Malware, trojan? - prosím o pomoc kontrolu logu FRST
Napsal: 20 lis 2022 08:49
Dobrý den Rudy, někdo se neustále dostává k mým heslům, ikdyž je opakovaně měním. Avast nefunguje, a už nevím co dělat.. Posílám log z FRST. Děkuju
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Users\micha\Desktop\adwcleaner.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Thales DIS CPL USA, Inc. -> Thales Group) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe
(services.exe ->) (Urban Cyber Security Inc. -> ) C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [UrbanVPN] => C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe [23796072 2022-09-29] (Urban Cyber Security Inc. -> )
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [XGAMER Audio 7.1] => C:\Program Files (x86)\XGAMER Audio 7.1\XGAMER Audio 7.1.exe [10700800 2020-09-09] (Solid State System) [File not signed]
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4245352 2022-11-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13668840 2022-10-11] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-11-06] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Gaijin.Net Updater] => C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-05-19] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Wargaming.net Game Center] => L:\Downloads\Wargaming.net\GameCenter\wgc.exe [2148528 2022-10-11] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892168 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\MountPoints2: {cd0f9543-00d3-11eb-a686-a8a159192c9e} - "N:\O16Setup.EXE"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Print\Monitors\EPSON L3050 Series 64MonitorBE: C:\Windows\system32\E_YLMBR4E.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2022-11-19] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-08-02] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon – zástupce.lnk [2022-08-24]
ShortcutTarget: ctfmon – zástupce.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {170E219B-8AC0-4ACD-A5B3-95E2B59342AF} - System32\Tasks\GoogleUpdateTaskMachineUA{CC6FCCFE-0B82-4CA0-9F44-D06B7A71F7C9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {1AF51550-6E9D-4293-8954-507DABBD02E0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1D13BDB4-DCB3-402E-BAF8-46542F03E489} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1DDF7133-CCCB-44A4-9581-A6A002782203} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [15918008 2022-11-19] (pdfforge GmbH -> pdfforge GmbH.)
Task: {2137B8ED-8431-4698-B440-E59641A34CC7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2237D69A-2074-4A62-BD65-D0397D543BE3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2576728 2022-11-06] (Overwolf Ltd -> Overwolf LTD)
Task: {417081D9-D47E-46B6-9340-84A2B9F4674D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {4741C4FB-0026-418A-B88D-E4CBEB191DC5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {4808EE77-6D80-44BC-846C-3F93A6D56587} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {5873D4AF-CDC1-4AE4-9500-CCAC20FCA8BE} - System32\Tasks\GoogleUpdateTaskMachineCore{378D9C95-EA40-4EDA-B415-F57806CDC798} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {5A333012-983C-4390-BE1B-0B52106DDB39} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [66936 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EEBF767-50B8-487C-BF8A-ECE05530ECC2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {60A2DFAB-8B01-4B94-911D-F5B5070A2D72} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2123200 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
Task: {60BA3CEE-A47C-46F2-B2F1-A7EFCF225C43} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {720E946F-CEDC-4AD3-8BFC-CA4135BFE0FC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7F3184BF-E48E-4B94-B1F0-E3C5113B959B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4261871939-3680644312-2290833728-1001 => C:\Users\micha\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {99761133-1AA8-44AD-AD69-CA41D22485E7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9D17A3F8-8D22-4218-B129-35BF440806A8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A29AE754-98A1-46F0-9BCC-EBAF583E3555} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
Task: {A9210039-5D08-41FA-B0B1-35592DF5F8B3} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2123200 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
Task: {ABFF3165-019B-491D-B5AB-04DD543997EC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B2A3FCB7-9970-4B18-8745-C94890D3431C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B628F759-22B6-428E-98CA-970E4A13E27C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC8F4658-09C7-405C-AC65-C447B9291498} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-10-24] (Avast Software s.r.o. -> Avast Software)
Task: {D012BD15-A504-4F06-872B-2FF795B502CF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFF182B4-9790-439D-A881-BE0D318718D9} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3438016 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
Task: {F26D76EA-C327-4A27-BE33-159501B8D157} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4261871939-3680644312-2290833728-1001 => C:\Users\micha\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {F7030443-2EB6-46CF-8562-FA23A1498001} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-4261871939-3680644312-2290833728-1001] => 182.71.146.148:8080
Tcpip\..\Interfaces\{a50b097d-b2f0-400f-88af-6fcafcb09065}: [NameServer] 31.192.72.13,10.0.0.1
Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-20]
Edge HomePage: Default -> hxxp://www.google.com/
Edge Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-11-03]
Edge Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-11-03]
Edge Extension: (Free VPN for Edge - VPN Proxy VeePN) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\panammoooggmlehahpcjckcncfeffcoi [2022-11-03]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2022-11-20]
CHR Notifications: Default -> hxxps://app.smartsupp.com; hxxps://business.facebook.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-02]
CHR Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-20]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-11-16]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com
CHR HomePage: Profile 1 -> hxxp://www.google.cz/
CHR StartupUrls: Profile 1 -> ""
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
CHR Extension: (Entanglement Web App) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aciahcmjmecflokailenpkdchphgkefd [2021-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29]
CHR Extension: (Eiffel Tower) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppbaibkigenhdcommebegmmmpoolmpip [2021-10-29]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134664 2022-02-24] (Autodesk, Inc. -> Autodesk Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539032 2022-11-14] (Avast Software s.r.o. -> AVAST Software)
S2 AudioDeviceService; C:\Windows\system32\AudioDeviceService.exe [2730496 2020-09-09] (SSS) [File not signed]
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-04-26] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4507328 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9946216 2022-11-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-04] (Epic Games Inc. -> Epic Games, Inc.)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2131432 2022-10-11] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-27] (GOG Sp. z o.o. -> GOG.com)
R2 hasplms; C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe [8311152 2022-04-18] (Thales DIS CPL USA, Inc. -> Thales Group)
S2 NovaSkinResourcepack; C:\Users\micha\AppData\Roaming\.minecraft\resourcepacks\novaskin\bin\nssm-x86.exe [157696 2015-01-23] () [File not signed]
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2576728 2022-11-06] (Overwolf Ltd -> Overwolf LTD)
S3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3108800 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [507328 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [414656 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2720088 2022-11-03] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 UrbanVPNServiceInteractive; C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe [450768 2022-09-29] (Urban Cyber Security Inc. -> )
S3 UrbanVPNUpdater; C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe [1022312 2022-09-29] (Urban Cyber Security Inc. -> Urban Security)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 LTService; C:\Windows\AmanUpdateLogLT.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
S2 WTService; C:\Windows\AmanOnlineWT.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [69576 2022-04-18] (Gemalto, Inc. -> SafeNet, Inc.)
R3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [68560 2022-04-18] (Gemalto, Inc. -> SafeNet, Inc.)
R3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [313784 2022-04-18] (Gemalto, Inc. -> SafeNet, Inc.)
S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2020-04-10] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104; C:\WINDOWS\SysWOW64\Drivers\AsrDrv104.sys [34536 2021-12-26] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 keyboard; C:\Windows\System32\Drivers\keyboard.sys [18536 2022-10-08] (Francisco Lopes da Silva -> Oblita)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2020-04-09] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R3 mouse; C:\Windows\System32\Drivers\mouse.sys [18536 2022-10-08] (Francisco Lopes da Silva -> Oblita)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [44080 2022-10-08] (Shaul Eizikovich -> Nefarius Software Solutions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 UAExt; C:\WINDOWS\System32\DRIVERS\UAExt.sys [135264 2020-09-09] (Solid State System Co., Ltd -> Solid State System.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455968 2022-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-14] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-20 08:45 - 2022-11-20 08:45 - 000029910 _____ C:\Users\micha\Desktop\FRST.txt
2022-11-20 08:44 - 2022-11-20 08:44 - 002375680 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2022-11-20 08:43 - 2022-11-20 08:43 - 008791352 _____ (Malwarebytes) C:\Users\micha\Desktop\adwcleaner.exe
2022-11-19 16:21 - 2022-11-19 16:21 - 003408656 _____ (Nova Skin ) C:\Users\micha\Desktop\NovaSkinResourcepackInstaller.exe
2022-11-19 10:28 - 2022-11-19 10:30 - 000000000 ____D C:\Program Files\PDF Architect 9
2022-11-19 10:28 - 2022-11-19 10:28 - 000001181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 9.lnk
2022-11-19 10:27 - 2022-11-19 10:27 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-11-19 10:27 - 2022-11-19 10:27 - 000000000 ____D C:\ProgramData\PDF Architect 9
2022-11-19 10:27 - 2022-11-19 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2022-11-19 10:03 - 2022-11-19 10:03 - 000119728 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Exelová Hana, Dolní Konec 68, 69606 Vacenovice.pdf
2022-11-19 09:55 - 2022-11-19 10:33 - 000001144 _____ C:\Users\micha\Desktop\Minecraft Launcher.lnk
2022-11-17 14:36 - 2022-11-17 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UrbanVPN
2022-11-17 14:36 - 2022-11-17 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2022-11-17 14:36 - 2022-11-17 14:36 - 000000000 ____D C:\Program Files\UrbanVPN
2022-11-17 14:35 - 2022-11-17 14:36 - 032229200 _____ (Urban Security) C:\Users\micha\Desktop\UrbanVPN2.exe
2022-11-17 14:32 - 2022-11-17 14:32 - 029264824 _____ (Hongkong Guangling NetWork Technology Co., Ltd.) C:\Users\micha\Desktop\aman_2.3.5_0928.exe
2022-11-17 14:32 - 2022-11-17 14:32 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AmanVPN
2022-11-17 14:32 - 2022-11-17 14:32 - 000000000 ____D C:\Users\micha\AppData\Local\Install
2022-11-17 14:32 - 2022-11-17 14:32 - 000000000 ____D C:\Program Files (x86)\aman
2022-11-17 14:29 - 2022-11-17 14:29 - 054263528 _____ (HIGH SPEED RABBIT LIMITED) C:\Users\micha\Desktop\rabbitvpn1_31.exe
2022-11-17 14:29 - 2022-11-17 14:29 - 000000000 ____D C:\ProgramData\Caphyon
2022-11-17 14:29 - 2022-11-17 14:29 - 000000000 ____D C:\Program Files\TAP-Windows
2022-11-16 19:44 - 2022-11-16 19:44 - 000127825 _____ C:\Users\micha\Desktop\Bohumil Metelka, Zahradní 1063, 691 42 Valtice.pdf
2022-11-15 16:16 - 2022-11-15 16:16 - 000000000 ____D C:\Users\micha\AppData\Roaming\PD Launcher
2022-11-15 16:16 - 2022-11-15 16:16 - 000000000 ____D C:\Users\micha\AppData\Local\PD Launcher
2022-11-13 19:20 - 2022-11-13 19:22 - 000251685 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Jaroslav Chovanec, Rohatecká 241, 696 02 Rohatec.pdf
2022-11-13 18:42 - 2022-11-13 18:42 - 000463793 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Radek Ševčík, Zahradní 5, 695 01 Hodonín.pdf
2022-11-13 17:29 - 2022-11-13 17:29 - 000162220 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Svatava Mařáková, Okružní 1226, 696 42 Vracov.pdf
2022-11-13 11:16 - 2022-11-13 11:16 - 000000000 ____D C:\Users\micha\Desktop\forge-1.12.2-14.23.5.2860-installer
2022-11-13 11:15 - 2022-11-13 11:15 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-11-13 11:11 - 2022-11-09 11:03 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-13 11:11 - 2022-11-09 11:03 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-13 11:11 - 2022-11-09 11:03 - 001642592 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-13 11:11 - 2022-11-09 11:03 - 001642592 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-13 11:11 - 2022-11-09 11:03 - 001487912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001444416 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001444416 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001227304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-13 11:11 - 2022-11-09 10:59 - 000865272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-13 11:11 - 2022-11-09 10:59 - 000672232 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-13 11:11 - 2022-11-09 10:59 - 000507432 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 002162176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 001618408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 001531400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 001190392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 000950280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 000746536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-13 11:11 - 2022-11-09 10:58 - 000734184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 012452360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 010218488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 005891072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 005856744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 003334136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 000457752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-13 11:11 - 2022-11-09 10:56 - 005816312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-13 11:11 - 2022-11-09 10:56 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-13 11:11 - 2022-11-08 23:40 - 000100589 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-12 11:34 - 2022-11-12 11:34 - 000000000 ___HD C:\$WinREAgent
2022-11-11 14:15 - 2022-11-11 14:15 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-11 14:14 - 2022-11-11 14:14 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-11 14:14 - 2022-11-11 14:14 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-11 14:14 - 2022-11-11 14:14 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-10 21:47 - 2022-11-10 21:47 - 000073742 _____ C:\Users\micha\Desktop\29-prohlaseni-o-vlastnostech-nerez-flex-03-04.pdf
2022-11-10 21:47 - 2022-11-10 21:47 - 000073168 _____ C:\Users\micha\Desktop\31-prohlaseni-flex-010-012-p1.pdf
2022-11-09 22:27 - 2022-11-09 22:27 - 040450839 _____ C:\Users\micha\Desktop\Zarosice.mp4
2022-11-08 21:08 - 2022-11-08 21:08 - 000052813 _____ C:\Users\micha\Desktop\Komin.pdf
2022-11-08 18:59 - 2022-11-08 18:59 - 022089136 _____ C:\Users\micha\Desktop\witherstormmod-1.19.2-3.1.1.jar
2022-11-08 18:59 - 2022-11-08 18:59 - 000000000 ____D C:\Users\micha\Desktop\witherstormmod-1.19.2-3.1.1
2022-11-07 21:15 - 2022-11-07 21:15 - 000054352 _____ C:\Users\micha\Desktop\Zdeněk Foltýn, Na rybníčku 397, Dubňany - tepelně technický výpočet SC.pdf
2022-11-05 15:49 - 2022-11-05 15:49 - 000000222 _____ C:\Users\micha\Desktop\Don't Starve Together.url
2022-11-04 19:36 - 2022-11-05 15:58 - 000000000 ____D C:\Users\micha\Documents\Klei
2022-11-03 21:51 - 2022-11-03 21:51 - 000002350 _____ C:\Users\micha\Desktop\Microsoft Edge.lnk
2022-11-01 22:20 - 2022-11-01 22:20 - 000053973 _____ C:\Users\micha\Desktop\Šebesta, Sudoměřice - výpočet.pdf
2022-11-01 21:28 - 2022-11-01 21:28 - 000198120 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Jiří Janeček, Příšní 307D, 696 66 Sudoměřice.pdf
2022-10-30 21:44 - 2022-10-30 21:44 - 000637670 _____ C:\Users\micha\Desktop\schiedel-CZ-Prisl-ABS-UNIADV_napojovaci-dily_1.7.22.pdf
2022-10-30 09:31 - 2022-10-30 09:31 - 000000780 _____ C:\Users\micha\Desktop\Bugsnax.lnk
2022-10-30 09:05 - 2022-10-30 09:05 - 000046771 _____ C:\Users\micha\Desktop\almeva-kominovy-stitek-flex-g_0.pdf
2022-10-29 13:50 - 2022-10-29 13:50 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-10-29 13:50 - 2022-10-29 13:50 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-10-26 19:56 - 2022-10-26 19:56 - 000000000 ____D C:\Users\micha\Documents\PDF Architect
2022-10-26 19:41 - 2022-11-19 18:45 - 000000000 ____D C:\Users\micha\AppData\Roaming\PDF Architect 9
2022-10-26 19:37 - 2022-10-26 19:37 - 000135815 _____ C:\Users\micha\Desktop\Marek Mužík, Nádražní 6, 691 51 Lanžhot.pdf
2022-10-25 21:07 - 2022-10-25 21:07 - 002149497 _____ C:\Users\micha\Desktop\návod Kamino.pdf
2022-10-25 18:37 - 2022-10-25 18:37 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2022-10-25 18:30 - 2022-10-25 18:30 - 000000000 ____D C:\Users\micha\AppData\Local\CrashBandicoot4
2022-10-25 18:16 - 2022-10-25 18:16 - 000000953 _____ C:\Users\Public\Desktop\Crash Bandicoot 4.lnk
2022-10-24 19:33 - 2022-10-24 19:37 - 000000000 ____D C:\Users\micha\AppData\Local\Avast Software
2022-10-24 19:32 - 2022-11-19 20:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-24 19:32 - 2022-11-14 21:05 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-10-24 19:32 - 2022-10-24 19:32 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-24 19:32 - 2022-10-24 19:32 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-10-24 19:32 - 2022-10-24 19:32 - 000000000 ____D C:\Users\micha\AppData\Roaming\Avast Software
2022-10-24 19:32 - 2022-10-24 19:32 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-10-24 19:32 - 2022-10-24 19:31 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-10-24 19:32 - 2022-10-24 19:31 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-10-24 19:32 - 2022-10-24 19:31 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-10-24 19:31 - 2022-10-24 19:31 - 000000000 ____D C:\Program Files\Avast Software
2022-10-23 22:35 - 2022-11-19 10:04 - 000000000 ____D C:\Users\micha\AppData\Roaming\ImageGlass
2022-10-23 22:35 - 2022-11-17 14:36 - 000000000 ____D C:\Users\micha\AppData\Local\AdvinstAnalytics
2022-10-23 22:35 - 2022-10-23 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageGlass
2022-10-23 22:35 - 2022-10-23 22:35 - 000000000 ____D C:\Program Files\ImageGlass
2022-10-23 22:30 - 2022-10-17 10:59 - 006632744 _____ (Geek Uninstaller) C:\Users\micha\Desktop\geek.exe
2022-10-23 22:02 - 2022-10-23 22:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-10-23 21:57 - 2022-10-23 21:57 - 000002511 _____ C:\Users\micha\Desktop\Word 2016.lnk
2022-10-23 21:57 - 2022-10-23 21:57 - 000002483 _____ C:\Users\micha\Desktop\Excel 2016.lnk
2022-10-23 21:46 - 2022-10-23 21:46 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-10-23 21:46 - 2022-10-23 21:46 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-10-23 21:46 - 2022-10-23 21:46 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-10-23 21:46 - 2022-10-23 21:46 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-10-23 21:12 - 2022-10-07 04:01 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-10-23 21:11 - 2022-11-09 10:55 - 006512336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-10-23 21:08 - 2022-07-14 00:32 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-10-23 17:01 - 2022-10-23 17:04 - 000000000 ____D C:\Users\micha\AppData\Roaming\Geek Uninstaller
2022-10-23 16:40 - 2022-10-24 19:35 - 000000000 ____D C:\Users\micha\AppData\Local\system32
2022-10-23 16:40 - 2022-10-23 16:41 - 000000000 ____D C:\Users\micha\AppData\Roaming\system32
2022-10-23 16:09 - 2022-11-16 17:18 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-23 16:09 - 2022-10-23 16:09 - 000000000 ____D C:\Users\micha\AppData\Local\Microsoft Help
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-20 08:45 - 2021-10-21 17:11 - 000000000 ____D C:\FRST
2022-11-20 08:44 - 2020-04-04 10:02 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-20 08:43 - 2020-12-15 21:23 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2022-11-20 08:42 - 2020-04-04 09:18 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-20 08:41 - 2021-12-21 17:07 - 000002321 _____ C:\Users\micha\Desktop\CurseForge.lnk
2022-11-20 08:41 - 2021-12-21 17:06 - 000000000 ____D C:\Users\micha\AppData\Local\Overwolf
2022-11-20 08:41 - 2021-10-27 09:40 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-11-20 08:41 - 2020-12-15 21:23 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2022-11-20 08:41 - 2020-04-04 09:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-19 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-19 20:47 - 2022-08-29 18:24 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{CC6FCCFE-0B82-4CA0-9F44-D06B7A71F7C9}
2022-11-19 20:47 - 2022-08-29 18:24 - 000003254 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{378D9C95-EA40-4EDA-B415-F57806CDC798}
2022-11-19 20:47 - 2022-07-18 12:34 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-19 20:47 - 2022-05-26 20:45 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-04-28 12:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-11-19 20:47 - 2022-04-28 12:33 - 000003270 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2022-11-19 20:47 - 2022-04-22 18:21 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-19 20:47 - 2022-04-22 18:21 - 000003374 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f8bfdbe63d84
2022-11-19 20:47 - 2022-04-22 18:20 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-11-19 20:46 - 2020-04-04 10:17 - 000000000 ____D C:\Users\micha\AppData\Local\ClassicShell
2022-11-19 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-19 16:26 - 2021-08-06 16:29 - 000000000 ____D C:\Users\micha\AppData\Roaming\.minecraft
2022-11-19 16:25 - 2020-04-04 09:07 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2022-11-19 16:25 - 2020-04-04 08:57 - 000000000 ____D C:\ProgramData\Packages
2022-11-19 16:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-19 10:51 - 2021-02-01 18:31 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-19 10:51 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-19 10:51 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-19 10:51 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-19 10:48 - 2020-05-31 20:10 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2022-11-19 10:44 - 2021-02-01 18:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-19 10:44 - 2021-02-01 18:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-19 10:44 - 2020-04-04 10:59 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-19 10:44 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-19 10:37 - 2022-10-09 18:07 - 000001297 _____ C:\Users\micha\Desktop\KeyboardSplitter – zástupce.lnk
2022-11-19 10:28 - 2022-08-03 07:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\pdfforge GmbH
2022-11-19 10:27 - 2021-10-27 09:36 - 000000000 ____D C:\Program Files\PDFCreator
2022-11-19 10:03 - 2022-09-11 19:31 - 000000000 ____D C:\Users\micha\AppData\Roaming\com.adobe.dunamis
2022-11-19 09:50 - 2022-10-12 19:43 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-19 09:50 - 2022-10-12 19:43 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-11-19 09:35 - 2020-06-06 21:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-17 15:15 - 2021-12-26 10:26 - 000000000 ____D C:\Program Files\CZC G GK1000
2022-11-17 14:37 - 2022-03-16 14:04 - 000000000 ____D C:\ProgramData\UrbanVPN
2022-11-17 14:32 - 2020-04-09 21:03 - 000000000 ____D C:\Users\micha\AppData\Local\cache
2022-11-15 20:36 - 2021-09-13 14:08 - 000000000 ____D C:\ProFact
2022-11-15 16:18 - 2020-04-04 10:02 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2022-11-15 16:16 - 2020-04-04 10:00 - 000000000 ____D C:\ProgramData\Package Cache
2022-11-13 21:05 - 2021-02-01 18:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-13 11:15 - 2020-04-04 10:03 - 000000000 ____D C:\Users\micha\AppData\Local\NVIDIA
2022-11-13 09:52 - 2021-02-01 18:25 - 000546096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-12 22:04 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-11 14:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-11 14:14 - 2021-02-01 18:29 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-11 14:08 - 2020-04-04 22:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-11 14:06 - 2020-04-04 22:43 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-11 12:10 - 2020-04-04 09:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-09 22:27 - 2020-04-04 09:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2022-11-09 18:27 - 2021-12-21 17:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-11-09 10:55 - 2021-01-31 16:01 - 007642816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-11-05 20:49 - 2020-04-19 08:50 - 000000000 ____D C:\Users\micha\AppData\Roaming\qBittorrent
2022-10-31 21:49 - 2020-04-06 15:29 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Temp
2022-10-29 20:56 - 2021-02-01 18:26 - 000000000 ____D C:\Users\micha
2022-10-29 13:50 - 2021-12-22 14:51 - 002815456 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000452048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000243168 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000153048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-26 20:00 - 2021-08-16 15:32 - 000000000 ____D C:\Moje kominictvi
2022-10-25 18:31 - 2021-09-02 18:20 - 000000000 ____D C:\Users\micha\AppData\Roaming\Goldberg SteamEmu Saves
2022-10-25 11:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-10-24 19:32 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-24 13:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-23 21:08 - 2020-04-04 10:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-23 21:08 - 2020-04-04 08:57 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-23 21:08 - 2020-04-04 08:57 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-23 21:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-23 21:06 - 2019-03-19 05:49 - 000000076 _____ C:\WINDOWS\win.ini
2022-10-23 21:03 - 2020-04-19 08:47 - 000000000 ____D C:\Users\micha\AppData\Local\yuzu
2022-10-23 17:00 - 2020-04-04 10:59 - 000000000 ____D C:\Users\micha\AppData\Roaming\DAEMON Tools Lite
2022-10-23 16:03 - 2020-08-16 20:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-23 16:03 - 2020-04-04 10:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-22 11:57 - 2021-02-01 18:26 - 000002381 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2020-07-29 19:21 - 2020-07-29 19:21 - 000056320 _____ (SSS) C:\ProgramData\FinalDeleteFile.exe
2022-04-27 10:50 - 2022-04-27 10:50 - 000007342 _____ () C:\Users\micha\AppData\Local\2573084692
2020-09-27 20:17 - 2020-09-27 20:17 - 000016438 _____ () C:\Users\micha\AppData\Local\partner.bmp
2021-01-10 19:43 - 2021-02-08 18:36 - 000007602 _____ () C:\Users\micha\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by micha (20-11-2022 08:46:10)
Running from C:\Users\micha\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) (2021-02-01 17:30:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4261871939-3680644312-2290833728-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4261871939-3680644312-2290833728-503 - Limited - Disabled)
Guest (S-1-5-21-4261871939-3680644312-2290833728-501 - Limited - Disabled)
micha (S-1-5-21-4261871939-3680644312-2290833728-1001 - Administrator - Enabled) => C:\Users\micha
micha_p24az47 (S-1-5-21-4261871939-3680644312-2290833728-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4261871939-3680644312-2290833728-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aman (HKLM-x32\...\AmanVPN) (Version: 2.3.5.0907 - Hongkong Guangling Mdt InfoTech Limited)
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASRock Restart to UEFI v1.0.9 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.9 - ASRock Inc.)
A-Tuning v3.0.215 (HKLM-x32\...\A-Tuning_is1) (Version: 3.0.215 - ASRock Inc.)
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.10.6038 - Avast Software)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Epic (HKLM\...\{B51E6DE5-9A25-47E6-9806-24B4C62D42A6}) (Version: 1.3.1.0 - Manticore Games)
Core Epic Installer (HKLM-x32\...\{531451dd-91d4-4b27-a171-1b9c7f325969}) (Version: 1.3.0.0 - Manticore Games) Hidden
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
Crash Bandicoot 4 (HKLM-x32\...\Crash Bandicoot 4_is1) (Version: - )
Crossout Launcher 1.0.3.144 (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\CrossOutLauncher_is1) (Version: - )
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 1.2.4 - GOG.com)
Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - )
CurseForge (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.212.3.7035 - Overwolf app)
CZC G GK1000 (HKLM-x32\...\CZC G GK1000) (Version: V1.01n - CZC G GK900)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1184 - Disc Soft Ltd)
DCS World OpenBeta (HKLM\...\DCS World OpenBeta_is1) (Version: 2.5 - Eagle Dynamics)
Discord (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.47.0.5304 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{daaa5ef5-cad5-4ad1-b550-6f3388e65fe0}) (Version: 12.47.0.5304 - Electronic Arts)
Empires of the Undergrowth (HKLM-x32\...\1850642020_is1) (Version: 0.2324 - GOG.com)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{AA6AE72A-371E-4454-9066-3D02BB4BC4E9}) (Version: 3.3.1.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FileZilla Client 3.47.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.47.2.1 - Tim Kosse)
Floating Sandbox 1.16.7.1 (HKLM\...\{E0EFB81F-319E-4AB2-80D9-38374D454C01}) (Version: 1.16.7.1 - Gabriele Giuseppini)
Gas Station Simulator (HKLM-x32\...\Gas Station Simulator_is1) (Version: - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
I Am Fish (HKLM-x32\...\I Am Fish_is1) (Version: - )
ImageGlass (HKLM\...\{15872342-C9E9-4C65-9586-35B4EFDB806B}) (Version: 8.6.7.13 - Duong Dieu Phap)
i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC)
Java(TM) SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
Kindergarten 2 v1.23 (HKLM-x32\...\tuttop.com Kindergarten 2 v1.23_is1) (Version: 1.23 - tuttop.com)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.52 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{B71DA3AB-24EC-9E95-A79B-7B5F92B0CEDD}) (Version: 10.1.22621.1846 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\OneDriveSetup.exe) (Version: 22.212.1009.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.9.0 - F.J. Wechselberger)
Newgrounds Player (HKLM-x32\...\{B9735123-2823-49F8-8264-372895D39702}) (Version: 1.0.0 - Newgrounds)
Nova Skin resourcepack version 2 (HKLM-x32\...\{497EF1F8-2F52-45A5-BF36-C6D11773F093}_is1) (Version: 2 - Nova Skin)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 526.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 526.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22215 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.208.1.2 - Overwolf Ltd.)
PDF Architect 9 (HKLM-x32\...\PDF Architect 9) (Version: 9.0.27.2538 - pdfforge GmbH)
PDF Architect 9 Edit Module (HKLM\...\{506451AA-F85D-45CB-865A-636C10931DD8}) (Version: 9.0.28.19771 - pdfforge GmbH) Hidden
PDF Architect 9 OCR Module (HKLM\...\{6A824BC0-872A-456F-991E-B8222937E17C}) (Version: 9.0.28.19771 - pdfforge GmbH) Hidden
PDF Architect 9 OCR TESS Module (HKLM\...\{3CB34A5C-AA27-46BE-8635-9BBC1D27E60B}) (Version: 9.0.28.19771 - pdfforge GmbH) Hidden
PDF Architect 9 View Module (HKLM\...\{FACC2AE6-8B2D-42AE-9A80-BB791422DA6B}) (Version: 9.0.28.19771 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{51D4D10A-490B-40A8-9C2A-853DC279013D}) (Version: 5.0.2 - pdfforge GmbH)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk)
ProFact 5 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version: - )
PROTECH CD 676 (HKLM-x32\...\{F2BAF0DF-63ED-4BFC-ACA8-21355B235D7F}) (Version: 67.6.0 - PROTECH)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.6.589 - Jan Fiala)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.66.1083 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
Snowtopia Demo (HKLM-x32\...\1103034679_is1) (Version: 0.9.31.gog - GOG.com)
Snowtopia: Ski Resort Tycoon (HKLM-x32\...\1179524912_is1) (Version: 0.14.27 - GOG.com)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Spotify (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superliminal (HKLM-x32\...\Superliminal_is1) (Version: - )
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 128.0.10632 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: 1.0.0.1 - Electronic Arts, Inc.)
UrbanVPN (HKLM\...\{62F37AEF-93BF-4E7E-B5B6-97BFEC82BEF5}) (Version: 2.2.9 - Urban Security) Hidden
UrbanVPN (HKLM\...\UrbanVPN 2.2.9) (Version: 2.2.9 - Urban Security)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Wargaming.net Game Center) (Version: 22.4.1.367 - Wargaming.net)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
XGAMER Audio 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 3.21.2018.104 - SADES)
Packages:
=========
Forager -> C:\Program Files\WindowsApps\HumbleBundle.ForagerWin10_1.0.1.2_x64__q2mcdwmzx4qja [2022-02-25] (Humble Bundle)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-10-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-10-25] (Microsoft Corporation) [MS Ad]
Minecraft Dungeons -> C:\Program Files\WindowsApps\Microsoft.Lovika_1.16.2.0_x64__8wekyb3d8bbwe [2022-11-17] (Microsoft Studios)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.3101.0_x64__8wekyb3d8bbwe [2022-10-24] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2022-09-03] (Microsoft Studios)
Minecraft: Java Edition -> C:\Program Files\WindowsApps\Microsoft.MinecraftJavaEdition_1.0.5.0_x64__8wekyb3d8bbwe [2022-11-19] (Microsoft Studios)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.553.620.0_x86__55nm5eh3cm0pr [2022-11-18] (ROBLOX Corporation)
Totally Accurate Battle Simulator -> C:\Program Files\WindowsApps\LandfallGames.TotallyAccurateBattleSimulator_1.0.6239.0_x64__r2vq7k2y0v9ct [2022-11-09] (Landfall Games)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFArchitect8_ManagerExt] -> {EC981B88-4DFE-457D-B623-09D6C0E3EE6C} => C:\Program Files\PDF Architect 9\context-menu.dll [2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2022-10-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\nvshext.dll [2022-11-09] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\micha\Desktop\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\micha\Desktop\Terezka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2021-10-27 09:36 - 2022-08-02 17:26 - 000181248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Control Panel\Desktop\\Wallpaper -> c:\users\micha\desktop\foceni - vanoce 2019\dsc_9982.jpg
DNS Servers: 31.192.72.13 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Trust GXT 354 Headset"
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{29458DEB-89BE-4F55-B362-0A79FF315AC2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{D73F25B8-73D8-4612-9013-00AFC67C6490}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{C535DEAE-95B1-4EC1-9AE3-90F16FB847B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [{D00CE7CD-302D-4FC5-9DBD-BF6946EB2BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [UDP Query User{F873DD99-DACE-47FB-ACB7-FAF5D2D438EF}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [TCP Query User{A54F25F0-65EF-41E6-9DB2-01F8F95FD1E9}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [UDP Query User{446488F3-6A65-4A40-84ED-6D7DD85BC5F2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{0A1E29E9-17F5-49FA-831C-74E987176127}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{54446129-352F-4716-A57E-817CFBE15A09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45E25852-2436-49B6-8730-460ABC3C1F32}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{864198A2-5A02-402B-BFBE-2A6092CE7CBA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{89CCDD86-5ABB-49F9-ADA2-3AA16A9C0DFA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D790B858-A34F-48F3-BAB6-30E18C8B86A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{E45CB1FF-8765-4764-B6E5-03B0CFB43CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [UDP Query User{11C83DD6-66C1-4B2A-95B9-F5595BAAE73F}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{36435545-4B21-4506-82B2-85572F619B25}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DBF5FAC2-3ED8-4AB7-A39F-2F9A785F9F5A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> TODO: <Company name>)
FirewallRules: [TCP Query User{975D2953-97C3-42CD-98A5-83734BE1D7B2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> TODO: <Company name>)
FirewallRules: [{E1397ADB-175E-4CD9-B12F-39A92FBF12B3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3114659E-1964-4B01-88CD-D008340CB6FA}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{0356A693-A394-4772-B76B-BF4C327CF3EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8E292D98-5399-4BC6-8E9D-0B1CB269BB82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0586D70B-5F9B-4AE4-905B-6D8A0EB68614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6C369FD2-5CA0-46A5-AE4C-89BC129BAD00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{04EE9578-4475-4C45-8938-31CFCAC72E37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1422F21A-0FE6-4E04-8608-E0AB2E1E74A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{59EC471F-33CD-4B0E-8E0A-29665C636ADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{B908D25C-2BCF-4188-BD0F-E397AC0F6BEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{0A77FFB5-C2E5-4D61-B0A6-F50C26917801}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{3DDF4574-0231-4AB2-8264-9943794F7292}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{EDB90044-B689-459D-A928-70A8E53D2179}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{10816914-AC23-4957-AFA6-FF812C9B1605}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{D941A9B7-F0DD-4690-9B9E-BA858CBD8690}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [UDP Query User{E3FF217D-D5A2-4FBB-9AA2-46E08FD69504}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [TCP Query User{37E4D05E-2ADF-410A-B96A-4FE1603EB75E}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{41A171F7-2F8E-4D4F-95D8-B31FB070B856}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [{D7CD4EE0-8A58-464F-ACCA-A17B2148C55D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{B11CE916-FDDE-436A-B8EF-79A0AF4B214D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [TCP Query User{C55AC7D3-0136-4931-8E8E-F9483277C5DA}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [UDP Query User{816377DE-18B1-4961-BDD4-D474969DCFA6}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [TCP Query User{F00BAB0A-4A0E-420B-90BC-3CC38FF11BDE}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{0130D317-847E-4D30-B195-B52A0FD1AC39}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{5EB038E2-3D18-44B7-8E96-890B39F3E827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{68A4ADEA-1C84-4789-A697-CB2D3B816771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [TCP Query User{45ED595B-3318-4527-A16E-AE92F97115E2}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{F9D771D3-D794-453C-A170-D06223863C87}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [{9561CBB4-7CD3-4A3F-BD3B-6578D946570C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{72ECBBE5-8F9F-4A97-A7BF-C49729ADFABF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{BCC952E8-88D5-462B-A31F-88AAAA2CD4C9}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [UDP Query User{5F02E16D-3283-4B5A-A892-B478B3808213}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [TCP Query User{70860165-FC28-4A9A-9549-72643AF82E96}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [UDP Query User{06F8E3AC-4E9E-4F99-BC5F-B91E1909A464}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [{D7E833B6-8C9E-4F53-ADCC-237CC74140B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{92558988-B934-43A7-8992-25F6DB7CD255}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [TCP Query User{0E856306-59C5-43ED-BBAB-5A6C6358A2EC}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [UDP Query User{7605C579-E973-4947-92C4-BE006BC64FF1}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [{B2DA71DE-1615-440A-BEB4-9A465F176CF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{3930353B-5ACC-46D7-BFB3-5ABDF047A43B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{01DF4354-EA13-4B39-A5E2-D851CA21DEAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{83AC1B05-9D39-4B0B-9721-60909619376E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [TCP Query User{7D120729-8247-46E1-A96C-2897BE827323}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [UDP Query User{55274E68-151E-453B-BF06-F07E61CCE6E0}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [{D5E9125B-F4C3-4BE3-9C39-4327635141A9}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1DBD88C5-F55B-403D-9D47-7509BA2B3F50}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{82293978-6754-445C-9C19-4517C53B2CBE}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [UDP Query User{6D4F340F-CC84-441A-8F08-7F597798B806}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [{FB08CC40-5BB2-4929-AE72-E844CAA9BC4C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{73AFC565-A221-4AF4-8B01-BF38A7E3AAFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{3E1A716A-73A8-4971-82E0-3292C49B152E}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [UDP Query User{6C09B28E-8BF2-419B-8B46-19F6B2DAAC55}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [{887E5316-A9BD-460F-B213-61A3DD57E396}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{6AA2F05C-B390-46DC-9D2A-3AB006261BE6}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{A4F2B005-89AB-41F1-8F41-F596CDCADBC8}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{1AC4CB70-2406-4DC8-BB08-9AFFDE94FC12}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{68C1325C-7C3E-47E7-8B2E-A83D571D67FA}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{4C2AA51F-46E3-4489-B00C-2D5B089EEE79}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [TCP Query User{F1BE06E4-5622-4761-B9FA-496F3C93E3EA}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{31CDE955-BC24-491A-89D0-0BD4AC1B4B34}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{ED21F7B5-C7C6-4DE2-8131-044A5F38C7AE}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [{35553D72-31B7-4640-8FD1-E4E099F2862C}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [TCP Query User{CBA75151-CD05-4556-A4C2-47B3C4034E44}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{C012ED2B-A45E-4B0F-91F3-11B38F8D9C6B}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{B20ED7C1-4DC5-4C0E-BB7F-FA796742B8B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [{27433D62-6D09-436E-97E3-C80F1CC17D29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{C526C79D-2F23-4659-8886-74EB1217C5BA}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{2B813FC4-335F-4364-A51B-96934E86E050}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{5398BB7F-69A6-413A-ABA0-D9CFD9C06102}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{4CE251E0-D80C-4B9F-AEBC-560ECD797F9F}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1B203524-5397-4260-9EA2-E79C28F696BF}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [UDP Query User{7729F747-4D8C-43A7-BC5D-C26A526AB26C}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [TCP Query User{6891DA4E-A682-4013-AC9F-93F1F41538A1}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{981D95FE-1B8B-4E50-9157-16E1841EFD0B}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1AEA2C90-34CF-4A28-8A8B-DECE34231209}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{CBD697BB-8858-43F9-8DEA-E68395D8B415}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{BBB18066-1A62-4B6F-AEA7-09012086A685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{23E7748A-E81A-4D11-8B2C-50BEC02C3E01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{FFED7C2C-8DFD-4B87-AB1E-363287DA7B00}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFC43BAF-88F3-432F-8B96-EFD44F22E75D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FEBE6DF-8741-45B6-9D50-1902184F120F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C828F30-3503-4FF6-8558-8311BAA735E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{68320D8A-6F97-411F-8955-B5800497F558}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [UDP Query User{1E6F081F-E513-42C0-89FA-23B782AD3A98}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [TCP Query User{CA702105-D56F-499F-95AB-CA71697C4C0D}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [UDP Query User{840E18C3-0704-49A1-96F4-181A626B6797}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [{59D404D5-8728-49AB-9E06-51D26700D695}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{A96A6F90-7DD2-4995-88AA-0F956DB33A2C}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{D2DBB5FE-E8B9-4ED4-AA67-937B6DDC8AB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{851C3AE4-EC50-4BE6-BB77-4E72493806F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [TCP Query User{1E0AE19E-20F1-443B-906D-065238976E49}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [UDP Query User{50D93168-8FA5-49AA-BABE-A5A8F88B3486}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [{BC45F458-DEB7-4E71-8941-1742EE09E829}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{4A30FB60-8369-40E0-906C-38AB2F7DF5FA}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{3B90E320-F8B7-429E-99E6-314F048244CD}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{D368F37B-76C3-43B0-B0FD-F5AF2D450029}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{DCDA16F5-1AB3-4585-B939-34DA43598E9B}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{592253A9-C2A2-4767-B3BF-DE9B0254A0FC}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{2E8D51BF-5717-4012-BC0A-557AD5122175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{253299C3-BD33-41BB-971A-81703FF02A3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [TCP Query User{9D9F2F4E-88B8-4E22-AADB-5A99589DB433}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A4B7A22-EC59-4D80-A5BA-66B42386D2F1}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6E02E418-AA6F-4C92-9374-FFAA59441B23}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [UDP Query User{CD0D9E68-D68A-453C-A9EB-6B166701345C}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [{2F698A77-BA23-4B6C-9E39-3AB00712D141}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{DEDCE339-7914-48FF-A935-F774F7D0F667}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{61C77ED8-359C-49A2-BAE9-7042AE301115}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{77563C0C-B28D-4E56-98D2-9925DBECE044}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{57023810-2F26-4628-B0D6-79A7505BB914}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [UDP Query User{25FAEDB6-0F8B-43CC-B6E6-2710E6889A77}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [{B85E4058-CFD6-4F39-961D-90E6963E4193}] => (Allow) L:\SteamLibrary\steamapps\common\Toadled\ToadledWindows.exe () [File not signed]
FirewallRules: [{A74B3AAB-4981-4778-A3FE-EB6E86A2F198}] => (Allow) L:\SteamLibrary\steamapps\common\Toadled\ToadledWindows.exe () [File not signed]
FirewallRules: [{FF5F70A8-DB4F-4EDD-A346-98C8AA0E687E}] => (Allow) L:\SteamLibrary\steamapps\common\RoboBunnies In Space\RoboBunniesInSpace.exe () [File not signed]
FirewallRules: [{9FB7769A-775F-4556-9E86-044FAF5824AF}] => (Allow) L:\SteamLibrary\steamapps\common\RoboBunnies In Space\RoboBunniesInSpace.exe () [File not signed]
FirewallRules: [{2C347C8D-86E0-4DDD-BD0D-A3782FEF06A9}] => (Allow) L:\SteamLibrary\steamapps\common\Evil Glitch\EvilGlitch.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{195B5849-856F-428A-BB0D-B476E3435074}] => (Allow) L:\SteamLibrary\steamapps\common\Evil Glitch\EvilGlitch.exe (GitHub, Inc.) [File not signed]
FirewallRules: [TCP Query User{516191BA-DBEC-4FAF-9946-4711EAAEC309}L:\downloads\space.scavenger.creative.mode-goldberg\space.scavenger.creative.mode-goldberg\space scavenger.exe] => (Block) L:\downloads\space.scavenger.creative.mode-goldberg\space.scavenger.creative.mode-goldberg\space scavenger.exe () [File not signed]
FirewallRules: [UDP Query User{59E65718-8887-47CD-96D5-310FD61FE906}L:\downloads\space.scavenger.creative.mode-goldberg\space.scavenger.creative.mode-goldberg\space scavenger.exe] => (Block) L:\downloads\space.scavenger.creative.mode-goldberg\space.scavenger.creative.mode-goldberg\space scavenger.exe () [File not signed]
FirewallRules: [{81A9DA2F-FD87-4391-B65E-40D79423B2E2}] => (Allow) L:\SteamLibrary\steamapps\common\Bloons TD Battles 2\btdb2_game.exe (Ninja Kiwi Ltd.) [File not signed]
FirewallRules: [{29405DEF-F4BC-4A43-8B6E-7CC80609366E}] => (Allow) L:\SteamLibrary\steamapps\common\Bloons TD Battles 2\btdb2_game.exe (Ninja Kiwi Ltd.) [File not signed]
FirewallRules: [{9CD9235C-C999-46B4-8631-C1D39FD8A7E8}] => (Allow) L:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{7E41DDFE-57B4-45C8-B5F5-B1B0247EF4BB}] => (Allow) L:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{E127B333-F0E6-4725-82E4-A618C830930F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{E74FB68B-1AB4-48BB-AEEB-EF251C561118}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{AAD7A0A6-A98B-4756-8EF3-E431F797F72F}] => (Allow) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe (Thales DIS CPL USA, Inc. -> Thales Group)
FirewallRules: [TCP Query User{C344E2D7-4B64-4821-BCE3-F336029A93C2}L:\downloads\doodle god\doodle god universe demo.exe] => (Allow) L:\downloads\doodle god\doodle god universe demo.exe () [File not signed]
FirewallRules: [UDP Query User{A58E2B62-54A6-449F-AB25-EE67D9D44B81}L:\downloads\doodle god\doodle god universe demo.exe] => (Allow) L:\downloads\doodle god\doodle god universe demo.exe () [File not signed]
FirewallRules: [TCP Query User{CF9A70CF-C2BB-4A61-A2DE-C43808CFFC76}L:\downloads\the.wandering.village.v0.1.33\wanderingvillage.exe] => (Block) L:\downloads\the.wandering.village.v0.1.33\wanderingvillage.exe () [File not signed]
FirewallRules: [UDP Query User{F7E16266-E721-4094-B7ED-C60E05D2815A}L:\downloads\the.wandering.village.v0.1.33\wanderingvillage.exe] => (Block) L:\downloads\the.wandering.village.v0.1.33\wanderingvillage.exe () [File not signed]
FirewallRules: [TCP Query User{A0F31908-0AA4-4918-A50D-C3D52156B3BA}L:\downloads\wargaming.net\gamecenter\wgc.exe] => (Allow) L:\downloads\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{4B05A387-D111-4438-8F06-394FDB23374A}L:\downloads\wargaming.net\gamecenter\wgc.exe] => (Allow) L:\downloads\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{501B3C2F-61F4-4289-A963-D83801128738}L:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) L:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{8A76BF94-4C0D-4E28-A2E0-E29D32978136}L:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) L:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{51F9A459-0561-48C9-9031-30BB6A4B90A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0CA6B13D-C036-422F-AD8B-257BB1733E14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B60CC01D-1EE8-4AC0-91D1-B2993D535B91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7996D172-8295-4525-B96C-E8082649633B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D5F722C2-5028-4C22-9EB3-0B544708B1E5}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{65739AAB-A55E-43AC-B6ED-428C5C6A7576}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [{BEC8CA2B-642A-4C93-A84E-7FD8C6BFD325}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F227DC9C-6F11-4757-9605-00E5F6855360}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{977EFF52-927F-4BC2-B864-1257474A16E6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{96EED623-C06E-4F7E-8EA5-7A6DAA99CCE0}L:\downloads\crash bandicoot 4\lava\binaries\win64\crashbandicoot4.exe] => (Block) L:\downloads\crash bandicoot 4\lava\binaries\win64\crashbandicoot4.exe (Activision Publishing) [File not signed]
FirewallRules: [UDP Query User{946B9CFB-3FF7-417E-ACF0-4EF8F2DF3D9D}L:\downloads\crash bandicoot 4\lava\binaries\win64\crashbandicoot4.exe] => (Block) L:\downloads\crash bandicoot 4\lava\binaries\win64\crashbandicoot4.exe (Activision Publishing) [File not signed]
FirewallRules: [{8374F70F-CEA7-47DE-91D2-AF57F172F0E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{8F5E94C6-8D4A-4C7C-B036-1D67CEB9C553}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{D76EB744-3DB2-447D-94D3-2348651742FC}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\PDLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{2EC8DC50-A137-420B-A81E-AE6B43B655BF}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\PDLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{36202B76-F12A-42BB-BA94-705081339BD7}L:\downloads\dont.starve.together.v522521\game\bin\dontstarve_steam.exe] => (Block) L:\downloads\dont.starve.together.v522521\game\bin\dontstarve_steam.exe => No File
FirewallRules: [UDP Query User{21BECE4E-3136-4D11-929B-86DF98CE9AED}L:\downloads\dont.starve.together.v522521\game\bin\dontstarve_steam.exe] => (Block) L:\downloads\dont.starve.together.v522521\game\bin\dontstarve_steam.exe => No File
FirewallRules: [TCP Query User{91E97C76-0FD0-4E5C-A105-31B906D45E34}L:\downloads\dont.starve.together.v522521\game\bin64\dontstarve_steam_x64.exe] => (Allow) L:\downloads\dont.starve.together.v522521\game\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [UDP Query User{13A91FD5-C6FF-4E5B-AB68-68F80347A1A1}L:\downloads\dont.starve.together.v522521\game\bin64\dontstarve_steam_x64.exe] => (Allow) L:\downloads\dont.starve.together.v522521\game\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [{36CA83F2-1470-4A2B-BFB5-60A53EBB7B83}] => (Allow) L:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{2D493646-197D-4656-99E9-2DEF3805D92C}] => (Allow) L:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{8964ED8C-3647-4573-A83F-6BC6ED8142D2}] => (Allow) L:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{9F4A2AB3-6490-44BF-9BF6-9FE93AAC5D0D}] => (Allow) L:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{9DE5AF6B-8316-46A0-A444-712C9B3FEC39}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe => No File
FirewallRules: [{C93E0725-7E77-4F00-B162-749BE0591AC8}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe => No File
FirewallRules: [{AB3E1717-DBAB-4C04-B476-B6A395F25833}] => (Block) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe => No File
FirewallRules: [{A7B8BF7B-3EF8-45F3-82CE-D7357C0B93DF}] => (Block) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe => No File
FirewallRules: [{A2084A57-B60E-49D6-9BE2-6F4484B68858}] => (Allow) C:\Program Files (x86)\Overwolf\0.208.1.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D40BC4FE-9BA4-443B-A90C-FC45A777129D}] => (Allow) C:\Program Files (x86)\Overwolf\0.208.1.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6BA8406D-5DEA-4382-BCA7-A71E356B0714}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A48FD8E8-8785-4DC4-A4E1-D35BBCA6DEBE}] => (Allow) C:\Program Files\UrbanVPN\bin\urbanvpn.exe (Urban Cyber Security Inc. -> Urban Cyber Security Inc.)
FirewallRules: [{D71A2095-74F3-4534-A982-2D6D38CF1832}] => (Allow) C:\WINDOWS\SysWOW64\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D7B64F9B-28FE-4AAF-8061-29C28D0B0349}] => (Allow) C:\Users\micha\AppData\Roaming\.minecraft\resourcepacks\novaskin\bin\node.exe (Joyent, Inc -> Joyent, Inc)
FirewallRules: [{1D1DF0BD-219B-4322-8F5A-DD1FA35CAC39}] => (Allow) C:\Users\micha\AppData\Roaming\.minecraft\resourcepacks\novaskin\bin\node.exe (Joyent, Inc -> Joyent, Inc)
FirewallRules: [{1F3A3F35-E6DA-4FCA-95FF-50D460896510}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Scp Virtual Bus Driver
Description: Scp Virtual Bus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Nefarius Software Solutions
Service: ScpVBus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Scp Virtual Bus Driver
Description: Scp Virtual Bus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Nefarius Software Solutions
Service: ScpVBus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/20/2022 08:46:42 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:42Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:46:12 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:12Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:45:42 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:42Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:45:12 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:12Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:44:42 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:42Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:44:04 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:04Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:43:00 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:58:00Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:42:30 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:30Z. Kód chyby: 0x80070002
System errors:
=============
Error: (11/20/2022 08:44:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (11/20/2022 08:44:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (11/20/2022 08:44:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (11/20/2022 08:44:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (11/20/2022 08:43:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/20/2022 08:43:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/20/2022 08:43:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (11/20/2022 08:43:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NovaSkinResourcepack byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-10-24 20:17:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid
1115676206035765; process:_pid:10524,ProcessStart:133111090313397368
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-24 20:17:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid1115676206035765; process:_pid:10524,ProcessStart:133111090313397368
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-24 17:54:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid
1115676206035765; process:_pid:1416,ProcessStart:133111004510895624
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-24 17:54:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid1115676206035765; process:_pid:1416,ProcessStart:133111004510895624
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-24 15:55:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid
1115676206035765; process:_pid:13976,ProcessStart:133110933268323507
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Event[0]:
Date: 2022-10-23 17:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_N:\o16setup.exe; process:_pid:22740,ProcessStart:133110128935028981
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: N:\O16Setup.EXE
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-23 17:34:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_N:\o16setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-23 17:33:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_N:\O16Setup.EXE
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
CodeIntegrity:
===============
Date: 2022-11-20 08:42:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-11-20 08:41:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.90 12/09/2019
Motherboard: ASRock B450M Pro4
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 16313.71 MB
Available physical RAM: 10780.55 MB
Total Virtual: 21433.71 MB
Available Virtual: 14212.22 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.87 GB) (Free:12.57 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: Patriot Burst) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: SAMSUNG HD642JJ) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:224.84 GB) (Free:67.95 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive h: () (Fixed) (Total:224.84 GB) (Free:14.61 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive i: () (Fixed) (Total:222.95 GB) (Free:2.32 GB) (Model: Patriot Burst) NTFS
Drive j: () (Fixed) (Total:146.38 GB) (Free:20.3 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive k: () (Fixed) (Total:247.82 GB) (Free:115.57 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
Drive l: () (Fixed) (Total:683.59 GB) (Free:122.33 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
\\?\Volume{c4029046-716d-441f-a03d-cce2ceeeb070}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{c6b8d1f4-ded1-4088-bf7e-f6bafaa17d56}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{9b707457-a5d8-f53d-3dbc-236db814aef8}\ () (Fixed) (Total:5.42 GB) (Free:0 GB) NTFS
\\?\Volume{7e630a01-0000-0000-0000-10c337000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{6ff619c6-97c5-4a7f-bd2f-8251e43ed227}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 7E630A01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=533 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: E274E274)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.7 GB) - (Type=0F Extended)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0775D37C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.
==================== End of Addition.txt =======================
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Users\micha\Desktop\adwcleaner.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Thales DIS CPL USA, Inc. -> Thales Group) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe
(services.exe ->) (Urban Cyber Security Inc. -> ) C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [UrbanVPN] => C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe [23796072 2022-09-29] (Urban Cyber Security Inc. -> )
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [XGAMER Audio 7.1] => C:\Program Files (x86)\XGAMER Audio 7.1\XGAMER Audio 7.1.exe [10700800 2020-09-09] (Solid State System) [File not signed]
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4245352 2022-11-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13668840 2022-10-11] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-11-06] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Gaijin.Net Updater] => C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-05-19] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [Wargaming.net Game Center] => L:\Downloads\Wargaming.net\GameCenter\wgc.exe [2148528 2022-10-11] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892168 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\MountPoints2: {cd0f9543-00d3-11eb-a686-a8a159192c9e} - "N:\O16Setup.EXE"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Print\Monitors\EPSON L3050 Series 64MonitorBE: C:\Windows\system32\E_YLMBR4E.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2022-11-19] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-08-02] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon – zástupce.lnk [2022-08-24]
ShortcutTarget: ctfmon – zástupce.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {170E219B-8AC0-4ACD-A5B3-95E2B59342AF} - System32\Tasks\GoogleUpdateTaskMachineUA{CC6FCCFE-0B82-4CA0-9F44-D06B7A71F7C9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {1AF51550-6E9D-4293-8954-507DABBD02E0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1D13BDB4-DCB3-402E-BAF8-46542F03E489} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1DDF7133-CCCB-44A4-9581-A6A002782203} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [15918008 2022-11-19] (pdfforge GmbH -> pdfforge GmbH.)
Task: {2137B8ED-8431-4698-B440-E59641A34CC7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2237D69A-2074-4A62-BD65-D0397D543BE3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2576728 2022-11-06] (Overwolf Ltd -> Overwolf LTD)
Task: {417081D9-D47E-46B6-9340-84A2B9F4674D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {4741C4FB-0026-418A-B88D-E4CBEB191DC5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {4808EE77-6D80-44BC-846C-3F93A6D56587} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {5873D4AF-CDC1-4AE4-9500-CCAC20FCA8BE} - System32\Tasks\GoogleUpdateTaskMachineCore{378D9C95-EA40-4EDA-B415-F57806CDC798} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {5A333012-983C-4390-BE1B-0B52106DDB39} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [66936 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EEBF767-50B8-487C-BF8A-ECE05530ECC2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {60A2DFAB-8B01-4B94-911D-F5B5070A2D72} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2123200 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
Task: {60BA3CEE-A47C-46F2-B2F1-A7EFCF225C43} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {720E946F-CEDC-4AD3-8BFC-CA4135BFE0FC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7F3184BF-E48E-4B94-B1F0-E3C5113B959B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4261871939-3680644312-2290833728-1001 => C:\Users\micha\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {99761133-1AA8-44AD-AD69-CA41D22485E7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9D17A3F8-8D22-4218-B129-35BF440806A8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A29AE754-98A1-46F0-9BCC-EBAF583E3555} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
Task: {A9210039-5D08-41FA-B0B1-35592DF5F8B3} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2123200 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
Task: {ABFF3165-019B-491D-B5AB-04DD543997EC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B2A3FCB7-9970-4B18-8745-C94890D3431C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B628F759-22B6-428E-98CA-970E4A13E27C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC8F4658-09C7-405C-AC65-C447B9291498} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-10-24] (Avast Software s.r.o. -> Avast Software)
Task: {D012BD15-A504-4F06-872B-2FF795B502CF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFF182B4-9790-439D-A881-BE0D318718D9} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3438016 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
Task: {F26D76EA-C327-4A27-BE33-159501B8D157} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4261871939-3680644312-2290833728-1001 => C:\Users\micha\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {F7030443-2EB6-46CF-8562-FA23A1498001} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-4261871939-3680644312-2290833728-1001] => 182.71.146.148:8080
Tcpip\..\Interfaces\{a50b097d-b2f0-400f-88af-6fcafcb09065}: [NameServer] 31.192.72.13,10.0.0.1
Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-20]
Edge HomePage: Default -> hxxp://www.google.com/
Edge Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-11-03]
Edge Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-11-03]
Edge Extension: (Free VPN for Edge - VPN Proxy VeePN) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\panammoooggmlehahpcjckcncfeffcoi [2022-11-03]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2022-11-20]
CHR Notifications: Default -> hxxps://app.smartsupp.com; hxxps://business.facebook.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-02]
CHR Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-20]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-11-16]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com
CHR HomePage: Profile 1 -> hxxp://www.google.cz/
CHR StartupUrls: Profile 1 -> ""
CHR Extension: (Překladač Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
CHR Extension: (Entanglement Web App) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aciahcmjmecflokailenpkdchphgkefd [2021-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29]
CHR Extension: (Eiffel Tower) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppbaibkigenhdcommebegmmmpoolmpip [2021-10-29]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134664 2022-02-24] (Autodesk, Inc. -> Autodesk Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539032 2022-11-14] (Avast Software s.r.o. -> AVAST Software)
S2 AudioDeviceService; C:\Windows\system32\AudioDeviceService.exe [2730496 2020-09-09] (SSS) [File not signed]
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-04-26] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4507328 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9946216 2022-11-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-04] (Epic Games Inc. -> Epic Games, Inc.)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2131432 2022-10-11] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-27] (GOG Sp. z o.o. -> GOG.com)
R2 hasplms; C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe [8311152 2022-04-18] (Thales DIS CPL USA, Inc. -> Thales Group)
S2 NovaSkinResourcepack; C:\Users\micha\AppData\Roaming\.minecraft\resourcepacks\novaskin\bin\nssm-x86.exe [157696 2015-01-23] () [File not signed]
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2576728 2022-11-06] (Overwolf Ltd -> Overwolf LTD)
S3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3108800 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [507328 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [414656 2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2720088 2022-11-03] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 UrbanVPNServiceInteractive; C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe [450768 2022-09-29] (Urban Cyber Security Inc. -> )
S3 UrbanVPNUpdater; C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe [1022312 2022-09-29] (Urban Cyber Security Inc. -> Urban Security)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 LTService; C:\Windows\AmanUpdateLogLT.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
S2 WTService; C:\Windows\AmanOnlineWT.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [69576 2022-04-18] (Gemalto, Inc. -> SafeNet, Inc.)
R3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [68560 2022-04-18] (Gemalto, Inc. -> SafeNet, Inc.)
R3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [313784 2022-04-18] (Gemalto, Inc. -> SafeNet, Inc.)
S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2020-04-10] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104; C:\WINDOWS\SysWOW64\Drivers\AsrDrv104.sys [34536 2021-12-26] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-10-24] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 keyboard; C:\Windows\System32\Drivers\keyboard.sys [18536 2022-10-08] (Francisco Lopes da Silva -> Oblita)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2020-04-09] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R3 mouse; C:\Windows\System32\Drivers\mouse.sys [18536 2022-10-08] (Francisco Lopes da Silva -> Oblita)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [44080 2022-10-08] (Shaul Eizikovich -> Nefarius Software Solutions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 UAExt; C:\WINDOWS\System32\DRIVERS\UAExt.sys [135264 2020-09-09] (Solid State System Co., Ltd -> Solid State System.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455968 2022-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-14] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-20 08:45 - 2022-11-20 08:45 - 000029910 _____ C:\Users\micha\Desktop\FRST.txt
2022-11-20 08:44 - 2022-11-20 08:44 - 002375680 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2022-11-20 08:43 - 2022-11-20 08:43 - 008791352 _____ (Malwarebytes) C:\Users\micha\Desktop\adwcleaner.exe
2022-11-19 16:21 - 2022-11-19 16:21 - 003408656 _____ (Nova Skin ) C:\Users\micha\Desktop\NovaSkinResourcepackInstaller.exe
2022-11-19 10:28 - 2022-11-19 10:30 - 000000000 ____D C:\Program Files\PDF Architect 9
2022-11-19 10:28 - 2022-11-19 10:28 - 000001181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 9.lnk
2022-11-19 10:27 - 2022-11-19 10:27 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-11-19 10:27 - 2022-11-19 10:27 - 000000000 ____D C:\ProgramData\PDF Architect 9
2022-11-19 10:27 - 2022-11-19 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2022-11-19 10:03 - 2022-11-19 10:03 - 000119728 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Exelová Hana, Dolní Konec 68, 69606 Vacenovice.pdf
2022-11-19 09:55 - 2022-11-19 10:33 - 000001144 _____ C:\Users\micha\Desktop\Minecraft Launcher.lnk
2022-11-17 14:36 - 2022-11-17 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UrbanVPN
2022-11-17 14:36 - 2022-11-17 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2022-11-17 14:36 - 2022-11-17 14:36 - 000000000 ____D C:\Program Files\UrbanVPN
2022-11-17 14:35 - 2022-11-17 14:36 - 032229200 _____ (Urban Security) C:\Users\micha\Desktop\UrbanVPN2.exe
2022-11-17 14:32 - 2022-11-17 14:32 - 029264824 _____ (Hongkong Guangling NetWork Technology Co., Ltd.) C:\Users\micha\Desktop\aman_2.3.5_0928.exe
2022-11-17 14:32 - 2022-11-17 14:32 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AmanVPN
2022-11-17 14:32 - 2022-11-17 14:32 - 000000000 ____D C:\Users\micha\AppData\Local\Install
2022-11-17 14:32 - 2022-11-17 14:32 - 000000000 ____D C:\Program Files (x86)\aman
2022-11-17 14:29 - 2022-11-17 14:29 - 054263528 _____ (HIGH SPEED RABBIT LIMITED) C:\Users\micha\Desktop\rabbitvpn1_31.exe
2022-11-17 14:29 - 2022-11-17 14:29 - 000000000 ____D C:\ProgramData\Caphyon
2022-11-17 14:29 - 2022-11-17 14:29 - 000000000 ____D C:\Program Files\TAP-Windows
2022-11-16 19:44 - 2022-11-16 19:44 - 000127825 _____ C:\Users\micha\Desktop\Bohumil Metelka, Zahradní 1063, 691 42 Valtice.pdf
2022-11-15 16:16 - 2022-11-15 16:16 - 000000000 ____D C:\Users\micha\AppData\Roaming\PD Launcher
2022-11-15 16:16 - 2022-11-15 16:16 - 000000000 ____D C:\Users\micha\AppData\Local\PD Launcher
2022-11-13 19:20 - 2022-11-13 19:22 - 000251685 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Jaroslav Chovanec, Rohatecká 241, 696 02 Rohatec.pdf
2022-11-13 18:42 - 2022-11-13 18:42 - 000463793 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Radek Ševčík, Zahradní 5, 695 01 Hodonín.pdf
2022-11-13 17:29 - 2022-11-13 17:29 - 000162220 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Svatava Mařáková, Okružní 1226, 696 42 Vracov.pdf
2022-11-13 11:16 - 2022-11-13 11:16 - 000000000 ____D C:\Users\micha\Desktop\forge-1.12.2-14.23.5.2860-installer
2022-11-13 11:15 - 2022-11-13 11:15 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-11-13 11:11 - 2022-11-09 11:03 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-13 11:11 - 2022-11-09 11:03 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-13 11:11 - 2022-11-09 11:03 - 001642592 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-13 11:11 - 2022-11-09 11:03 - 001642592 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-13 11:11 - 2022-11-09 11:03 - 001487912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001444416 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001444416 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001227304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-13 11:11 - 2022-11-09 11:03 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-13 11:11 - 2022-11-09 10:59 - 000865272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-13 11:11 - 2022-11-09 10:59 - 000672232 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-13 11:11 - 2022-11-09 10:59 - 000507432 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 002162176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 001618408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 001531400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 001190392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 000950280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-13 11:11 - 2022-11-09 10:58 - 000746536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-13 11:11 - 2022-11-09 10:58 - 000734184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 012452360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 010218488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 005891072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 005856744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 003334136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-13 11:11 - 2022-11-09 10:57 - 000457752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-13 11:11 - 2022-11-09 10:56 - 005816312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-13 11:11 - 2022-11-09 10:56 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-13 11:11 - 2022-11-08 23:40 - 000100589 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-12 11:34 - 2022-11-12 11:34 - 000000000 ___HD C:\$WinREAgent
2022-11-11 14:15 - 2022-11-11 14:15 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-11 14:14 - 2022-11-11 14:14 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-11 14:14 - 2022-11-11 14:14 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-11 14:14 - 2022-11-11 14:14 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-10 21:47 - 2022-11-10 21:47 - 000073742 _____ C:\Users\micha\Desktop\29-prohlaseni-o-vlastnostech-nerez-flex-03-04.pdf
2022-11-10 21:47 - 2022-11-10 21:47 - 000073168 _____ C:\Users\micha\Desktop\31-prohlaseni-flex-010-012-p1.pdf
2022-11-09 22:27 - 2022-11-09 22:27 - 040450839 _____ C:\Users\micha\Desktop\Zarosice.mp4
2022-11-08 21:08 - 2022-11-08 21:08 - 000052813 _____ C:\Users\micha\Desktop\Komin.pdf
2022-11-08 18:59 - 2022-11-08 18:59 - 022089136 _____ C:\Users\micha\Desktop\witherstormmod-1.19.2-3.1.1.jar
2022-11-08 18:59 - 2022-11-08 18:59 - 000000000 ____D C:\Users\micha\Desktop\witherstormmod-1.19.2-3.1.1
2022-11-07 21:15 - 2022-11-07 21:15 - 000054352 _____ C:\Users\micha\Desktop\Zdeněk Foltýn, Na rybníčku 397, Dubňany - tepelně technický výpočet SC.pdf
2022-11-05 15:49 - 2022-11-05 15:49 - 000000222 _____ C:\Users\micha\Desktop\Don't Starve Together.url
2022-11-04 19:36 - 2022-11-05 15:58 - 000000000 ____D C:\Users\micha\Documents\Klei
2022-11-03 21:51 - 2022-11-03 21:51 - 000002350 _____ C:\Users\micha\Desktop\Microsoft Edge.lnk
2022-11-01 22:20 - 2022-11-01 22:20 - 000053973 _____ C:\Users\micha\Desktop\Šebesta, Sudoměřice - výpočet.pdf
2022-11-01 21:28 - 2022-11-01 21:28 - 000198120 _____ C:\Users\micha\Desktop\REVIZNÍ ZPRÁVA - Jiří Janeček, Příšní 307D, 696 66 Sudoměřice.pdf
2022-10-30 21:44 - 2022-10-30 21:44 - 000637670 _____ C:\Users\micha\Desktop\schiedel-CZ-Prisl-ABS-UNIADV_napojovaci-dily_1.7.22.pdf
2022-10-30 09:31 - 2022-10-30 09:31 - 000000780 _____ C:\Users\micha\Desktop\Bugsnax.lnk
2022-10-30 09:05 - 2022-10-30 09:05 - 000046771 _____ C:\Users\micha\Desktop\almeva-kominovy-stitek-flex-g_0.pdf
2022-10-29 13:50 - 2022-10-29 13:50 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-10-29 13:50 - 2022-10-29 13:50 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-10-26 19:56 - 2022-10-26 19:56 - 000000000 ____D C:\Users\micha\Documents\PDF Architect
2022-10-26 19:41 - 2022-11-19 18:45 - 000000000 ____D C:\Users\micha\AppData\Roaming\PDF Architect 9
2022-10-26 19:37 - 2022-10-26 19:37 - 000135815 _____ C:\Users\micha\Desktop\Marek Mužík, Nádražní 6, 691 51 Lanžhot.pdf
2022-10-25 21:07 - 2022-10-25 21:07 - 002149497 _____ C:\Users\micha\Desktop\návod Kamino.pdf
2022-10-25 18:37 - 2022-10-25 18:37 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2022-10-25 18:30 - 2022-10-25 18:30 - 000000000 ____D C:\Users\micha\AppData\Local\CrashBandicoot4
2022-10-25 18:16 - 2022-10-25 18:16 - 000000953 _____ C:\Users\Public\Desktop\Crash Bandicoot 4.lnk
2022-10-24 19:33 - 2022-10-24 19:37 - 000000000 ____D C:\Users\micha\AppData\Local\Avast Software
2022-10-24 19:32 - 2022-11-19 20:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-24 19:32 - 2022-11-14 21:05 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-10-24 19:32 - 2022-10-24 19:32 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-10-24 19:32 - 2022-10-24 19:32 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-24 19:32 - 2022-10-24 19:32 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-10-24 19:32 - 2022-10-24 19:32 - 000000000 ____D C:\Users\micha\AppData\Roaming\Avast Software
2022-10-24 19:32 - 2022-10-24 19:32 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-10-24 19:32 - 2022-10-24 19:31 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-10-24 19:32 - 2022-10-24 19:31 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-10-24 19:32 - 2022-10-24 19:31 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-10-24 19:31 - 2022-10-24 19:31 - 000000000 ____D C:\Program Files\Avast Software
2022-10-23 22:35 - 2022-11-19 10:04 - 000000000 ____D C:\Users\micha\AppData\Roaming\ImageGlass
2022-10-23 22:35 - 2022-11-17 14:36 - 000000000 ____D C:\Users\micha\AppData\Local\AdvinstAnalytics
2022-10-23 22:35 - 2022-10-23 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageGlass
2022-10-23 22:35 - 2022-10-23 22:35 - 000000000 ____D C:\Program Files\ImageGlass
2022-10-23 22:30 - 2022-10-17 10:59 - 006632744 _____ (Geek Uninstaller) C:\Users\micha\Desktop\geek.exe
2022-10-23 22:02 - 2022-10-23 22:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-10-23 21:57 - 2022-10-23 21:57 - 000002511 _____ C:\Users\micha\Desktop\Word 2016.lnk
2022-10-23 21:57 - 2022-10-23 21:57 - 000002483 _____ C:\Users\micha\Desktop\Excel 2016.lnk
2022-10-23 21:46 - 2022-10-23 21:46 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-10-23 21:46 - 2022-10-23 21:46 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-10-23 21:46 - 2022-10-23 21:46 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-10-23 21:46 - 2022-10-23 21:46 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-10-23 21:12 - 2022-10-07 04:01 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-10-23 21:11 - 2022-11-09 10:55 - 006512336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-10-23 21:08 - 2022-07-14 00:32 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-10-23 17:01 - 2022-10-23 17:04 - 000000000 ____D C:\Users\micha\AppData\Roaming\Geek Uninstaller
2022-10-23 16:40 - 2022-10-24 19:35 - 000000000 ____D C:\Users\micha\AppData\Local\system32
2022-10-23 16:40 - 2022-10-23 16:41 - 000000000 ____D C:\Users\micha\AppData\Roaming\system32
2022-10-23 16:09 - 2022-11-16 17:18 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-23 16:09 - 2022-10-23 16:09 - 000000000 ____D C:\Users\micha\AppData\Local\Microsoft Help
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-20 08:45 - 2021-10-21 17:11 - 000000000 ____D C:\FRST
2022-11-20 08:44 - 2020-04-04 10:02 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-20 08:43 - 2020-12-15 21:23 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2022-11-20 08:42 - 2020-04-04 09:18 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-20 08:41 - 2021-12-21 17:07 - 000002321 _____ C:\Users\micha\Desktop\CurseForge.lnk
2022-11-20 08:41 - 2021-12-21 17:06 - 000000000 ____D C:\Users\micha\AppData\Local\Overwolf
2022-11-20 08:41 - 2021-10-27 09:40 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-11-20 08:41 - 2020-12-15 21:23 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2022-11-20 08:41 - 2020-04-04 09:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-19 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-19 20:47 - 2022-08-29 18:24 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{CC6FCCFE-0B82-4CA0-9F44-D06B7A71F7C9}
2022-11-19 20:47 - 2022-08-29 18:24 - 000003254 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{378D9C95-EA40-4EDA-B415-F57806CDC798}
2022-11-19 20:47 - 2022-07-18 12:34 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-19 20:47 - 2022-05-26 20:45 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-05-26 20:45 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-19 20:47 - 2022-04-28 12:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-11-19 20:47 - 2022-04-28 12:33 - 000003270 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2022-11-19 20:47 - 2022-04-22 18:21 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-19 20:47 - 2022-04-22 18:21 - 000003374 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f8bfdbe63d84
2022-11-19 20:47 - 2022-04-22 18:20 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4261871939-3680644312-2290833728-1001
2022-11-19 20:46 - 2020-04-04 10:17 - 000000000 ____D C:\Users\micha\AppData\Local\ClassicShell
2022-11-19 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-19 16:26 - 2021-08-06 16:29 - 000000000 ____D C:\Users\micha\AppData\Roaming\.minecraft
2022-11-19 16:25 - 2020-04-04 09:07 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2022-11-19 16:25 - 2020-04-04 08:57 - 000000000 ____D C:\ProgramData\Packages
2022-11-19 16:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-19 10:51 - 2021-02-01 18:31 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-19 10:51 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-19 10:51 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-19 10:51 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-19 10:48 - 2020-05-31 20:10 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2022-11-19 10:44 - 2021-02-01 18:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-19 10:44 - 2021-02-01 18:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-19 10:44 - 2020-04-04 10:59 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-19 10:44 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-19 10:37 - 2022-10-09 18:07 - 000001297 _____ C:\Users\micha\Desktop\KeyboardSplitter – zástupce.lnk
2022-11-19 10:28 - 2022-08-03 07:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\pdfforge GmbH
2022-11-19 10:27 - 2021-10-27 09:36 - 000000000 ____D C:\Program Files\PDFCreator
2022-11-19 10:03 - 2022-09-11 19:31 - 000000000 ____D C:\Users\micha\AppData\Roaming\com.adobe.dunamis
2022-11-19 09:50 - 2022-10-12 19:43 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-19 09:50 - 2022-10-12 19:43 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-11-19 09:35 - 2020-06-06 21:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-17 15:15 - 2021-12-26 10:26 - 000000000 ____D C:\Program Files\CZC G GK1000
2022-11-17 14:37 - 2022-03-16 14:04 - 000000000 ____D C:\ProgramData\UrbanVPN
2022-11-17 14:32 - 2020-04-09 21:03 - 000000000 ____D C:\Users\micha\AppData\Local\cache
2022-11-15 20:36 - 2021-09-13 14:08 - 000000000 ____D C:\ProFact
2022-11-15 16:18 - 2020-04-04 10:02 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2022-11-15 16:16 - 2020-04-04 10:00 - 000000000 ____D C:\ProgramData\Package Cache
2022-11-13 21:05 - 2021-02-01 18:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-13 11:15 - 2020-04-04 10:03 - 000000000 ____D C:\Users\micha\AppData\Local\NVIDIA
2022-11-13 09:52 - 2021-02-01 18:25 - 000546096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-12 22:04 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-12 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-11 14:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-11 14:14 - 2021-02-01 18:29 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-11 14:08 - 2020-04-04 22:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-11 14:06 - 2020-04-04 22:43 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-11 12:10 - 2020-04-04 09:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-09 22:27 - 2020-04-04 09:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2022-11-09 18:27 - 2021-12-21 17:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-11-09 10:55 - 2021-01-31 16:01 - 007642816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-11-05 20:49 - 2020-04-19 08:50 - 000000000 ____D C:\Users\micha\AppData\Roaming\qBittorrent
2022-10-31 21:49 - 2020-04-06 15:29 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Temp
2022-10-29 20:56 - 2021-02-01 18:26 - 000000000 ____D C:\Users\micha
2022-10-29 13:50 - 2021-12-22 14:51 - 002815456 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000452048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000243168 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000153048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-29 13:50 - 2021-12-22 14:51 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-26 20:00 - 2021-08-16 15:32 - 000000000 ____D C:\Moje kominictvi
2022-10-25 18:31 - 2021-09-02 18:20 - 000000000 ____D C:\Users\micha\AppData\Roaming\Goldberg SteamEmu Saves
2022-10-25 11:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-10-24 19:32 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-24 13:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-23 21:08 - 2020-04-04 10:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-23 21:08 - 2020-04-04 08:57 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-23 21:08 - 2020-04-04 08:57 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-23 21:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-23 21:06 - 2019-03-19 05:49 - 000000076 _____ C:\WINDOWS\win.ini
2022-10-23 21:03 - 2020-04-19 08:47 - 000000000 ____D C:\Users\micha\AppData\Local\yuzu
2022-10-23 17:00 - 2020-04-04 10:59 - 000000000 ____D C:\Users\micha\AppData\Roaming\DAEMON Tools Lite
2022-10-23 16:03 - 2020-08-16 20:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-23 16:03 - 2020-04-04 10:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-22 11:57 - 2021-02-01 18:26 - 000002381 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2020-07-29 19:21 - 2020-07-29 19:21 - 000056320 _____ (SSS) C:\ProgramData\FinalDeleteFile.exe
2022-04-27 10:50 - 2022-04-27 10:50 - 000007342 _____ () C:\Users\micha\AppData\Local\2573084692
2020-09-27 20:17 - 2020-09-27 20:17 - 000016438 _____ () C:\Users\micha\AppData\Local\partner.bmp
2021-01-10 19:43 - 2021-02-08 18:36 - 000007602 _____ () C:\Users\micha\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by micha (20-11-2022 08:46:10)
Running from C:\Users\micha\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) (2021-02-01 17:30:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4261871939-3680644312-2290833728-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4261871939-3680644312-2290833728-503 - Limited - Disabled)
Guest (S-1-5-21-4261871939-3680644312-2290833728-501 - Limited - Disabled)
micha (S-1-5-21-4261871939-3680644312-2290833728-1001 - Administrator - Enabled) => C:\Users\micha
micha_p24az47 (S-1-5-21-4261871939-3680644312-2290833728-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4261871939-3680644312-2290833728-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aman (HKLM-x32\...\AmanVPN) (Version: 2.3.5.0907 - Hongkong Guangling Mdt InfoTech Limited)
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
ASRock Restart to UEFI v1.0.9 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.9 - ASRock Inc.)
A-Tuning v3.0.215 (HKLM-x32\...\A-Tuning_is1) (Version: 3.0.215 - ASRock Inc.)
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.10.6038 - Avast Software)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Epic (HKLM\...\{B51E6DE5-9A25-47E6-9806-24B4C62D42A6}) (Version: 1.3.1.0 - Manticore Games)
Core Epic Installer (HKLM-x32\...\{531451dd-91d4-4b27-a171-1b9c7f325969}) (Version: 1.3.0.0 - Manticore Games) Hidden
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
Crash Bandicoot 4 (HKLM-x32\...\Crash Bandicoot 4_is1) (Version: - )
Crossout Launcher 1.0.3.144 (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\CrossOutLauncher_is1) (Version: - )
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 1.2.4 - GOG.com)
Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - )
CurseForge (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.212.3.7035 - Overwolf app)
CZC G GK1000 (HKLM-x32\...\CZC G GK1000) (Version: V1.01n - CZC G GK900)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1184 - Disc Soft Ltd)
DCS World OpenBeta (HKLM\...\DCS World OpenBeta_is1) (Version: 2.5 - Eagle Dynamics)
Discord (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.47.0.5304 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{daaa5ef5-cad5-4ad1-b550-6f3388e65fe0}) (Version: 12.47.0.5304 - Electronic Arts)
Empires of the Undergrowth (HKLM-x32\...\1850642020_is1) (Version: 0.2324 - GOG.com)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{AA6AE72A-371E-4454-9066-3D02BB4BC4E9}) (Version: 3.3.1.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FileZilla Client 3.47.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.47.2.1 - Tim Kosse)
Floating Sandbox 1.16.7.1 (HKLM\...\{E0EFB81F-319E-4AB2-80D9-38374D454C01}) (Version: 1.16.7.1 - Gabriele Giuseppini)
Gas Station Simulator (HKLM-x32\...\Gas Station Simulator_is1) (Version: - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
I Am Fish (HKLM-x32\...\I Am Fish_is1) (Version: - )
ImageGlass (HKLM\...\{15872342-C9E9-4C65-9586-35B4EFDB806B}) (Version: 8.6.7.13 - Duong Dieu Phap)
i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC)
Java(TM) SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
Kindergarten 2 v1.23 (HKLM-x32\...\tuttop.com Kindergarten 2 v1.23_is1) (Version: 1.23 - tuttop.com)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.52 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{B71DA3AB-24EC-9E95-A79B-7B5F92B0CEDD}) (Version: 10.1.22621.1846 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\OneDriveSetup.exe) (Version: 22.212.1009.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.9.0 - F.J. Wechselberger)
Newgrounds Player (HKLM-x32\...\{B9735123-2823-49F8-8264-372895D39702}) (Version: 1.0.0 - Newgrounds)
Nova Skin resourcepack version 2 (HKLM-x32\...\{497EF1F8-2F52-45A5-BF36-C6D11773F093}_is1) (Version: 2 - Nova Skin)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 526.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 526.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22215 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.208.1.2 - Overwolf Ltd.)
PDF Architect 9 (HKLM-x32\...\PDF Architect 9) (Version: 9.0.27.2538 - pdfforge GmbH)
PDF Architect 9 Edit Module (HKLM\...\{506451AA-F85D-45CB-865A-636C10931DD8}) (Version: 9.0.28.19771 - pdfforge GmbH) Hidden
PDF Architect 9 OCR Module (HKLM\...\{6A824BC0-872A-456F-991E-B8222937E17C}) (Version: 9.0.28.19771 - pdfforge GmbH) Hidden
PDF Architect 9 OCR TESS Module (HKLM\...\{3CB34A5C-AA27-46BE-8635-9BBC1D27E60B}) (Version: 9.0.28.19771 - pdfforge GmbH) Hidden
PDF Architect 9 View Module (HKLM\...\{FACC2AE6-8B2D-42AE-9A80-BB791422DA6B}) (Version: 9.0.28.19771 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{51D4D10A-490B-40A8-9C2A-853DC279013D}) (Version: 5.0.2 - pdfforge GmbH)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk)
ProFact 5 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version: - )
PROTECH CD 676 (HKLM-x32\...\{F2BAF0DF-63ED-4BFC-ACA8-21355B235D7F}) (Version: 67.6.0 - PROTECH)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.6.589 - Jan Fiala)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.66.1083 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
Snowtopia Demo (HKLM-x32\...\1103034679_is1) (Version: 0.9.31.gog - GOG.com)
Snowtopia: Ski Resort Tycoon (HKLM-x32\...\1179524912_is1) (Version: 0.14.27 - GOG.com)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Spotify (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superliminal (HKLM-x32\...\Superliminal_is1) (Version: - )
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 128.0.10632 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: 1.0.0.1 - Electronic Arts, Inc.)
UrbanVPN (HKLM\...\{62F37AEF-93BF-4E7E-B5B6-97BFEC82BEF5}) (Version: 2.2.9 - Urban Security) Hidden
UrbanVPN (HKLM\...\UrbanVPN 2.2.9) (Version: 2.2.9 - Urban Security)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\Wargaming.net Game Center) (Version: 22.4.1.367 - Wargaming.net)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
XGAMER Audio 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 3.21.2018.104 - SADES)
Packages:
=========
Forager -> C:\Program Files\WindowsApps\HumbleBundle.ForagerWin10_1.0.1.2_x64__q2mcdwmzx4qja [2022-02-25] (Humble Bundle)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-10-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-10-25] (Microsoft Corporation) [MS Ad]
Minecraft Dungeons -> C:\Program Files\WindowsApps\Microsoft.Lovika_1.16.2.0_x64__8wekyb3d8bbwe [2022-11-17] (Microsoft Studios)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.3101.0_x64__8wekyb3d8bbwe [2022-10-24] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2022-09-03] (Microsoft Studios)
Minecraft: Java Edition -> C:\Program Files\WindowsApps\Microsoft.MinecraftJavaEdition_1.0.5.0_x64__8wekyb3d8bbwe [2022-11-19] (Microsoft Studios)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.553.620.0_x86__55nm5eh3cm0pr [2022-11-18] (ROBLOX Corporation)
Totally Accurate Battle Simulator -> C:\Program Files\WindowsApps\LandfallGames.TotallyAccurateBattleSimulator_1.0.6239.0_x64__r2vq7k2y0v9ct [2022-11-09] (Landfall Games)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFArchitect8_ManagerExt] -> {EC981B88-4DFE-457D-B623-09D6C0E3EE6C} => C:\Program Files\PDF Architect 9\context-menu.dll [2022-10-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2022-10-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\nvshext.dll [2022-11-09] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-10-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\micha\Desktop\Michal - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\micha\Desktop\Terezka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2021-10-27 09:36 - 2022-08-02 17:26 - 000181248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\Control Panel\Desktop\\Wallpaper -> c:\users\micha\desktop\foceni - vanoce 2019\dsc_9982.jpg
DNS Servers: 31.192.72.13 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Trust GXT 354 Headset"
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4261871939-3680644312-2290833728-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{29458DEB-89BE-4F55-B362-0A79FF315AC2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{D73F25B8-73D8-4612-9013-00AFC67C6490}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{C535DEAE-95B1-4EC1-9AE3-90F16FB847B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [{D00CE7CD-302D-4FC5-9DBD-BF6946EB2BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Drive 2\Crash Drive 2.exe () [File not signed]
FirewallRules: [UDP Query User{F873DD99-DACE-47FB-ACB7-FAF5D2D438EF}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [TCP Query User{A54F25F0-65EF-41E6-9DB2-01F8F95FD1E9}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe (Eagle Dynamics SA -> Eagle Dynamics SA)
FirewallRules: [UDP Query User{446488F3-6A65-4A40-84ED-6D7DD85BC5F2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{0A1E29E9-17F5-49FA-831C-74E987176127}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{54446129-352F-4716-A57E-817CFBE15A09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45E25852-2436-49B6-8730-460ABC3C1F32}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{864198A2-5A02-402B-BFBE-2A6092CE7CBA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{89CCDD86-5ABB-49F9-ADA2-3AA16A9C0DFA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D790B858-A34F-48F3-BAB6-30E18C8B86A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{E45CB1FF-8765-4764-B6E5-03B0CFB43CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [UDP Query User{11C83DD6-66C1-4B2A-95B9-F5595BAAE73F}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{36435545-4B21-4506-82B2-85572F619B25}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DBF5FAC2-3ED8-4AB7-A39F-2F9A785F9F5A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> TODO: <Company name>)
FirewallRules: [TCP Query User{975D2953-97C3-42CD-98A5-83734BE1D7B2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> TODO: <Company name>)
FirewallRules: [{E1397ADB-175E-4CD9-B12F-39A92FBF12B3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3114659E-1964-4B01-88CD-D008340CB6FA}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{0356A693-A394-4772-B76B-BF4C327CF3EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8E292D98-5399-4BC6-8E9D-0B1CB269BB82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0586D70B-5F9B-4AE4-905B-6D8A0EB68614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6C369FD2-5CA0-46A5-AE4C-89BC129BAD00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{04EE9578-4475-4C45-8938-31CFCAC72E37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1422F21A-0FE6-4E04-8608-E0AB2E1E74A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{59EC471F-33CD-4B0E-8E0A-29665C636ADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{B908D25C-2BCF-4188-BD0F-E397AC0F6BEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{0A77FFB5-C2E5-4D61-B0A6-F50C26917801}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{3DDF4574-0231-4AB2-8264-9943794F7292}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{EDB90044-B689-459D-A928-70A8E53D2179}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{10816914-AC23-4957-AFA6-FF812C9B1605}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{D941A9B7-F0DD-4690-9B9E-BA858CBD8690}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [UDP Query User{E3FF217D-D5A2-4FBB-9AA2-46E08FD69504}C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe] => (Allow) C:\program files\eagle dynamics\dcs world openbeta\bin\dcs.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [TCP Query User{37E4D05E-2ADF-410A-B96A-4FE1603EB75E}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{41A171F7-2F8E-4D4F-95D8-B31FB070B856}L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.build 5917938\wobbly.life.build 5917938\wobbly life.exe () [File not signed]
FirewallRules: [{D7CD4EE0-8A58-464F-ACCA-A17B2148C55D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{B11CE916-FDDE-436A-B8EF-79A0AF4B214D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [TCP Query User{C55AC7D3-0136-4931-8E8E-F9483277C5DA}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [UDP Query User{816377DE-18B1-4961-BDD4-D474969DCFA6}L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe] => (Block) L:\downloads\untitled.goose.game.v1.1.4\untitled.goose.game.v1.1.4\untitled.exe () [File not signed]
FirewallRules: [TCP Query User{F00BAB0A-4A0E-420B-90BC-3CC38FF11BDE}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{0130D317-847E-4D30-B195-B52A0FD1AC39}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{5EB038E2-3D18-44B7-8E96-890B39F3E827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [{68A4ADEA-1C84-4789-A697-CB2D3B816771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\Thrive Launcher.exe (Revolutionary Games) [File not signed]
FirewallRules: [TCP Query User{45ED595B-3318-4527-A16E-AE92F97115E2}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [UDP Query User{F9D771D3-D794-453C-A170-D06223863C87}L:\downloads\wobbly.life.v0.7.1\wobbly life.exe] => (Allow) L:\downloads\wobbly.life.v0.7.1\wobbly life.exe () [File not signed]
FirewallRules: [{9561CBB4-7CD3-4A3F-BD3B-6578D946570C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{72ECBBE5-8F9F-4A97-A7BF-C49729ADFABF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{BCC952E8-88D5-462B-A31F-88AAAA2CD4C9}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [UDP Query User{5F02E16D-3283-4B5A-A892-B478B3808213}L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe] => (Allow) L:\downloads\deeeer.simulator.v6.3.1\deeeer simulator.exe () [File not signed]
FirewallRules: [TCP Query User{70860165-FC28-4A9A-9549-72643AF82E96}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [UDP Query User{06F8E3AC-4E9E-4F99-BC5F-B91E1909A464}L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe] => (Allow) L:\downloads\powerwash.simulator.v0.5.1\powerwashsimulator.exe () [File not signed]
FirewallRules: [{D7E833B6-8C9E-4F53-ADCC-237CC74140B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [{92558988-B934-43A7-8992-25F6DB7CD255}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\PWLauncherBootstrapper.exe (XENO-PC\Xeno -> PWay Sp. z o.o.) [File not signed]
FirewallRules: [TCP Query User{0E856306-59C5-43ED-BBAB-5A6C6358A2EC}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [UDP Query User{7605C579-E973-4947-92C4-BE006BC64FF1}L:\games\i am fish\iamfish.exe] => (Block) L:\games\i am fish\iamfish.exe () [File not signed]
FirewallRules: [{B2DA71DE-1615-440A-BEB4-9A465F176CF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{3930353B-5ACC-46D7-BFB3-5ABDF047A43B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{01DF4354-EA13-4B39-A5E2-D851CA21DEAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [{83AC1B05-9D39-4B0B-9721-60909619376E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
FirewallRules: [TCP Query User{7D120729-8247-46E1-A96C-2897BE827323}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [UDP Query User{55274E68-151E-453B-BF06-F07E61CCE6E0}L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe] => (Block) L:\games\astroneer.v1.18.68.0\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [{D5E9125B-F4C3-4BE3-9C39-4327635141A9}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1DBD88C5-F55B-403D-9D47-7509BA2B3F50}] => (Allow) L:\SteamLibrary\steamapps\common\Rock of Ages III Make & Break\ROA3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{82293978-6754-445C-9C19-4517C53B2CBE}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [UDP Query User{6D4F340F-CC84-441A-8F08-7F597798B806}L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe] => (Allow) L:\steamlibrary\steamapps\common\rock of ages iii make & break\roa3\binaries\win64\roa3-win64-shipping.exe (ACE Team) [File not signed]
FirewallRules: [{FB08CC40-5BB2-4929-AE72-E844CAA9BC4C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{73AFC565-A221-4AF4-8B01-BF38A7E3AAFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{3E1A716A-73A8-4971-82E0-3292C49B152E}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [UDP Query User{6C09B28E-8BF2-419B-8B46-19F6B2DAAC55}L:\downloads\superliminal\superliminal.exe] => (Block) L:\downloads\superliminal\superliminal.exe () [File not signed]
FirewallRules: [{887E5316-A9BD-460F-B213-61A3DD57E396}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{6AA2F05C-B390-46DC-9D2A-3AB006261BE6}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{A4F2B005-89AB-41F1-8F41-F596CDCADBC8}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{1AC4CB70-2406-4DC8-BB08-9AFFDE94FC12}] => (Allow) L:\SteamLibrary\steamapps\common\Fat Baby\Fat baby.exe () [File not signed]
FirewallRules: [{68C1325C-7C3E-47E7-8B2E-A83D571D67FA}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{4C2AA51F-46E3-4489-B00C-2D5B089EEE79}] => (Allow) L:\SteamLibrary\steamapps\common\Wobbly Life\Wobbly Life.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [TCP Query User{F1BE06E4-5622-4761-B9FA-496F3C93E3EA}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{31CDE955-BC24-491A-89D0-0BD4AC1B4B34}C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\micha\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{ED21F7B5-C7C6-4DE2-8131-044A5F38C7AE}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [{35553D72-31B7-4640-8FD1-E4E099F2862C}] => (Allow) L:\SteamLibrary\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [TCP Query User{CBA75151-CD05-4556-A4C2-47B3C4034E44}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{C012ED2B-A45E-4B0F-91F3-11B38F8D9C6B}C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\micha\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{B20ED7C1-4DC5-4C0E-BB7F-FA796742B8B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [{27433D62-6D09-436E-97E3-C80F1CC17D29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Builder Simulator Demo\Builder Simulator.exe () [File not signed]
FirewallRules: [TCP Query User{C526C79D-2F23-4659-8886-74EB1217C5BA}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{2B813FC4-335F-4364-A51B-96934E86E050}L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe] => (Allow) L:\xboxgames\kill it with fire\content\kani\binaries\wingdk\kani-wingdk-shipping.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{5398BB7F-69A6-413A-ABA0-D9CFD9C06102}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{4CE251E0-D80C-4B9F-AEBC-560ECD797F9F}L:\xboxgames\gang beasts\content\gang beasts.exe] => (Allow) L:\xboxgames\gang beasts\content\gang beasts.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1B203524-5397-4260-9EA2-E79C28F696BF}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [UDP Query User{7729F747-4D8C-43A7-BC5D-C26A526AB26C}L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe] => (Allow) L:\downloads\turmoil.v3.0.39\turmoil.v3.0.39\turmoil.exe () [File not signed]
FirewallRules: [TCP Query User{6891DA4E-A682-4013-AC9F-93F1F41538A1}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{981D95FE-1B8B-4E50-9157-16E1841EFD0B}L:\xboxgames\human fall flat\content\humanfallflat.exe] => (Block) L:\xboxgames\human fall flat\content\humanfallflat.exe (Access Denied) [File not signed]
FirewallRules: [TCP Query User{1AEA2C90-34CF-4A28-8A8B-DECE34231209}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{CBD697BB-8858-43F9-8DEA-E68395D8B415}C:\users\micha\appdata\local\crossout\launcher.exe] => (Allow) C:\users\micha\appdata\local\crossout\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{BBB18066-1A62-4B6F-AEA7-09012086A685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{23E7748A-E81A-4D11-8B2C-50BEC02C3E01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{FFED7C2C-8DFD-4B87-AB1E-363287DA7B00}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFC43BAF-88F3-432F-8B96-EFD44F22E75D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FEBE6DF-8741-45B6-9D50-1902184F120F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C828F30-3503-4FF6-8558-8311BAA735E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{68320D8A-6F97-411F-8955-B5800497F558}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [UDP Query User{1E6F081F-E513-42C0-89FA-23B782AD3A98}L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe] => (Allow) L:\downloads\mon.bazou.v0.256\mon.bazou.v0.256\monbazou\mon bazou.exe () [File not signed]
FirewallRules: [TCP Query User{CA702105-D56F-499F-95AB-CA71697C4C0D}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [UDP Query User{840E18C3-0704-49A1-96F4-181A626B6797}L:\downloads\the.planet.crafter\planet crafter.exe] => (Allow) L:\downloads\the.planet.crafter\planet crafter.exe () [File not signed]
FirewallRules: [{59D404D5-8728-49AB-9E06-51D26700D695}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{A96A6F90-7DD2-4995-88AA-0F956DB33A2C}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\Aquarist.exe () [File not signed]
FirewallRules: [{D2DBB5FE-E8B9-4ED4-AA67-937B6DDC8AB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{851C3AE4-EC50-4BE6-BB77-4E72493806F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [TCP Query User{1E0AE19E-20F1-443B-906D-065238976E49}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [UDP Query User{50D93168-8FA5-49AA-BABE-A5A8F88B3486}L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe] => (Allow) L:\downloads\feed.and.grow.fish.v0.14.3.5\feed and grow.exe () [File not signed]
FirewallRules: [{BC45F458-DEB7-4E71-8941-1742EE09E829}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{4A30FB60-8369-40E0-906C-38AB2F7DF5FA}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{3B90E320-F8B7-429E-99E6-314F048244CD}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{D368F37B-76C3-43B0-B0FD-F5AF2D450029}] => (Allow) L:\Downloads\UnravelTwo\UnravelTwo_trial.exe (Coldwood Interactive AB -> Coldwood Interactive AB)
FirewallRules: [{DCDA16F5-1AB3-4585-B939-34DA43598E9B}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{592253A9-C2A2-4767-B3BF-DE9B0254A0FC}] => (Allow) L:\SteamLibrary\steamapps\common\Aquarist Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{2E8D51BF-5717-4012-BC0A-557AD5122175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [{253299C3-BD33-41BB-971A-81703FF02A3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Builder Demo\PWLauncherBootstrapper.exe (PWay Sp. z o.o.) [File not signed]
FirewallRules: [TCP Query User{9D9F2F4E-88B8-4E22-AADB-5A99589DB433}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A4B7A22-EC59-4D80-A5BA-66B42386D2F1}L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) L:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6E02E418-AA6F-4C92-9374-FFAA59441B23}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [UDP Query User{CD0D9E68-D68A-453C-A9EB-6B166701345C}L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe] => (Block) L:\downloads\shotgun.king.the.final.checkmate.v1.244\shotgun_king.exe () [File not signed]
FirewallRules: [{2F698A77-BA23-4B6C-9E39-3AB00712D141}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{DEDCE339-7914-48FF-A935-F774F7D0F667}] => (Allow) L:\SteamLibrary\steamapps\common\Totally Reliable Delivery Service\Totally Reliable Delivery Service.exe () [File not signed]
FirewallRules: [{61C77ED8-359C-49A2-BAE9-7042AE301115}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{77563C0C-B28D-4E56-98D2-9925DBECE044}] => (Allow) L:\SteamLibrary\steamapps\common\Toilet Chronicles\ToiletChronicles.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{57023810-2F26-4628-B0D6-79A7505BB914}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [UDP Query User{25FAEDB6-0F8B-43CC-B6E6-2710E6889A77}L:\downloads\cult of the lamb\cult of the lamb.exe] => (Allow) L:\downloads\cult of the lamb\cult of the lamb.exe () [File not signed]
FirewallRules: [{B85E4058-CFD6-4F39-961D-90E6963E4193}] => (Allow) L:\SteamLibrary\steamapps\common\Toadled\ToadledWindows.exe () [File not signed]
FirewallRules: [{A74B3AAB-4981-4778-A3FE-EB6E86A2F198}] => (Allow) L:\SteamLibrary\steamapps\common\Toadled\ToadledWindows.exe () [File not signed]
FirewallRules: [{FF5F70A8-DB4F-4EDD-A346-98C8AA0E687E}] => (Allow) L:\SteamLibrary\steamapps\common\RoboBunnies In Space\RoboBunniesInSpace.exe () [File not signed]
FirewallRules: [{9FB7769A-775F-4556-9E86-044FAF5824AF}] => (Allow) L:\SteamLibrary\steamapps\common\RoboBunnies In Space\RoboBunniesInSpace.exe () [File not signed]
FirewallRules: [{2C347C8D-86E0-4DDD-BD0D-A3782FEF06A9}] => (Allow) L:\SteamLibrary\steamapps\common\Evil Glitch\EvilGlitch.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{195B5849-856F-428A-BB0D-B476E3435074}] => (Allow) L:\SteamLibrary\steamapps\common\Evil Glitch\EvilGlitch.exe (GitHub, Inc.) [File not signed]
FirewallRules: [TCP Query User{516191BA-DBEC-4FAF-9946-4711EAAEC309}L:\downloads\space.scavenger.creative.mode-goldberg\space.scavenger.creative.mode-goldberg\space scavenger.exe] => (Block) L:\downloads\space.scavenger.creative.mode-goldberg\space.scavenger.creative.mode-goldberg\space scavenger.exe () [File not signed]
FirewallRules: [UDP Query User{59E65718-8887-47CD-96D5-310FD61FE906}L:\downloads\space.scavenger.creative.mode-goldberg\space.scavenger.creative.mode-goldberg\space scavenger.exe] => (Block) L:\downloads\space.scavenger.creative.mode-goldberg\space.scavenger.creative.mode-goldberg\space scavenger.exe () [File not signed]
FirewallRules: [{81A9DA2F-FD87-4391-B65E-40D79423B2E2}] => (Allow) L:\SteamLibrary\steamapps\common\Bloons TD Battles 2\btdb2_game.exe (Ninja Kiwi Ltd.) [File not signed]
FirewallRules: [{29405DEF-F4BC-4A43-8B6E-7CC80609366E}] => (Allow) L:\SteamLibrary\steamapps\common\Bloons TD Battles 2\btdb2_game.exe (Ninja Kiwi Ltd.) [File not signed]
FirewallRules: [{9CD9235C-C999-46B4-8631-C1D39FD8A7E8}] => (Allow) L:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{7E41DDFE-57B4-45C8-B5F5-B1B0247EF4BB}] => (Allow) L:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{E127B333-F0E6-4725-82E4-A618C830930F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{E74FB68B-1AB4-48BB-AEEB-EF251C561118}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Classic\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{AAD7A0A6-A98B-4756-8EF3-E431F797F72F}] => (Allow) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe (Thales DIS CPL USA, Inc. -> Thales Group)
FirewallRules: [TCP Query User{C344E2D7-4B64-4821-BCE3-F336029A93C2}L:\downloads\doodle god\doodle god universe demo.exe] => (Allow) L:\downloads\doodle god\doodle god universe demo.exe () [File not signed]
FirewallRules: [UDP Query User{A58E2B62-54A6-449F-AB25-EE67D9D44B81}L:\downloads\doodle god\doodle god universe demo.exe] => (Allow) L:\downloads\doodle god\doodle god universe demo.exe () [File not signed]
FirewallRules: [TCP Query User{CF9A70CF-C2BB-4A61-A2DE-C43808CFFC76}L:\downloads\the.wandering.village.v0.1.33\wanderingvillage.exe] => (Block) L:\downloads\the.wandering.village.v0.1.33\wanderingvillage.exe () [File not signed]
FirewallRules: [UDP Query User{F7E16266-E721-4094-B7ED-C60E05D2815A}L:\downloads\the.wandering.village.v0.1.33\wanderingvillage.exe] => (Block) L:\downloads\the.wandering.village.v0.1.33\wanderingvillage.exe () [File not signed]
FirewallRules: [TCP Query User{A0F31908-0AA4-4918-A50D-C3D52156B3BA}L:\downloads\wargaming.net\gamecenter\wgc.exe] => (Allow) L:\downloads\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{4B05A387-D111-4438-8F06-394FDB23374A}L:\downloads\wargaming.net\gamecenter\wgc.exe] => (Allow) L:\downloads\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{501B3C2F-61F4-4289-A963-D83801128738}L:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) L:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{8A76BF94-4C0D-4E28-A2E0-E29D32978136}L:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) L:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{51F9A459-0561-48C9-9031-30BB6A4B90A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0CA6B13D-C036-422F-AD8B-257BB1733E14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B60CC01D-1EE8-4AC0-91D1-B2993D535B91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7996D172-8295-4525-B96C-E8082649633B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D5F722C2-5028-4C22-9EB3-0B544708B1E5}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{65739AAB-A55E-43AC-B6ED-428C5C6A7576}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [{BEC8CA2B-642A-4C93-A84E-7FD8C6BFD325}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F227DC9C-6F11-4757-9605-00E5F6855360}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{977EFF52-927F-4BC2-B864-1257474A16E6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{96EED623-C06E-4F7E-8EA5-7A6DAA99CCE0}L:\downloads\crash bandicoot 4\lava\binaries\win64\crashbandicoot4.exe] => (Block) L:\downloads\crash bandicoot 4\lava\binaries\win64\crashbandicoot4.exe (Activision Publishing) [File not signed]
FirewallRules: [UDP Query User{946B9CFB-3FF7-417E-ACF0-4EF8F2DF3D9D}L:\downloads\crash bandicoot 4\lava\binaries\win64\crashbandicoot4.exe] => (Block) L:\downloads\crash bandicoot 4\lava\binaries\win64\crashbandicoot4.exe (Activision Publishing) [File not signed]
FirewallRules: [{8374F70F-CEA7-47DE-91D2-AF57F172F0E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{8F5E94C6-8D4A-4C7C-B036-1D67CEB9C553}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\Remake\WhosYourDaddy.exe () [File not signed]
FirewallRules: [{D76EB744-3DB2-447D-94D3-2348651742FC}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\PDLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{2EC8DC50-A137-420B-A81E-AE6B43B655BF}] => (Allow) L:\SteamLibrary\steamapps\common\Kerbal Space Program\PDLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{36202B76-F12A-42BB-BA94-705081339BD7}L:\downloads\dont.starve.together.v522521\game\bin\dontstarve_steam.exe] => (Block) L:\downloads\dont.starve.together.v522521\game\bin\dontstarve_steam.exe => No File
FirewallRules: [UDP Query User{21BECE4E-3136-4D11-929B-86DF98CE9AED}L:\downloads\dont.starve.together.v522521\game\bin\dontstarve_steam.exe] => (Block) L:\downloads\dont.starve.together.v522521\game\bin\dontstarve_steam.exe => No File
FirewallRules: [TCP Query User{91E97C76-0FD0-4E5C-A105-31B906D45E34}L:\downloads\dont.starve.together.v522521\game\bin64\dontstarve_steam_x64.exe] => (Allow) L:\downloads\dont.starve.together.v522521\game\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [UDP Query User{13A91FD5-C6FF-4E5B-AB68-68F80347A1A1}L:\downloads\dont.starve.together.v522521\game\bin64\dontstarve_steam_x64.exe] => (Allow) L:\downloads\dont.starve.together.v522521\game\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [{36CA83F2-1470-4A2B-BFB5-60A53EBB7B83}] => (Allow) L:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{2D493646-197D-4656-99E9-2DEF3805D92C}] => (Allow) L:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{8964ED8C-3647-4573-A83F-6BC6ED8142D2}] => (Allow) L:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{9F4A2AB3-6490-44BF-9BF6-9FE93AAC5D0D}] => (Allow) L:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{9DE5AF6B-8316-46A0-A444-712C9B3FEC39}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe => No File
FirewallRules: [{C93E0725-7E77-4F00-B162-749BE0591AC8}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe => No File
FirewallRules: [{AB3E1717-DBAB-4C04-B476-B6A395F25833}] => (Block) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe => No File
FirewallRules: [{A7B8BF7B-3EF8-45F3-82CE-D7357C0B93DF}] => (Block) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe => No File
FirewallRules: [{A2084A57-B60E-49D6-9BE2-6F4484B68858}] => (Allow) C:\Program Files (x86)\Overwolf\0.208.1.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D40BC4FE-9BA4-443B-A90C-FC45A777129D}] => (Allow) C:\Program Files (x86)\Overwolf\0.208.1.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6BA8406D-5DEA-4382-BCA7-A71E356B0714}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A48FD8E8-8785-4DC4-A4E1-D35BBCA6DEBE}] => (Allow) C:\Program Files\UrbanVPN\bin\urbanvpn.exe (Urban Cyber Security Inc. -> Urban Cyber Security Inc.)
FirewallRules: [{D71A2095-74F3-4534-A982-2D6D38CF1832}] => (Allow) C:\WINDOWS\SysWOW64\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D7B64F9B-28FE-4AAF-8061-29C28D0B0349}] => (Allow) C:\Users\micha\AppData\Roaming\.minecraft\resourcepacks\novaskin\bin\node.exe (Joyent, Inc -> Joyent, Inc)
FirewallRules: [{1D1DF0BD-219B-4322-8F5A-DD1FA35CAC39}] => (Allow) C:\Users\micha\AppData\Roaming\.minecraft\resourcepacks\novaskin\bin\node.exe (Joyent, Inc -> Joyent, Inc)
FirewallRules: [{1F3A3F35-E6DA-4FCA-95FF-50D460896510}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Scp Virtual Bus Driver
Description: Scp Virtual Bus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Nefarius Software Solutions
Service: ScpVBus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Scp Virtual Bus Driver
Description: Scp Virtual Bus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Nefarius Software Solutions
Service: ScpVBus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/20/2022 08:46:42 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:42Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:46:12 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:12Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:45:42 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:42Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:45:12 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:12Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:44:42 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:42Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:44:04 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:04Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:43:00 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:58:00Z. Kód chyby: 0x80070002
Error: (11/20/2022 08:42:30 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2022-11-22T20:57:30Z. Kód chyby: 0x80070002
System errors:
=============
Error: (11/20/2022 08:44:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (11/20/2022 08:44:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (11/20/2022 08:44:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (11/20/2022 08:44:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (11/20/2022 08:43:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/20/2022 08:43:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/20/2022 08:43:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (11/20/2022 08:43:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NovaSkinResourcepack byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-10-24 20:17:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid
1115676206035765; process:_pid:10524,ProcessStart:133111090313397368Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-24 20:17:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid
1115676206035765; process:_pid:10524,ProcessStart:133111090313397368Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-24 17:54:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid
1115676206035765; process:_pid:1416,ProcessStart:133111004510895624Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-24 17:54:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid
1115676206035765; process:_pid:1416,ProcessStart:133111004510895624Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-24 15:55:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/PShellPublicStager.A
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid
1115676206035765; process:_pid:13976,ProcessStart:133110933268323507Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.377.727.0, AS: 1.377.727.0, NIS: 1.377.727.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Event[0]:
Date: 2022-10-23 17:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_N:\o16setup.exe; process:_pid:22740,ProcessStart:133110128935028981
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: N:\O16Setup.EXE
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-23 17:34:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_N:\o16setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-23 17:33:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_N:\O16Setup.EXE
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
CodeIntegrity:
===============
Date: 2022-11-20 08:42:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-11-20 08:41:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.90 12/09/2019
Motherboard: ASRock B450M Pro4
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 16313.71 MB
Available physical RAM: 10780.55 MB
Total Virtual: 21433.71 MB
Available Virtual: 14212.22 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.87 GB) (Free:12.57 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: Patriot Burst) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: SAMSUNG HD642JJ) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:224.84 GB) (Free:67.95 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive h: () (Fixed) (Total:224.84 GB) (Free:14.61 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive i: () (Fixed) (Total:222.95 GB) (Free:2.32 GB) (Model: Patriot Burst) NTFS
Drive j: () (Fixed) (Total:146.38 GB) (Free:20.3 GB) (Model: SAMSUNG HD642JJ) NTFS
Drive k: () (Fixed) (Total:247.82 GB) (Free:115.57 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
Drive l: () (Fixed) (Total:683.59 GB) (Free:122.33 GB) (Model: WDC WD10EZEX-00RKKA0) NTFS
\\?\Volume{c4029046-716d-441f-a03d-cce2ceeeb070}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{c6b8d1f4-ded1-4088-bf7e-f6bafaa17d56}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{9b707457-a5d8-f53d-3dbc-236db814aef8}\ () (Fixed) (Total:5.42 GB) (Free:0 GB) NTFS
\\?\Volume{7e630a01-0000-0000-0000-10c337000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{6ff619c6-97c5-4a7f-bd2f-8251e43ed227}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 7E630A01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=533 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: E274E274)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.7 GB) - (Type=0F Extended)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0775D37C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.
==================== End of Addition.txt =======================
