:43 - 2022-06-24 05:05 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-07-21 18:31 - 2022-06-24 19:23 - 001472552 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-07-21 18:31 - 2022-06-24 19:23 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-07-21 18:31 - 2022-06-24 19:20 - 000866344 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-07-21 18:31 - 2022-06-24 19:20 - 000687592 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 002127848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 001537072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 000771576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-07-21 18:31 - 2022-06-24 19:19 - 000715304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-07-21 18:31 - 2022-06-24 19:18 - 010270272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 008804416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 003067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 001608232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 001059880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 000845296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-07-21 18:31 - 2022-06-24 19:18 - 000456200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-07-21 18:31 - 2022-06-24 19:17 - 005734408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-07-21 18:31 - 2022-06-24 19:17 - 005363264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-07-21 18:31 - 2022-06-24 19:17 - 000853568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-07-21 18:31 - 2022-06-24 05:05 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-07-21 18:00 - 2022-07-21 18:00 - 000161771 _____ C:\Users\micha\Desktop\#2022-92 B Lukáš Mačalík, Bohuslavice 4211, Kyjov.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-20 17:46 - 2021-10-21 18:11 - 000000000 ____D C:\FRST
2022-08-20 17:44 - 2020-04-04 10:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-20 17:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-20 17:36 - 2020-04-04 10:18 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-20 17:28 - 2020-12-15 22:23 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2022-08-20 17:27 - 2020-12-15 22:23 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2022-08-20 15:32 - 2020-04-04 11:17 - 000000000 ____D C:\Users\micha\AppData\Local\ClassicShell
2022-08-20 15:12 - 2020-04-04 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-20 11:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-20 11:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-20 10:45 - 2020-04-04 10:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-20 10:27 - 2021-12-21 18:07 - 000002321 _____ C:\Users\micha\Desktop\CurseForge.lnk
2022-08-20 10:27 - 2021-12-21 18:06 - 000000000 ____D C:\Users\micha\AppData\Local\Overwolf
2022-08-20 10:27 - 2021-02-01 19:26 - 000000000 ____D C:\Users\micha
2022-08-19 21:18 - 2020-04-06 16:34 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-19 11:29 - 2022-04-28 13:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-08-19 11:29 - 2021-02-01 19:26 - 000002381 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-19 08:51 - 2021-12-21 18:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-08-16 16:03 - 2021-08-06 17:29 - 000000000 ____D C:\Users\micha\AppData\Roaming\.minecraft
2022-08-15 10:11 - 2020-04-04 10:07 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2022-08-14 21:03 - 2020-04-04 11:02 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2022-08-14 21:01 - 2022-03-27 11:13 - 000000000 ____D C:\Users\micha\AppData\LocalLow\webviewdata
2022-08-14 11:31 - 2021-02-01 19:31 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-14 11:31 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-08-14 11:31 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-08-14 11:31 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-14 11:24 - 2021-02-01 19:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-14 11:24 - 2021-02-01 19:25 - 000545544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-14 11:24 - 2021-02-01 19:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-13 20:36 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-08-13 20:36 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-13 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-13 20:36 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-13 10:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-13 10:06 - 2021-02-01 19:29 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-13 10:03 - 2022-04-22 19:20 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-08-13 10:02 - 2020-04-04 23:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-13 10:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-13 10:00 - 2020-06-06 22:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-13 10:00 - 2020-04-04 23:43 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-12 10:31 - 2020-05-31 21:10 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2022-08-10 21:37 - 2022-07-18 13:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-08-10 21:37 - 2022-04-13 14:38 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-08-10 21:37 - 2022-03-28 14:22 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-05 17:37 - 2021-10-25 20:19 - 000000000 ____D C:\Users\micha\AppData\Roaming\EasyAntiCheat
2022-08-02 18:26 - 2021-10-27 10:36 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2022-08-02 18:26 - 2021-10-27 10:36 - 000000000 ____D C:\Program Files\PDFCreator
2022-08-02 07:24 - 2021-02-01 19:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-01 11:54 - 2020-04-04 10:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2022-08-01 11:38 - 2020-06-29 14:32 - 000000000 ____D C:\Blossom Beauty
2022-07-30 14:52 - 2022-03-20 21:30 - 000000000 ____D C:\ProgramData\Autodesk
2022-07-27 09:13 - 2022-04-22 19:21 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-27 09:13 - 2022-04-22 19:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f8bfdbe63d84
2022-07-26 20:52 - 2021-12-20 12:27 - 000000000 ____D C:\Users\micha\AppData\Local\Ubisoft Game Launcher
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\ProgramData\Rockstar Games
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\Program Files\Rockstar Games
2022-07-25 21:42 - 2020-04-04 11:00 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2022-07-21 18:53 - 2021-10-07 16:40 - 000000000 ____D C:\Users\micha\AppData\Local\UnrealEngine
2022-07-21 18:45 - 2020-04-04 11:03 - 000000000 ____D C:\Users\micha\AppData\Local\NVIDIA
==================== Files in the root of some directories ========
2020-07-29 20:21 - 2020-07-29 20:21 - 000056320 _____ (SSS) C:\ProgramData\FinalDeleteFile.exe
2022-04-27 11:50 - 2022-04-27 11:50 - 000007342 _____ () C:\Users\micha\AppData\Local\2573084692
2020-09-27 21:17 - 2020-09-27 21:17 - 000016438 _____ () C:\Users\micha\AppData\Local\partner.bmp
2021-01-10 20:43 - 2021-02-08 19:36 - 000007602 _____ () C:\Users\micha\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by micha (20-08-2022 17:46:51)
Running from C:\Users\micha\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1889 (X64) (2021-02-01 17:30:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4261871939-3680644312-2290833728-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4261871939-3680644312-2290833728-503 - Limited - Disabled)
Guest (S-1-5-21-4261871939-3680644312-2290833728-501 - Limited - Disabled)
micha (S-1-5-21-4261871939-3680644312-2290833728-1001 - Administrator - Enabled) => C:\Users\micha
micha_p24az47 (S-1-5-21-4261871939-3680644312-2290833728-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4261871939-3680644312-2290833728-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASRock Restart to UEFI v1.0.9 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.9 - ASRock Inc.)
A-Tuning v3.0.215 (HKLM-x32\...\A-Tuning_is1) (Version: 3.0.215 - ASRock Inc.)
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Epic (HKLM\...\{B51E6DE5-9A25-47E6-9806-24B4C62D42A6}) (Version: 1.3.1.0 - Manticore Games)
Core Epic Installer (HKLM-x32\...\{531451dd-91d4-4b27-a171-1b9c7f325969}) (Version: 1.3.0.0 - Manticore Games) Hidden
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
Crossout Launcher 1.0.3.144 (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\CrossOutLauncher_is1) (Version: - )
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 1.2.4 - GOG.com)
Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - )
CurseForge (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.205.1.5800 - Overwolf app)
CZC G GK1000 (HKLM-x32\...\CZC G GK1000) (Version: V1.01n - CZC G GK900)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1184 - Disc Soft Ltd)
DCS World OpenBeta (HKLM\...\DCS World OpenBeta_is1) (Version: 2.5 - Eagle Dynamics)
Discord (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.243.5241 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{daaa5ef5-cad5-4ad1-b550-6f3388e65fe0}) (Version: 12.0.243.5241 - Electronic Arts)
Empires of the Undergrowth (HKLM-x32\...\1850642020_is1) (Version: 0.2324 - GOG.com)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{AA6AE72A-371E-4454-9066-3D02BB4BC4E9}) (Version: 3.3.1.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FileZilla Client 3.47.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.47.2.1 - Tim Kosse)
Floating Sandbox 1.16.7.1 (HKLM\...\{E0EFB81F-319E-4AB2-80D9-38374D454C01}) (Version: 1.16.7.1 - Gabriele Giuseppini)
Gas Station Simulator (HKLM-x32\...\Gas Station Simulator_is1) (Version: - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.101 - Google LLC)
I Am Fish (HKLM-x32\...\I Am Fish_is1) (Version: - )
i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC)
Java(TM) SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
Kindergarten 2 v1.23 (HKLM-x32\...\tuttop.com Kindergarten 2 v1.23_is1) (Version: 1.23 - tuttop.com)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.15601.20044 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.15601.20044 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\OneDriveSetup.exe) (Version: 22.166.0807.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
Newgrounds Player (HKLM-x32\...\{B9735123-2823-49F8-8264-372895D39702}) (Version: 1.0.0 - Newgrounds)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.59 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.204.0.1 - Overwolf Ltd.)
PDFCreator (HKLM\...\{53B07CBF-8CF1-4398-AD9C-1EDCC62E9B57}) (Version: 4.4.3 - pdfforge GmbH)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk)
ProFact 5 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version: - )
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.6.589 - Jan Fiala)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.61.899 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
Snowtopia Demo (HKLM-x32\...\1103034679_is1) (Version: 0.9.31.gog - GOG.com)
Snowtopia: Ski Resort Tycoon (HKLM-x32\...\1179524912_is1) (Version: 0.14.27 - GOG.com)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Spotify (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superliminal (HKLM-x32\...\Superliminal_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 128.0.10632 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{1729B0A9-0490-418B-A565-89B4D5BC8F2D}) (Version: 1.2.0.0 - Epic Games, Inc.) Hidden
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: 1.0.0.1 - Electronic Arts, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
XGAMER Audio 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 3.21.2018.104 - SADES)
Packages:
=========
ASTRONEER -> C:\Program Files\WindowsApps\SystemEraSoftworks.29415440E1269_1.25.152.0_x64__ftk5pbg2rayv2 [2022-08-20] (System Era Softworks)
Besiege -> C:\Program Files\WindowsApps\SpiderlingStudios.5821136CAA5A2_0.9.13.0_x64__a408ere9ra7h8 [2022-06-10] (Spiderling Studios Limited)
Best of Wallpapers 2019 Exclusive -> C:\Program Files\WindowsApps\Microsoft.BestofWallpapers2019Exclusive_2.0.0.0_neutral__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation)
Bug Fables: The Everlasting Sapling -> C:\Program Files\WindowsApps\DANGENEntertainment.BugFables_1.0.0.0_x64__zfxw8h9xxzgzt [2022-06-30] (DANGEN Entertainment)
Donut County -> C:\Program Files\WindowsApps\AnnapurnaInteractive.DonutCounty_1.0.3.0_x64__c96c51jf6wkvm [2022-05-04] (Annapurna Interactive)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-19] (Microsoft Corporation)
FAR: Changing Tides Windows Edition -> C:\Program Files\WindowsApps\FrontierDevelopmentsPlc.FARChangingTidesWindowsEdi_1.2.2.0_x64__ft442cafaz8hg [2022-05-15] (Frontier Developments Plc)
Forager -> C:\Program Files\WindowsApps\HumbleBundle.ForagerWin10_1.0.1.2_x64__q2mcdwmzx4qja [2022-02-25] (Humble Bundle)
Gang Beasts -> C:\Program Files\WindowsApps\DoubleFineProductionsInc.GangBeasts_1.0.41.0_x64__s9zt93y1rpe5a [2022-02-25] (Double Fine Productions, Inc.)
Goat Simulator Windows 10 -> C:\Program Files\WindowsApps\DoubleElevenLimited.GoatSimulatorWindows10_1.8.3.2_x64__0hbmw099njyxm [2022-05-17] (Double Eleven Limited)
Gorogoa -> C:\Program Files\WindowsApps\AnnapurnaInteractive.Gorogoa_1.0.7.0_x64__c96c51jf6wkvm [2022-06-19] (Annapurna Interactive)
Human Fall Flat -> C:\Program Files\WindowsApps\CurveDigital.HumanFallFlat_1.6.18.0_x64__1ezqdnbhnc70m [2022-05-17] (Curve Digital)
Kill It With Fire -> C:\Program Files\WindowsApps\tinyBuildGames.KillItWithFire_1.5.36.0_x64__3sz1pp2ynv2xe [2022-02-25] (tinyBuild Games)
Lonely Mountains: Downhill -> C:\Program Files\WindowsApps\Thunderful.LonelyMontainsDownhill_1.4.6.0_x64__8j53pwgd019sy [2022-07-21] (Thunderful Publishing AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-06-28] (Microsoft Corporation)
Minecraft Dungeons -> C:\Program Files\WindowsApps\Microsoft.Lovika_1.15.1.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Studios)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.5.0_x64__8wekyb3d8bbwe [2022-06-12] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.21.0_x64__8wekyb3d8bbwe [2022-08-11] (Microsoft Studios)
Moonglow Bay -> C:\Program Files\WindowsApps\CoatsinkSoftware.MoonglowBay_1.0.24.0_x64__kpgqqsxtm9288 [2022-05-17] (Coatsink Software)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-07-21] (NVIDIA Corp.)
PAW Patrol Mighty Pups Save Adventure Bay -> C:\Program Files\WindowsApps\OutrightGames.628923E2C82A7_1.0.3.0_x64__bnrbc155f0j86 [2022-05-11] (Outright Games Ltd)
Pikuniku Win10 -> C:\Program Files\WindowsApps\DevolverDigital.PikunikuWin10_1.0.3.0_x86__6kzv4j18v0c96 [2022-05-17] (Devolver Digital)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.540.501.0_x86__55nm5eh3cm0pr [2022-08-19] (ROBLOX Corporation)
SkateBIRD -> C:\Program Files\WindowsApps\GlassBottomGames.SkateBIRD_1.7.2.0_x64__vvwbg9g51kf46 [2022-06-29] (Glass Bottom Games)
Totally Accurate Battle Simulator -> C:\Program Files\WindowsApps\LandfallGames.TotallyAccurateBattleSimulator_1.0.4977.0_x64__r2vq7k2y0v9ct [2022-04-27] (Landfall Games)
Townscaper -> C:\Program Files\WindowsApps\RawFury.Townscaper_1.1.6.0_x64__9s0pnehqffj7t [2022-03-14] (Raw Fury)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> L:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> L:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> L:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4261871939-3680644312-2290833728-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2021-11-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\nvshext.dll [2022-06-24] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4261871939-3680644312-2290833728-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\micha\Desktop\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\micha\Desktop\Terezka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2018-10-26 10:07 - 2018-10-26 10:07 - 000204800 _____ () [File not signed] C:\Program Files\CZC G GK1000\bin\GK\SonixHidDll.dll
2018-10-26 10:07 - 2018-10-26 10:07 - 000204800 _____ () [File not signed] C:\Program Files\CZC G GK1000\bin\GM\SonixHidDll.dll
2021-04-18 17:23 - 2014-11-02 19:45 - 000029184 _____ () [File not signed] C:\Program Files\PSPad editor\pspshellx64.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2020-04-26 11:02 - 2020-04-26 11:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-26 11:02 - 2020-04-26 11:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-10-27 10:36 - 2022-08-02 18:26 - 000181248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2020-09-09 13:36 - 2017-11-03 11:44 - 000232960 ____N (Solid State System) [File not signed] C:\Program Files (x86)\XGAMER Audio 7.1\DLL3S_UsbAudio16xx_x32.dll
2019-02-14 08:40 - 2019-02-14 08:40 - 001660416 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\css.dll
2019-02-14 08:46 - 2019-02-14 08:46 - 002033152 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\cwt.dll
2019-02-14 08:49 - 2019-02-14 08:49 - 001659904 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\messageprompter.dll
2019-02-14 08:38 - 2019-02-14 08:38 - 001648640 _____ (SONiX Technology Co., Ltd.) [File not signed] c:\program files\czc g gk1000\bin\messageprovider.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001655808 _____ (SONiX Technology Co., Ltd.) [File not signed] C:\Program Files\CZC G GK1000\Bin\Plugin.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-08-19 09:05 - 2022-08-19 09:05 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001651200 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\dialoginvoker.dll
2019-02-14 08:28 - 2019-02-14 08:28 - 001633792 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gamingforceledsyncer.dll
2019-02-14 08:51 - 2019-02-14 08:51 - 001665024 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gamingforcemain.dll
2019-02-14 08:52 - 2019-02-14 08:52 - 001656832 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardmacro.dll
2019-02-14 08:38 - 2019-02-14 08:38 - 002036224 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardmain.dll
2019-02-14 08:46 - 2019-02-14 08:46 - 002195968 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardpersister.dll
2019-02-14 08:30 - 2019-02-14 08:30 - 001723904 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardprofile.dll
2019-02-14 08:51 - 2019-02-14 08:51 - 001652736 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardskin.dll
2019-02-14 09:00 - 2019-02-14 09:00 - 001680384 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gk\gamingkeyboardwriter.dll
2019-02-14 08:24 - 2019-02-14 08:24 - 001656320 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousemacro.dll
2019-02-14 08:27 - 2019-02-14 08:27 - 001936384 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousemain.dll
2019-02-14 08:27 - 2019-02-14 08:27 - 002195456 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousepersister.dll
2019-02-14 08:25 - 2019-02-14 08:25 - 001701888 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmouseprofile.dll
2019-02-14 08:15 - 2019-02-14 08:15 - 001664000 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmouseskin.dll
2019-02-14 08:15 - 2019-02-14 08:15 - 001656832 _____ (TODO: <Company name>) [File not signed] c:\program files\czc g gk1000\bin\gm\gamingmousewriter.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6098]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-07-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Control Panel\Desktop\\Wallpaper -> c:\users\micha\desktop\foceni - vanoce 2019\dsc_9982.jpg
DNS Servers: 31.192.72.13 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Trust GXT 354 Headset"
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\StartupApproved\Run: => "Spotify"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{29458DEB-89BE-4F55-B362-0A79FF315AC2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{D73F25B8-73D8-4612-9013-00AFC67C6490}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{C535DEAE-95B1-4EC1-9AE3-90F16FB847B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [{D00CE7CD-302D-4FC5-9DBD-BF6946EB2BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [UDP Query User{F873DD99-DACE-47FB-ACB7-FAF5D2D438EF}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [TCP Query User{A54F25F0-65EF-41E6-9DB2-01F8F95FD1E9}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [UDP Query User{446488F3-6A65-4A40-84ED-6D7DD85BC5F2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{0A1E29E9-17F5-49FA-831C-74E987176127}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{54446129-352F-4716-A57E-817CFBE15A09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45E25852-2436-49B6-8730-460ABC3C1F32}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{864198A2-5A02-402B-BFBE-2A6092CE7CBA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{89CCDD86-5ABB-49F9-ADA2-3AA16A9C0DFA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D790B858-A34F-48F3-BAB6-30E18C8B86A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{E45CB1FF-8765-4764-B6E5-03B0CFB43CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [UDP Query User{11C83DD6-66C1-4B2A-95B9-F5595BAAE73F}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{36435545-4B21-4506-82B2-85572F619B25}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DBF5FAC2-3ED8-4AB7-A39F-2F9A785F9F5A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{975D2953-97C3-42CD-98A5-83734BE1D7B2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E1397ADB-175E-4CD9-B12F-39A92FBF12B3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3114659E-1964-4B01-88CD-D008340CB6FA}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{0356A693-A394-4772-B76B-BF4C327CF3EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8E292D98-5399-4BC6-8E9D-0B1CB269BB82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0586D70B-5F9B-4AE4-905B-6D8A0EB68614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6C369FD2-5CA0-46A5-AE4C-89BC129BAD00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{04EE9578-4475-4C45-8938-31CFCAC72E37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1422F21A-0FE6-4E04-8608-E0AB2E1E74A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{59EC471F-33CD-4B0E-8E0A-29665C636ADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{B908D25C-2BCF-4188-BD0F-E397AC0F6BEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{0A77FFB5-C2E5-4D61-B0A6-F50C26917801}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DDF4574-0231-4AB2-8264-9943794F7292}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EDB90044-B689-459D-A928-70A8E53D2179}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{10816914-AC23-4957-AFA6-FF812C9B1605}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{D941A9B7-F0DD-4690-9B9E-BA858CBD8690}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [UDP Query User{E3FF217D-D5A2-4FBB-9AA2-46E08FD69504}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [TCP Query User{D56936D4-1FD9-4590-BA26-F2F4416C32A5}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [UDP Query User{DE0DF6E2-40AE-4912-B825-B7621C54FEA0}C:\games\wobbly life v0.2.0\wobbly life.exe] => (Allow) C:\games\wobbly life v0.2.0\wobbly life.exe => No File
FirewallRules: [TCP Query User{37E4D05E-2ADF-410A-B96A-4FE1603EB75E}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{41A171F7-2F8E-4D4F-95D8-B31FB070B856}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [TCP Query User{16CB7910-8372-4FA5-B5A7-0EBBE0A43FC3}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{521A084B-40C8-4B58-8C12-53F500198CC1}C:\wobbly.life.v0.6.6\wobbly life.exe] => (Allow) C:\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{B9BF3CDA-B02D-439F-B07D-5D3F05AA1C7B}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [UDP Query User{86270292-CED8-4063-A839-B359E378F341}C:\hry\superliminal\superliminal.exe] => (Allow) C:\hry\superliminal\superliminal.exe => No File
FirewallRules: [TCP Query User{C93EDD0D-A67F-41F0-895E-2D38640EBE4C}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{A95835B6-3EC1-4296-8418-29BB5940536B}C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B0E926D1-3F01-4F88-A033-A002297F2EDA}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{10CEBC25-E2FF-48C7-BBB1-F58BCB1C34AB}C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [{D7CD4EE0-8A58-464F-ACCA-A17B2148C55D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{B11CE916-FDDE-436A-B8EF-79A0AF4B214D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [TCP Query User{377BB321-3F36-4713-858C-7692531D6C81}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9BC4738A-0940-4863-B160-763A41FE0E5D}C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) C:\games\epic games\core\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4FD04183-8EA6-4805-801E-5423483A8C55}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [UDP Query User{F2020488-A592-44E6-9E22-8D6A528CC181}C:\games\wobbly.life.v0.6.6\wobbly life.exe] => (Block) C:\games\wobbly.life.v0.6.6\wobbly life.exe => No File
FirewallRules: [TCP Query User{D32ECEE6-8A41-4DCD-9864-F7BBBE30FAB9}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [UDP Query User{C90BFC6A-0916-4EF5-A423-62FF55947D36}C:\games\i am fish\iamfish.exe] => (Allow) C:\games\i am fish\iamfish.exe => No File
FirewallRules: [TCP Query User{03F4F24A-3A93-485A-BABD-9BBAD849A4EB}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{6FB3E471-C6A8-419D-80ED-51F669214912}L:\downloads\house.builder\house builder\housebuilder.exe] => (Block) L:\downloads\house.builder\house builder\housebuilder.exe => No File
FirewallRules: [TCP Query User{98B609C7-C84C-450D-BBBB-A2E1B54E100B}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [UDP Query User{C32059FD-CA6D-4689-B7E9-C570998E41AB}C:\games\house builder\housebuilder.exe] => (Block) C:\games\house builder\housebuilder.exe => No File
FirewallRules: [{9BF9EFDA-5843-42BC-A7F1-E1C731CAF214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [{9C7A0D9B-68E2-4472-BCD5-4418278F3639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\playway-launcher-win32-ia32\playway-launcher.exe => No File
FirewallRules: [TCP Query User{C55AC7D3-0136-4931-8E8E-F9483277C5DA}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [UDP Query User{816377DE-18B1-4961-BDD4-D474969DCFA6}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [{306650B1-0FF2-452E-82F0-EB30A53E9769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [{A8452111-F6DD-4957-8A50-6EECA5FE054E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\launcher\playway-launcher.exe => No File
FirewallRules: [TCP Query User{F00BAB0A-4A0E-420B-90BC-3CC38FF11BDE}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{0130D317-847E-4D30-B195-B52A0FD1AC39}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{5EB038E2-3D18-44B7-8E96-890B39F3E827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{68A4ADEA-1C84-4789-A697-CB2D3B816771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{63C9287E-1DB2-4C68-A526-9F5430BF0933}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0F9461A-4F94-4807-BFCD-938B81CD83D9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{45ED595B-3318-4527-A16E-AE92F97115E2}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{F9D771D3-D794-453C-A170-D06223863C87}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [{9561CBB4-7CD3-4A3F-BD3B-6578D946570C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{72ECBBE5-8F9F-4A97-A7BF-C49729ADFABF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{0C42E4E6-CBCB-44FA-B54D-FD0EEAF43784}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [UDP Query User{71DCB3DB-65CE-4AD6-8808-FCC0FE20979C}L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer.simulator.v6.3.1\deeeer simulator.exe => No File
FirewallRules: [TCP Query User{BCC952E8-88D5-462B-A31F-88AAAA2CD4C9}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [UDP Query User{5F02E16D-3283-4B5A-A892-B478B3808213}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [TCP Query User{70860165-FC28-4A9A-9549-72643AF82E96}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [UDP Query User{06F8E3AC-4E9E-4F99-BC5F-B91E1909A464}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [{D7E833B6-8C9E-4F53-ADCC-237CC74140B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{92558988-B934-43A7-8992-25F6DB7CD255}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{F25D676D-9CB4-4979-8516-FFA50E7624C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division 2\TheDivision2.exe => No File
FirewallRules: [TCP Query User{0E856306-59C5-43ED-BBAB-5A6C6358A2EC}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [UDP Query User{7605C579-E973-4947-92C4-BE006BC64FF1}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [{B2DA71DE-1615-440A-BEB4-9A465F176CF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{3930353B-5ACC-46D7-BFB3-5ABDF047A43B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{01DF4354-EA13-4B39-A5E2-D851CA21DEAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{83AC1B05-9D39-4B0B-9721-60909619376E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [TCP Query User{7D120729-8247-46E1-A96C-2897BE827323}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [UDP Query User{55274E68-151E-453B-BF06-F07E61CCE6E0}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [{D5E9125B-F4C3-4BE3-9C39-4327635141A9}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1DBD88C5-F55B-403D-9D47-7509BA2B3F50}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{82293978-6754-445C-9C19-4517C53B2CBE}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [UDP Query User{6D4F340F-CC84-441A-8F08-7F597798B806}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [{FB08CC40-5BB2-4929-AE72-E844CAA9BC4C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{73AFC565-A221-4AF4-8B01-BF38A7E3AAFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{3E1A716A-73A8-4971-82E0-3292C49B152E}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [UDP Query User{6C09B28E-8BF2-419B-8B46-19F6B2DAAC55}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [{887E5316-A9BD-460F-B213-61A3DD57E396}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{6AA2F05C-B390-46DC-9D2A-3AB006261BE6}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{A4F2B005-89AB-41F1-8F41-F596CDCADBC8}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{1AC4CB70-2406-4DC8-BB08-9AFFDE94FC12}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{68C1325C-7C3E-47E7-8B2E-A83D571D67FA}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe () [File not signed]
FirewallRules: [{4C2AA51F-46E3-4489-B00C-2D5B089EEE79}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe () [File not signed]
FirewallRules: [TCP Query User{126F8DB2-9B37-4333-AC46-EFF8AF828831}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [UDP Query User{B72571F6-F157-4EF2-82FB-C907734020A5}L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe] => (Allow) L:\downloads\gang beasts v1.16\gang beasts v1.16\gang beasts.exe => No File
FirewallRules: [TCP Query User{F1BE06E4-5622-4761-B9FA-496F3C93E3EA}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{31CDE955-BC24-491A-89D0-0BD4AC1B4B34}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{ED21F7B5-C7C6-4DE2-8131-044A5F38C7AE}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [{35553D72-31B7-4640-8FD1-E4E099F2862C}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [TCP Query User{CBA75151-CD05-4556-A4C2-47B3C4034E44}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{C012ED2B-A45E-4B0F-91F3-11B38F8D9C6B}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{B20ED7C1-4DC5-4C0E-BB7F-FA796742B8B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [{27433D62-6D09-436E-97E3-C80F1CC17D29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{C526C79D-2F23-4659-8886-74EB1217C5BA}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{2B813FC4-335F-4364-A51B-96934E86E050}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{5398BB7F-69A6-413A-ABA0-D9CFD9C06102}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{4CE251E0-D80C-4B9F-AEBC-560ECD797F9F}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1B203524-5397-4260-9EA2-E79C28F696BF}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [UDP Query User{7729F747-4D8C-43A7-BC5D-C26A526AB26C}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [TCP Query User{6891DA4E-A682-4013-AC9F-93F1F41538A1}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{981D95FE-1B8B-4E50-9157-16E1841EFD0B}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1AEA2C90-34CF-4A28-8A8B-DECE34231209}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{CBD697BB-8858-43F9-8DEA-E68395D8B415}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{BBB18066-1A62-4B6F-AEA7-09012086A685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{23E7748A-E81A-4D11-8B2C-50BEC02C3E01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{FFED7C2C-8DFD-4B87-AB1E-363287DA7B00}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFC43BAF-88F3-432F-8B96-EFD44F22E75D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FEBE6DF-8741-45B6-9D50-1902184F120F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C828F30-3503-4FF6-8558-8311BAA735E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{68320D8A-6F97-411F-8955-B5800497F558}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [UDP Query User{1E6F081F-E513-42C0-89FA-23B782AD3A98}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [TCP Query User{CA702105-D56F-499F-95AB-CA71697C4C0D}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [UDP Query User{840E18C3-0704-49A1-96F4-181A626B6797}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [{59D404D5-8728-49AB-9E06-51D26700D695}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{A96A6F90-7DD2-4995-88AA-0F956DB33A2C}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{7DD20C47-BA5C-4B38-9E5B-536743AA1040}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2DBB5FE-E8B9-4ED4-AA67-937B6DDC8AB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{851C3AE4-EC50-4BE6-BB77-4E72493806F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [TCP Query User{5CA21839-EB81-4030-BE6E-C0D764F54BDB}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [UDP Query User{C39DFB6A-90A8-45A7-9CA5-76C311D46992}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [TCP Query User{1E0AE19E-20F1-443B-906D-065238976E49}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [UDP Query User{50D93168-8FA5-49AA-BABE-A5A8F88B3486}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [{BC45F458-DEB7-4E71-8941-1742EE09E829}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{4A30FB60-8369-40E0-906C-38AB2F7DF5FA}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{3B90E320-F8B7-429E-99E6-314F048244CD}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{D368F37B-76C3-43B0-B0FD-F5AF2D450029}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{DCDA16F5-1AB3-4585-B939-34DA43598E9B}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{592253A9-C2A2-4767-B3BF-DE9B0254A0FC}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{2E8D51BF-5717-4012-BC0A-557AD5122175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{253299C3-BD33-41BB-971A-81703FF02A3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{8038C947-E718-42AB-A08E-AC35AA8961CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{99173CA6-BBAB-422F-8C9A-E36139F022B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7CAD6721-1A87-4A98-98AC-30093FAC3F9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1FC37340-B9F3-46AB-8D02-C8E71A157472}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9D9F2F4E-88B8-4E22-AADB-5A99589DB433}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A4B7A22-EC59-4D80-A5BA-66B42386D2F1}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6E02E418-AA6F-4C92-9374-FFAA59441B23}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [UDP Query User{CD0D9E68-D68A-453C-A9EB-6B166701345C}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [{2F698A77-BA23-4B6C-9E39-3AB00712D141}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{DEDCE339-7914-48FF-A935-F774F7D0F667}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{61C77ED8-359C-49A2-BAE9-7042AE301115}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{77563C0C-B28D-4E56-98D2-9925DBECE044}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7886DA04-B9B3-4D41-A1D6-4E73BD0E46ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{1E3A3B0C-C9CD-40C2-BE64-44C61A972A05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{1B8DAE92-DFB0-437E-91DA-1CAD6D522EBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{5A7A1A69-94E3-4DD4-9285-5CDB74F4AB08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{87293E0F-BF05-439A-AB31-4AE1C27B30B9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{57023810-2F26-4628-B0D6-79A7505BB914}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [UDP Query User{25FAEDB6-0F8B-43CC-B6E6-2710E6889A77}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [{7BBFA194-32C6-4B66-947E-32B2E56C5349}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{485A89EA-FC27-46E1-A38F-2D5672E5C891}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{A978B67D-0222-4395-977E-8EB31E1AB2C7}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{CEA8D197-CE44-4DEC-B781-7EB7043A082E}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{8510B446-E85A-43A7-9F71-5C8D9DE17876}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{29A2E9C7-93CE-4B50-B70B-BC2F4453292D}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0474D4B1-5AEA-4B0C-A2E1-3B1EF26C4574}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/19/2022 06:16:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:10Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:15:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:40Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:15:10 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:10Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:14:40 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:40Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:13:31 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:31Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:13:01 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:01Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:12:31 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:31:31Z. Kód chyby: 0x80070002
Error: (08/19/2022 06:12:01 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-08-19T16:32:01Z. Kód chyby: 0x80070002
System errors:
=============
Error: (08/19/2022 05:43:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.WindowsFeedbackHub_1.2203.761.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.YourPhone_1.22062.536.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2022 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AUSGJMO)
Description: Server NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe!App.AppXw175g9nmx2zykh9fyt6xjc0xf8vmj1w6.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2022-08-02 18:27:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {141D31CF-CC1D-41BB-BFBC-4459A3E94F15}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-AUSGJMO\micha
Date: 2022-08-02 18:26:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/ICBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\micha\AppData\Local\Temp\bvaqoypw.gbn\banners-uvfuavr5.fbu\lavasoft_overlay_new_setup_progress_en_836de029-df55-483c-b06e-67c270576b5f-v3.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Users\micha\AppData\Local\Temp\bvaqoypw.gbn\PDFCreatorSetup.exe
Verze bezpečnostních informací: AV: 1.371.1272.0, AS: 1.371.1272.0, NIS: 1.371.1272.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3
Date: 2022-08-02 07:19:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8993F2EB-B663-4604-B693-F687055520FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-08-01 11:36:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\KMSAuto-Net win 10 aktivator.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.371.1208.0, AS: 1.371.1208.0, NIS: 1.371.1208.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3
Date: 2022-08-01 11:36:01
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\KMSAuto-Net win 10 aktivator.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AUSGJMO\micha
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.371.1208.0, AS: 1.371.1208.0, NIS: 1.371.1208.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3
CodeIntegrity:
===============
Date: 2022-08-18 11:25:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-06-17 17:27:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-24 12:13:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.90 12/09/2019
Motherboard: ASRock B450M Pro4
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 16313.71 MB
Available physical RAM: 9168.39 MB
Total Virtual: 18745.71 MB
Available Virtual: 8404.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.87 GB) (Free:32.42 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: Patriot Burst) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: SAMSUNG HD642JJ) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:224.84 GB) (Free:67.96 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive h: () (Fixed) (Total:224.84 GB) (Free:14.61 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive i: () (Fixed) (Total:222.95 GB) (Free:2.85 GB) (Model: Patriot Burst) NTFS
Drive j: () (Fixed) (Total:146.38 GB) (Free:20.3 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive k: () (Fixed) (Total:247.82 GB) (Free:115.57 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
Drive l: () (Fixed) (Total:683.59 GB) (Free:237.23 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
\\?\Volume{c4029046-716d-441f-a03d-cce2ceeeb070}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{c6b8d1f4-ded1-4088-bf7e-f6bafaa17d56}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{60e7a5ed-f4f6-7b96-b598-d4e1b1cb3654}\ () (Fixed) (Total:5.27 GB) (Free:0 GB) NTFS
\\?\Volume{19c0c6cf-4c0d-97a3-0d37-e79c8c13d025}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{7e630a01-0000-0000-0000-10c337000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{6ff619c6-97c5-4a7f-bd2f-8251e43ed227}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 7E630A01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=533 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: E274E274)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.7 GB) - (Type=0F Extended)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0775D37C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.
==================== End of Addition.txt =======================