Kontrola logu
Napsal: 20 kvě 2023 10:49
Dobrý den,
prosím o kontrolu logu.
Děkuji a přeji hezký den
Helena
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-05-2023
Ran by Intel (administrator) on DESKTOP-TSUL98F (Gigabyte Technology Co., Ltd. Z590 GAMING X) (20-05-2023 11:45:10)
Running from C:\Users\Intel\Downloads\FRST64.exe
Loaded Profiles: Intel
Platform: Microsoft Windows 10 Home Version 21H2 19044.2965 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <3>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.223.0.30\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.223.0.30\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe <5>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\Intel\AppData\Local\Overwolf\ProcessCache\0.223.0.30\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\LibreOffice\program\soffice.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\TeamViewer\TeamViewer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe <6>
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\Medal.exe ->) (Ferox Games B.V. -> ) C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\Medal.exe
(C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\Medal.exe ->) (Ferox Games B.V. -> Ferox Games B.V.) C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\MedalEncoder.exe
(C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\MedalEncoder.exe ->) () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\crashpad_handler.exe
(D:\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming Group Limited -> Wargaming.net) D:\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(D:\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) D:\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(Discord Inc. -> Discord Inc.) C:\Users\Intel\AppData\Local\Discord\app-1.0.9013\Discord.exe <6>
(explorer.exe ->) () [File not signed] C:\Program Files\BakkesMod\BakkesMod.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(explorer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Wargaming Group Limited -> Wargaming.net) D:\Wargaming.net\GameCenter\wgc.exe
(Ferox Games B.V. -> Medal B.V.) C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\Medal.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_5c2831a2e251017a\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_85cff5320735903d\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_85cff5320735903d\RtkAudUService64.exe [3378592 2021-10-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-05-03] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Discord] => C:\Users\Intel\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37132752 2023-05-18] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Medal] => C:\Users\Intel\AppData\Local\Medal\update.exe [1974192 2022-07-08] (Ferox Games B.V. -> )
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Spotify] => C:\Users\Intel\AppData\Roaming\Spotify\Spotify.exe [20403576 2023-05-16] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3545608 2023-04-21] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262376 2023-05-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Wargaming.net Game Center] => D:\Wargaming.net\GameCenter\wgc.exe [2181912 2023-04-20] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [BakkesMod] => C:\Program Files\BakkesMod\BakkesMod.exe [15850496 2023-01-23] () [File not signed]
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2023-05-14] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\MountPoints2: {204aa1e5-d4fb-11ec-8bd6-806e6f6e6963} - "D:\Run.exe"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3545608 2023-04-21] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\113.0.5672.127\Installer\chrmstp.exe [2023-05-19] (Google LLC -> Google LLC)
Startup: C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 7.3.lnk [2022-05-17]
ShortcutTarget: LibreOffice 7.3.lnk -> C:\Program Files\LibreOffice\program\quickstart.exe (The Document Foundation -> The Document Foundation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AA566E7-180C-4812-9CB8-7E7FFDCF4EF9} - System32\Tasks\Opera scheduled Autoupdate 1673706723 => C:\Users\Intel\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-19] (Opera Norway AS -> Opera Software)
Task: {150F9039-CB99-4376-9F7A-BFD7A4F1C5FA} - System32\Tasks\Opera scheduled Autoupdate 1656701534 => C:\Users\Intel\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-19] (Opera Norway AS -> Opera Software)
Task: {1AFE49A1-BCE2-4E11-BEB8-C0ABB86E564C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {47BF492B-45E7-4B7B-BF80-AA4263D2CE01} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {4B71E528-7752-486B-A8B5-666597DDF2BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2023-05-16] (Google Inc -> Google Inc.)
Task: {4D91F9CD-99B7-4CE7-856E-5C5D6A979B67} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-05-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {51BADF75-8891-4106-A6A2-48D7E74AA694} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2639880 2023-05-14] (Overwolf Ltd -> Overwolf LTD)
Task: {52A2BD8D-535B-45DE-A3CB-E9BA4347C306} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5CF6035E-E507-4E20-A9D8-F9BBC48F8143} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6387CB97-7A8D-4B71-BF3B-3460507874F6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {679FC4D3-60AD-4B4A-9F49-A604C5DC2640} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86A49E31-5085-492E-B94C-DB31A8749740} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92072189-BD1A-4834-8D87-EB363CE83194} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B3D9CAF-8203-43CC-A6E5-E0526F6C035C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2023-05-16] (Google Inc -> Google Inc.)
Task: {AF6A091A-4535-43B0-A432-849F3BDE93BC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DE53F3E3-94CC-435B-978A-D784D6C4A92F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8FBD395-C244-446E-9200-CC87B6092C6B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e2c2d162-5266-46bc-974f-43cc7c539e26}: [DhcpNameServer] 192.168.35.74
Tcpip\..\Interfaces\{f68a9da5-c189-48e0-bdd8-f09b8abb689e}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Intel\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-19]
FireFox:
========
FF DefaultProfile: 1idujhgd.default
FF ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Firefox\Profiles\1idujhgd.default [2022-05-16]
FF ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Firefox\Profiles\k7234vfb.default-release [2023-05-20]
FF Notifications: Mozilla\Firefox\Profiles\k7234vfb.default-release -> hxxps://aternos.org
FF Extension: (uBlock Origin) - C:\Users\Intel\AppData\Roaming\Mozilla\Firefox\Profiles\k7234vfb.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-05-03]
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2022-07-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2022-07-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default [2023-05-16]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-16]
Opera:
=======
OPR Profile: C:\Users\Intel\AppData\Roaming\Opera Software\Opera Stable [2023-05-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Intel\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-01-14]
OPR Extension: (Opera Wallet) - C:\Users\Intel\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-18]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Intel\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-01-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-05-06] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2023-02-14] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943016 2023-04-01] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-03-29] (Epic Games Inc. -> Epic Games, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9255384 2023-05-19] (Malwarebytes Inc. -> Malwarebytes)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2639880 2023-05-14] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2005416 2023-04-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [518576 2023-04-20] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297488 2023-04-20] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2196464 2023-02-24] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2023-03-15] (Razer USA Ltd. -> Razer Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [17029944 2023-05-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11023152 2023-05-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [30728 2022-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [41480 2022-05-17] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [199640 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77752 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-05-19] (Malwarebytes Inc. -> Malwarebytes)
R3 MFDriver_Driver; C:\Windows\system32\drivers\MFDriver.sys [32224 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2022-05-17] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_006b; C:\Windows\System32\drivers\RzDev_006b.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\Windows\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22676992 2023-05-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VOICEMOD_Driver; C:\Windows\system32\drivers\mvvad.sys [48144 2022-07-26] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 GVCIDrv; \??\C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-20 11:45 - 2023-05-20 11:45 - 000026764 _____ C:\Users\Intel\Downloads\FRST.txt
2023-05-20 11:44 - 2023-05-20 11:45 - 000000000 ____D C:\FRST
2023-05-20 11:43 - 2023-05-20 11:43 - 002382336 _____ (Farbar) C:\Users\Intel\Downloads\FRST64(1).exe
2023-05-20 11:42 - 2023-05-20 11:44 - 002382336 _____ (Farbar) C:\Users\Intel\Downloads\FRST64.exe
2023-05-19 18:01 - 2023-05-19 18:01 - 000000000 ____D C:\ProgramData\PLUG
2023-05-19 15:21 - 2023-05-19 15:21 - 000000000 ____D C:\Users\Intel\AppData\Local\FPSChess
2023-05-19 14:01 - 2023-05-19 14:01 - 000000000 ____D C:\Program Files\RUXIM
2023-05-19 13:59 - 2023-05-19 13:59 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-05-19 13:55 - 2023-05-19 13:55 - 000001085 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2023-05-19 13:55 - 2023-05-19 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2023-05-19 13:55 - 2023-05-19 13:55 - 000000000 ____D C:\Program Files\VS Revo Group
2023-05-19 13:48 - 2023-05-20 08:07 - 000000000 ____D C:\Users\Intel\AppData\Local\Malwarebytes
2023-05-19 13:48 - 2023-05-19 13:48 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-05-19 13:48 - 2023-05-19 13:48 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-05-19 13:48 - 2023-05-19 13:48 - 000000000 ____D C:\Users\Intel\AppData\Local\mbam
2023-05-19 13:47 - 2023-05-19 13:47 - 002638680 _____ (Malwarebytes) C:\Users\Intel\Downloads\MBSetup.exe
2023-05-19 13:47 - 2023-05-19 13:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-05-19 13:47 - 2023-05-19 13:47 - 000000000 ____D C:\Program Files\Malwarebytes
2023-05-17 09:00 - 2023-05-17 09:00 - 000000000 ____D C:\ProgramData\KONAMI
2023-05-17 08:54 - 2023-05-17 08:56 - 000000000 ____D C:\Users\Intel\Documents\KONAMI
2023-05-16 12:13 - 2023-05-20 11:32 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-16 12:13 - 2023-05-19 18:27 - 000003768 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-05-16 12:13 - 2023-05-19 18:27 - 000003644 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-05-16 12:13 - 2023-05-19 14:13 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-16 12:13 - 2023-05-19 13:19 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-05-16 12:13 - 2023-05-16 12:13 - 000000000 ____D C:\Users\Intel\AppData\LocalLow\uTorrent.WebView2
2023-05-16 12:13 - 2023-05-16 12:13 - 000000000 ____D C:\Users\Intel\AppData\Local\Google
2023-05-16 12:13 - 2023-05-16 12:13 - 000000000 ____D C:\Program Files\Google
2023-05-16 12:12 - 2023-05-19 13:50 - 000000000 ____D C:\Users\Intel\AppData\Roaming\utorrent
2023-05-16 11:57 - 2023-05-20 08:06 - 000000000 ____D C:\Program Files\TeamViewer
2023-05-16 11:57 - 2023-05-17 19:31 - 000000895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2023-05-16 11:57 - 2023-05-16 12:00 - 000000000 ____D C:\Users\Intel\AppData\Local\TeamViewer
2023-05-16 11:57 - 2023-05-16 11:57 - 052554872 _____ (TeamViewer Germany GmbH) C:\Users\Intel\Downloads\TeamViewer_Setup_x64.exe
2023-05-16 11:57 - 2023-05-16 11:57 - 000000883 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2023-05-14 10:52 - 2023-05-14 10:52 - 116269360 _____ (Voicemod S.L. ) C:\Users\Intel\Downloads\VoicemodSetup_2.41.0.0.exe
2023-05-14 10:46 - 2023-05-19 14:13 - 053220864 _____ C:\ProgramData\MFCoreEff.dll
2023-05-14 10:46 - 2023-05-14 10:46 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Polyverse
2023-05-14 10:45 - 2023-05-14 10:45 - 000000000 ____D C:\Users\Intel\Documents\iMyFone MagicMic
2023-05-14 10:45 - 2023-05-14 10:45 - 000000000 ____D C:\Users\Intel\AppData\Local\ProductData
2023-05-14 10:45 - 2023-05-14 10:45 - 000000000 ____D C:\Users\Intel\AppData\Local\MagicMic
2023-05-14 10:44 - 2023-05-14 10:44 - 004704536 _____ C:\Users\Intel\Downloads\magicmic_setup-com_filme.exe
2023-05-14 10:44 - 2023-05-14 10:44 - 000000000 ____D C:\Program Files (x86)\imyfone_down
2023-05-13 14:39 - 2023-05-13 14:39 - 000000000 ____D C:\Users\Intel\AppData\Local\VALORANT
2023-05-13 14:38 - 2023-05-20 08:09 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-05-13 14:16 - 2023-05-19 13:50 - 000000000 ____D C:\Program Files\Riot Vanguard
2023-05-12 16:04 - 2023-05-12 16:04 - 000000000 ___HD C:\$WinREAgent
2023-05-07 18:49 - 2023-05-07 18:50 - 000000000 ____D C:\Users\Intel\Desktop\Ostatní
2023-05-07 18:48 - 2023-05-07 18:51 - 000000000 ____D C:\Users\Intel\Desktop\Launchery
2023-05-07 18:44 - 2023-05-07 18:51 - 000000000 ____D C:\Users\Intel\Desktop\Softwary
2023-05-07 18:42 - 2023-05-19 18:25 - 000000000 ____D C:\Users\Intel\Desktop\Hry
2023-05-07 09:45 - 2023-05-16 09:07 - 000000000 ____D C:\Program Files (x86)\Overwolf
2023-05-07 09:45 - 2023-05-07 09:45 - 000004408 _____ C:\Windows\system32\Tasks\Overwolf Updater Task
2023-05-07 09:45 - 2023-05-07 09:45 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2023-05-07 09:45 - 2023-05-07 09:45 - 000000000 ____D C:\ProgramData\Overwolf
2023-05-07 09:44 - 2023-05-07 09:44 - 002398240 _____ (Overwolf Ltd.) C:\Users\Intel\Downloads\Porofessor.gg - Installer(1).exe
2023-05-06 16:58 - 2023-05-06 16:58 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Overwolf
2023-05-06 16:55 - 2023-05-20 08:07 - 000000000 ____D C:\Users\Intel\AppData\Local\Overwolf
2023-05-06 16:55 - 2023-05-06 16:55 - 002398240 _____ (Overwolf Ltd.) C:\Users\Intel\Downloads\Porofessor.gg - Installer.exe
2023-05-01 10:01 - 2023-05-13 14:15 - 000000000 ____D C:\Riot Games
2023-05-01 10:01 - 2023-05-01 10:01 - 071456512 _____ (Riot Games, Inc.) C:\Users\Intel\Downloads\Install League of Legends eune.exe
2023-04-30 18:55 - 2023-04-30 18:55 - 000000000 ____D C:\Users\Intel\AppData\Local\Daedalic Entertainment GmbH
2023-04-30 18:47 - 2023-04-30 18:49 - 1058319750 _____ C:\Users\Intel\Downloads\Barotrauma.v1.0.9.0.rar
2023-04-25 19:07 - 2023-04-25 19:07 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2023-04-22 09:35 - 2023-05-19 14:13 - 000000883 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BakkesMod.lnk
2023-04-22 09:35 - 2023-04-22 09:36 - 000000000 ____D C:\Users\Intel\AppData\Roaming\bakkesmod
2023-04-22 09:35 - 2023-04-22 09:35 - 008168841 _____ C:\Users\Intel\Downloads\BakkesModSetup.zip
2023-04-22 09:35 - 2023-04-22 09:35 - 000000000 ____D C:\Program Files\BakkesMod
2023-04-21 16:31 - 2023-04-21 16:31 - 000000000 ____D C:\Users\Intel\AppData\Local\EpicOnlineServicesUIHelper
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-20 11:43 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-05-20 11:42 - 2022-05-16 12:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-20 11:41 - 2022-05-19 17:42 - 000000000 ____D C:\Program Files (x86)\Steam
2023-05-20 11:38 - 2022-06-20 21:17 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Medal
2023-05-20 11:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-20 11:29 - 2022-05-16 10:47 - 000000000 ____D C:\Users\Intel\AppData\Local\D3DSCache
2023-05-20 11:07 - 2022-05-19 17:55 - 000000000 ____D C:\Users\Intel\AppData\Local\Discord
2023-05-20 10:51 - 2022-11-25 16:31 - 000000000 ____D C:\ProgramData\Riot Games
2023-05-20 08:13 - 2022-07-03 18:19 - 000000000 ___HD C:\Users\Intel\Downloads\.opera
2023-05-20 08:13 - 2022-07-03 18:19 - 000000000 ___HD C:\Users\Intel\.opera
2023-05-20 08:13 - 2022-05-16 10:38 - 001693136 _____ C:\Windows\system32\PerfStringBackup.INI
2023-05-20 08:13 - 2019-12-07 16:41 - 000716764 _____ C:\Windows\system32\perfh005.dat
2023-05-20 08:13 - 2019-12-07 16:41 - 000144942 _____ C:\Windows\system32\perfc005.dat
2023-05-20 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-05-20 08:13 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-05-20 08:07 - 2022-11-22 20:45 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Microsoft\Skype for Desktop
2023-05-20 08:07 - 2022-07-08 11:41 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Spotify
2023-05-20 08:07 - 2022-06-20 21:17 - 000000000 ____D C:\Users\Intel\Documents\Medal
2023-05-20 08:07 - 2022-06-20 21:17 - 000000000 ____D C:\Medal
2023-05-20 08:07 - 2022-05-19 17:55 - 000000000 ____D C:\Users\Intel\AppData\Roaming\discord
2023-05-20 08:07 - 2022-05-16 11:52 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-20 08:06 - 2022-05-16 10:32 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-20 08:06 - 2022-05-16 10:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-05-20 08:06 - 2022-05-16 10:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-05-20 08:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-05-19 15:22 - 2022-06-21 16:09 - 000000000 ____D C:\Users\Intel\AppData\Local\log
2023-05-19 15:21 - 2022-05-16 10:54 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-19 15:20 - 2022-06-07 18:31 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-05-19 14:13 - 2022-11-27 16:38 - 000000016 _____ C:\ProgramData\mntemp
2023-05-19 14:13 - 2022-10-11 19:00 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-19 14:13 - 2022-06-01 15:03 - 000001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk
2023-05-19 14:13 - 2022-05-19 17:54 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-05-19 14:13 - 2022-05-16 12:25 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-19 14:13 - 2022-05-16 10:32 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-19 14:01 - 2022-07-08 11:41 - 000000000 ____D C:\Users\Intel\AppData\Local\Spotify
2023-05-19 13:59 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-05-19 13:57 - 2022-05-19 20:57 - 000000000 ____D C:\Users\Intel\AppData\Local\CrashDumps
2023-05-19 13:47 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-05-19 13:19 - 2023-02-18 20:12 - 000000000 ____D C:\Users\Intel\AppData\Local\BitTorrentHelper
2023-05-18 15:54 - 2022-05-17 09:34 - 000000000 ____D C:\Program Files\7-Zip
2023-05-18 15:54 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-17 19:31 - 2022-05-16 11:35 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-05-14 16:06 - 2022-05-16 12:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-05-14 16:06 - 2022-05-16 12:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-13 17:13 - 2022-05-17 11:12 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4045719670-31021591-3592273161-1001
2023-05-13 17:13 - 2022-05-16 10:46 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4045719670-31021591-3592273161-1001
2023-05-13 17:13 - 2022-05-16 10:44 - 000002383 _____ C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-13 16:43 - 2022-05-16 11:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-13 14:39 - 2022-11-25 16:31 - 000000000 ____D C:\Users\Intel\AppData\Local\Riot Games
2023-05-13 14:37 - 2022-11-25 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-05-12 21:19 - 2022-05-16 10:32 - 000456912 _____ C:\Windows\system32\FNTCACHE.DAT
2023-05-12 21:18 - 2019-12-07 16:41 - 000000000 ____D C:\Windows\SysWOW64\cs
2023-05-12 21:18 - 2019-12-07 16:41 - 000000000 ____D C:\Windows\system32\cs
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-05-12 16:09 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-05-12 16:07 - 2022-05-16 10:36 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-05-12 16:04 - 2022-05-16 11:39 - 000000000 ____D C:\Windows\system32\MRT
2023-05-12 16:02 - 2022-05-16 11:39 - 159583304 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-05-12 15:04 - 2022-05-16 10:32 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 15:04 - 2022-05-16 10:32 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-11 21:08 - 2022-11-22 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-05-11 15:58 - 2022-06-20 21:17 - 000000000 ____D C:\Users\Intel\AppData\Local\Medal
2023-05-11 15:58 - 2022-06-20 21:17 - 000000000 ____D C:\Users\Intel\AppData\Local\Ferox_Games_B.V
2023-05-09 20:22 - 2022-05-17 09:32 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-05-09 20:15 - 2022-05-16 11:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-05-05 19:40 - 2022-07-01 20:51 - 000000000 ____D C:\Users\Intel\AppData\Roaming\.tlauncher
2023-05-05 19:02 - 2022-08-18 13:59 - 000000000 ____D C:\Users\Intel\AppData\Local\FiveM
2023-05-03 17:08 - 2022-11-16 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2023-05-03 17:08 - 2022-05-16 10:32 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-05-03 17:06 - 2022-11-16 17:39 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2023-04-30 18:55 - 2023-02-18 22:17 - 000000000 ____D C:\Users\Public\Documents\OnlineFix
2023-04-26 17:15 - 2022-07-01 20:51 - 000000000 ____D C:\Users\Intel\AppData\Roaming\.minecraft
2023-04-25 19:07 - 2022-07-15 17:45 - 000000000 ____D C:\Users\Intel\Documents\My Games
==================== Files in the root of some directories ========
2023-05-14 10:46 - 2023-05-19 14:13 - 053220864 _____ () C:\ProgramData\MFCoreEff.dll
2022-06-29 20:51 - 2023-03-01 19:24 - 000007602 _____ () C:\Users\Intel\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-05-2023
Ran by Intel (20-05-2023 11:46:01)
Running from C:\Users\Intel\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2965 (X64) (2022-05-16 08:34:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4045719670-31021591-3592273161-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4045719670-31021591-3592273161-503 - Limited - Disabled)
Guest (S-1-5-21-4045719670-31021591-3592273161-501 - Limited - Disabled)
Intel (S-1-5-21-4045719670-31021591-3592273161-1001 - Administrator - Enabled) => C:\Users\Intel
WDAGUtilityAccount (S-1-5-21-4045719670-31021591-3592273161-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod)
BurnAware Free 15.4 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
Discord (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{5509B79F-D323-4265-941C-C4402A915A38}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.32 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{acfd3daa-8cad-4514-bc73-64a154033052}) (Version: 1.0.3.32 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{97f3a665-a91b-4def-91e2-97fec9f22bfa}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.8.0 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{7eeee667-b295-4acd-9a4e-1160421db765}) (Version: 1.0.8.0 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
FiveM (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.127 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM\...\{89D00C61-DC40-4846-B938-E2E6158EDAAA}) (Version: 10.1.18836.8283 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 - Intel(R) Corporation)
Intel(R) LMS (HKLM\...\{EBE07B2C-43AB-4FA7-9783-D07C6A1124DE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2105.15.0.2155 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{39479C27-85A6-40FF-BEFC-1F27F824F303}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{BC46A079-3405-414F-8157-B7C1FC40AAA3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{469E67E3-F4BD-4EC7-B5F2-81CF63A1A25C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{3717BB4D-8085-4A84-8952-8CC8F988DC39}) (Version: 30.100.2051.37 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2051.37 - Intel Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Kingston SSD Manager x64 1.5.1.8 (HKLM-x32\...\{53F657CD-C4FC-4DCD-826E-6862917532AC}_is1) (Version: 1.5.1.8 - @2021 Kingston Digital, Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
LibreOffice 7.3.3.2 (HKLM\...\{2C4A93B5-0849-44CC-8302-C73E05930E93}) (Version: 7.3.3.2 - The Document Foundation)
Malwarebytes version 4.5.29.268 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.29.268 - Malwarebytes)
Medal (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Medal) (Version: 4.1687.0 - Medal B.V.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\OneDriveSetup.exe) (Version: 23.086.0423.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0.1 (x64 cs)) (Version: 113.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 100.0 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.223.0.30 - Overwolf Ltd.)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Porofessor.gg (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.290 - Overwolf app)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.0428.042117 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9257.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.050.0511.2021 - Realtek)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Riot Client (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.70.1389 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.7 - Rockstar Games)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Skype verze 8.97 (HKLM-x32\...\Skype_is1) (Version: 8.97 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Spotify) (Version: 1.2.11.916.geb595a67 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.8.4 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.8.4 - General Workings, Inc.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.41.9 - TeamViewer)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.86 - TLauncher Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Wargaming.net Game Center) (Version: 23.1.0.2222 - Wargaming.net)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\2135834465) (Version: - Wargaming.net)
Packages:
=========
Crosshair V2 -> C:\Program Files\WindowsApps\47492CenterpointGaming.CrosshairV2_1.0.15.0_neutral__rz8d8f65gztyc [2023-01-27] (CenterPoint Gaming)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-27] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-08-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-08-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-18] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.258.0_x64__dt26b99r8h8gj [2022-05-17] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-23] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4045719670-31021591-3592273161-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-05-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-05-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-03-02 08:55 - 2023-02-27 22:39 - 001393152 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2023-03-18 10:08 - 2023-05-13 10:21 - 000021504 _____ () [File not signed] [File is in use] C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\node_modules\@get-wrecked\iframe-editor\medalWrapper\build-1.0.217\assemblies\DllBridge.dll
2022-07-08 11:39 - 2023-05-13 10:21 - 000208896 _____ () [File not signed] \\?\C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\node_modules\ffi-napi\build\Release\ffi_bindings.node
2022-07-08 11:39 - 2023-05-13 10:21 - 000195584 _____ () [File not signed] \\?\C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\node_modules\ref-napi\prebuilds\win32-x64\electron.napi.node
2022-05-19 17:43 - 2022-11-07 12:17 - 000387072 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-05-19 17:43 - 2022-11-07 12:17 - 008052736 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 000467456 _____ () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\libmbedcrypto.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 000182272 _____ () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\libmbedtls.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 000061440 _____ () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\libmbedx509.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 001332736 _____ () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\sqlcipher.DLL
2023-05-17 14:23 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 001009152 _____ (Medal B.V.) [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\medal.device.windows.x64.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 000785408 _____ (Medal B.V.) [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\Medal.Log.x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:err [1762]
AlternateDataStreams: C:\Users\All Users:err [1762]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1762]
AlternateDataStreams: C:\ProgramData\MFCoreEff.dll:C215A52614 [3442]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BakkesMod.lnk:14E057C8D9 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk:C7FE7E9A98 [3442]
AlternateDataStreams: C:\Users\Intel\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8206]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2022-07-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2022-07-01] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\StartupApproved\Run: => "Voicemod"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6A1011D0-AA93-46D7-ACB0-C39FFB2D864B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{26E13982-3880-4F8B-9198-606820CC024D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{19B628C8-E03E-44CB-B922-57E49AEF4037}] => (Allow) LPort=9009
FirewallRules: [{DDBDFD2E-5B44-4207-A5C1-C7D22FC015FD}] => (Allow) LPort=9009
FirewallRules: [{5CB0175D-7E54-4A1E-AB1C-0BD34F67CA68}] => (Allow) LPort=9009
FirewallRules: [{EBF67DD6-2790-49B2-B7C3-9A6BEA7E31EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{281CAA13-B315-4498-9680-3881C4CDEC36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A97300F7-E51C-4ACE-BC40-D9CE9D677EF6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{712EF3A8-84BE-43A3-B30D-03FC60B00A4C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{47F3DB4F-E889-45D1-8770-3BE584119FCE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EDE23D7E-7552-4142-B053-3CE26BB015E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{F13C21A9-C620-4141-9282-066B80DFD2E7}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{6D265005-9C98-4E0E-AFC5-73DB276139B1}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{0839E3B0-B704-4D22-AA4A-028E030C8570}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{E45D6EC7-4430-43BC-A3E5-19EDF0057F82}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{EDF6C5E9-EE4E-427C-BC7C-8FEE18CAE847}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{CB302779-179E-4D8B-87F4-1264ABE65F65}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{4757D081-3537-46E0-B350-8F67B726F478}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{D8260D91-77A7-4B4C-ABCC-01D1D1FADE5C}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{0FBEA44F-65B6-4289-A409-624B995BFCEA}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{E3DBACBA-1654-4294-B138-720C9F5A42DF}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{AFFEE993-0FDE-491A-906A-96B26844D8AC}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{B7091B0E-1396-4BA1-A1CF-A809406A7E25}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{01B623F6-B0A5-442A-9768-5308CA64C8ED}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{F0C12C3C-C2B7-4867-80D7-FACD192A7487}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{7A98231E-49EF-4072-B191-B0CD43B1075F}C:\users\intel\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\intel\appdata\local\medal\app-4.1000.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [UDP Query User{0B06EAB3-63DE-495D-9BEE-14AD5C81F14E}C:\users\intel\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\intel\appdata\local\medal\app-4.1000.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [TCP Query User{159E019C-F5F9-4C61-A545-447592A18144}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{044440E8-1F4D-4DF4-BF48-424D4C83F8FE}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{F76802BF-36C5-49DC-ABD7-AB3EFDACFB81}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{B2CEBAE6-2584-45A6-B17C-9DC0999EBEF5}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{0A9643A3-AEFB-4FD4-BF9A-E56A65D0C10B}] => (Allow) C:\Users\Intel\AppData\Local\Programs\Opera\88.0.4412.53\opera.exe => No File
FirewallRules: [TCP Query User{AF750022-B9AF-45E3-88ED-737CF7232D14}C:\users\intel\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{EF42914E-70AB-4025-8723-7E7D5CD09D58}C:\users\intel\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{7B7FFB50-0CF4-4BA0-93D2-E28F33F14165}C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{AC046230-42F8-4519-9BC6-E62096CDDB8A}C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{AD854C57-8168-451A-9E10-FB2F9A6F18FB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C21EFB41-B945-4E91-B626-4BF20009C11D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E0224B89-BC76-4B3F-A74E-7D54EEA18336}C:\users\intel\appdata\local\medal\app-4.1687.0\medal.exe] => (Allow) C:\users\intel\appdata\local\medal\app-4.1687.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [UDP Query User{F702D9B5-899E-41D4-9CA6-97222372D7C2}C:\users\intel\appdata\local\medal\app-4.1687.0\medal.exe] => (Allow) C:\users\intel\appdata\local\medal\app-4.1687.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [TCP Query User{E4B3D147-D2C4-43BC-964A-ED75090163AD}C:\users\intel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\intel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C4ABB032-4699-4387-A44A-D24D1A86D921}C:\users\intel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\intel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{32C1B923-A2D8-4E35-BFF2-C8CF9BDC7254}C:\users\intel\appdata\local\fivem\fivem.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{863D4CFE-050C-4535-9017-124BF1A87A3A}C:\users\intel\appdata\local\fivem\fivem.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{B4CE235D-3B62-45A9-A6F5-F3D1F65A1E1F}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [UDP Query User{6EA2B509-FBD4-4E6E-9689-D83B5AE45EB1}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [TCP Query User{DC8F7AA6-0A8D-4A26-B17A-4651E5E15C34}C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{3CBC480B-5BE6-4101-85FD-D3EB3D16A5F9}C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{A21C7C26-F804-47D3-9BBE-8A1FC266BDC8}] => (Block) C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{146C7513-786E-44BD-93B4-EB367D276399}] => (Block) C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{A6C1CBDA-0A3C-476A-B0CC-F5B6A40D518B}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{4DDEBFE6-332D-4AE5-B236-420C2AB9BA69}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{0B18DFCF-86E5-487E-9C73-C9FEB1EF2801}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{C4ED63A7-9120-45F3-8DB9-D98078457AFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{794FFFD6-B8F6-496A-B39C-C965C113944D}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [TCP Query User{ED9C5183-C26B-4976-B995-3CA067F09DD1}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{23493769-282B-4F51-A939-C3242E20DB8C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{DFA43C0A-4CFF-4757-A1CB-0B1A9B08CCD7}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{30C1D12A-FF15-4ABA-A622-ADD6DF080C28}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{A087F31B-0C7C-4C51-B6A1-ED5C85889238}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{9FC03185-D7E6-45FB-B54C-89589A179D74}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{52A5BF59-4C5D-4DBF-AECF-1764872ACAE2}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{748F41AF-339A-40CD-A74F-404C7ACEDDA9}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{0E9411B2-271A-4E63-A90C-ABE90188A925}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{BBBD5271-5BE4-4F1D-A8DA-F3AB8221ECA7}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{44ABBCB3-8604-4ABE-8A72-0F2013E2390E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlapshotRebound\Slapshot.exe () [File not signed]
FirewallRules: [{3278FF21-5788-48EE-A0E5-CDCEA1651DCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlapshotRebound\Slapshot.exe () [File not signed]
FirewallRules: [TCP Query User{DDB4E24E-AA51-4081-9A07-B14027098B06}C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{691D97E8-728E-4EA3-8AF0-3868817D0671}C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{E68963C6-7DB1-4A78-853C-F8B258E9C33A}D:\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A6E176D-E5AA-429C-ADC3-5C934692428F}D:\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{4695A77E-21F8-454D-82D7-CE4793EE96E8}] => (Allow) D:\SteamLibrary\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [{5DA3CDDF-0F59-4554-861A-4F4DB475E8FD}] => (Allow) D:\SteamLibrary\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [TCP Query User{CDB0E561-03E0-4028-96CE-018D8E0EE6D1}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FF32D3BD-2032-4B6C-8521-E3466291AA33}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E734F426-FECF-47D3-B6C6-FBBB1FC7192F}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{A79F7F94-9704-4753-80F6-E36D3AC62CDD}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{DFEBE4BD-E596-44D7-8A8A-7C879BA9CAB6}] => (Allow) D:\SteamLibrary\steamapps\common\Fistful of Frags\sdk\hl2.exe (Valve -> )
FirewallRules: [{DEEF9E60-1CFB-4FE2-8AE7-10AC46151D49}] => (Allow) D:\SteamLibrary\steamapps\common\Fistful of Frags\sdk\hl2.exe (Valve -> )
FirewallRules: [{4B4D949D-569D-4FE2-A5BB-CF9DEEFAA033}] => (Allow) D:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{9317A32F-E917-4F89-B5FB-DCD446E7090C}] => (Allow) D:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [TCP Query User{16F40B6D-EEA0-4EB8-B8E1-01C9A2A97CA0}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [UDP Query User{A2DB0D58-ABFA-4B82-89EB-95539DCE1EB9}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [{CB12C8B9-4E88-4A27-9935-D68C4CFBFD3D}] => (Allow) D:\SteamLibrary\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F18C2CF3-B449-4FDE-9C0B-F27913F6BE25}] => (Allow) D:\SteamLibrary\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1383A508-731A-4C82-9AB3-8719D127DCB5}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{81E8ACF1-4E40-4844-83C6-F49D38E01FAF}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{1EED2439-A953-4DFB-AB4C-B0DB00602F69}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{6A2799A6-9165-4610-837C-C030C5D6927A}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{88B36314-6661-402E-AAB0-CF0DF7F46C87}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [TCP Query User{7702C8A2-6249-4E49-8291-62E4D4CA1060}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F77AFC3F-33AC-4649-B619-904C9E32C4F6}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{783B9C4D-156E-48AA-9B1B-C20BA1665EA5}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{E6D395BC-A464-4A88-A8A0-416F50A66850}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{9E5D0672-A9F3-4A84-9D00-72E8ED58FF28}] => (Allow) D:\SteamLibrary\steamapps\common\F13Game\EAC_Launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6031375D-98F5-4311-950C-1BDFF0BE50F7}] => (Allow) D:\SteamLibrary\steamapps\common\F13Game\EAC_Launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5678EDCC-651E-4576-AEC9-858A1F24DB7A}] => (Allow) D:\SteamLibrary\steamapps\common\People Playground\People Playground.exe () [File not signed]
FirewallRules: [{608353BC-12A8-4C1A-9ED5-2071F787D711}] => (Allow) D:\SteamLibrary\steamapps\common\People Playground\People Playground.exe () [File not signed]
FirewallRules: [{38AF0893-BE62-4633-8B35-ACD4DC8E278B}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{4F64398C-4903-4BD2-8B7D-69757A88DA1F}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{6331A886-7064-4721-989E-44EED6D774CA}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> )
FirewallRules: [{5D8DBD70-6F16-43F0-8ACA-A8F35BA067AD}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> )
FirewallRules: [{CB66FF09-A0B3-4E6E-B6A9-9CF069A185BA}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{6433BCFC-6279-4562-B4FD-79E7001EA0D5}] => (Allow) C:\Users\Intel\AppData\Local\Programs\Opera\94.0.4606.65\opera.exe => No File
FirewallRules: [TCP Query User{6FA660E2-49AC-4AF5-A0C7-E4F23E6966FE}C:\users\intel\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\intel\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{0746804B-22A4-4299-A5B7-E80637E1CB06}C:\users\intel\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\intel\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [{0CF2D509-ABBC-4A7F-8345-812700B242B8}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{6EDC31D8-7905-4037-BEBA-7ACAEB4CE5A7}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{E6F46B69-B3D6-491B-8FA0-FA0C64262735}] => (Allow) C:\Users\Intel\AppData\Local\Programs\Opera\94.0.4606.76\opera.exe => No File
FirewallRules: [{0CC624AF-FA39-4C2C-93D1-BDF79522C6EE}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{10845EF9-7346-4648-86CA-093F5A11F24D}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E2F08D02-48A7-4CAE-A000-35D80ACB120B}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{0B639D7D-4484-4F83-82F7-730A99593B92}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{D7AACE09-4986-4128-9FEA-4676910E40DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3285DF0D-B041-4493-A427-3CE7C99E9549}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7F34046C-51DA-4049-8FE4-89705290CF2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0DCEAD58-70FC-4AE2-91A5-EA2C60B03E48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CD8E65E6-ACE7-411D-AF28-902C50EDF1C7}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{7395E1C2-446E-4217-9561-12B9676AC33A}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [TCP Query User{B4BC6F3B-3621-45DA-95EE-892952AF6533}D:\mega gra\ready or not build.20102022\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) D:\mega gra\ready or not build.20102022\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [File not signed]
FirewallRules: [UDP Query User{D24019A2-A96E-4E07-A516-341E346F1AFA}D:\mega gra\ready or not build.20102022\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) D:\mega gra\ready or not build.20102022\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [File not signed]
FirewallRules: [{CF59F7BA-4F32-424E-AB35-D6391BD7D6C2}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{3679BEA3-36C3-4B1B-8886-4C46E2001F9B}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{A9F5983A-A5AC-496E-8F28-A1FBC78C73DB}D:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User{7C3B5A68-97A5-4F74-A171-10D6741F6E95}D:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [{C5D86689-2C96-4467-8915-A4F4B372514E}] => (Allow) D:\SteamLibrary\steamapps\common\Toribash\toribash.exe () [File not signed]
FirewallRules: [{F54E1EAD-455F-48E6-941E-7C730208F081}] => (Allow) D:\SteamLibrary\steamapps\common\Toribash\toribash.exe () [File not signed]
FirewallRules: [{213A84E8-E42B-408F-9F94-B17965442693}] => (Allow) D:\SteamLibrary\steamapps\common\One-armed cook\OAC.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{79A993ED-6C43-4075-9D4A-8A74641C3CD4}] => (Allow) D:\SteamLibrary\steamapps\common\One-armed cook\OAC.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{7B2F9FEE-0A28-4F89-B022-F2DE2BD7EF1D}D:\steamlibrary\steamapps\common\one-armed cook\oac\binaries\win64\oac.exe] => (Allow) D:\steamlibrary\steamapps\common\one-armed cook\oac\binaries\win64\oac.exe => No File
FirewallRules: [UDP Query User{6871E1A7-AAA8-4401-ACDF-3A3670C4E4C5}D:\steamlibrary\steamapps\common\one-armed cook\oac\binaries\win64\oac.exe] => (Allow) D:\steamlibrary\steamapps\common\one-armed cook\oac\binaries\win64\oac.exe => No File
FirewallRules: [{15C6B1CB-CF72-4409-BC84-00763441E1E7}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{35594E44-5BFB-4979-8351-7CD97F71FF59}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{245955D8-1DEE-4EA4-876B-F070E7E2E066}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{444BE1FC-0DC9-4B07-B7BC-1AE8440515F0}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{8FCF0884-BB28-4DEC-96D3-850DB09C681B}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{0597B9BC-0307-4D0E-9E86-F25CFEAACF11}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{4CA5E106-2D6C-4D2B-878F-059DB989644E}C:\users\intel\appdata\local\ubisoft\r6siege\y7s4.2.0.1pc_c7361317_d1569606_s50031_50497889\2864878807\rainbowsix.exe] => (Allow) C:\users\intel\appdata\local\ubisoft\r6siege\y7s4.2.0.1pc_c7361317_d1569606_s50031_50497889\2864878807\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{675F2370-0352-4B83-8D71-3141D00E5B37}C:\users\intel\appdata\local\ubisoft\r6siege\y7s4.2.0.1pc_c7361317_d1569606_s50031_50497889\2864878807\rainbowsix.exe] => (Allow) C:\users\intel\appdata\local\ubisoft\r6siege\y7s4.2.0.1pc_c7361317_d1569606_s50031_50497889\2864878807\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{6294BA6F-C878-4636-B5B5-BA28ED27C295}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{0D0D2E57-8265-4BB2-B243-94B854E02018}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D14C46A7-1DB3-449E-BDD5-4BB33C34E6A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4A95BC5C-FC63-48BB-A237-9263AF0BDBA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{849F55C7-0FF3-48A7-B74D-D920CD8A0285}C:\users\intel\appdata\local\ubisoft\r6siege\y8s1.0.0_c7422506_d1584938_s50590_52218207\3382260244\rainbowsix.exe] => (Allow) C:\users\intel\appdata\local\ubisoft\r6siege\y8s1.0.0_c7422506_d1584938_s50590_52218207\3382260244\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{C5A38387-5FF8-4B0B-B553-98D5515CD4FC}C:\users\intel\appdata\local\ubisoft\r6siege\y8s1.0.0_c7422506_d1584938_s50590_52218207\3382260244\rainbowsix.exe] => (Allow) C:\users\intel\appdata\local\ubisoft\r6siege\y8s1.0.0_c7422506_d1584938_s50590_52218207\3382260244\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{A617798F-2B70-4EE1-9907-ADC9F7F7C7C0}D:\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [UDP Query User{91CC8A53-F9C4-4D40-9B05-9AE6C1E75261}D:\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{3B9C34EA-C53E-4D86-8DD4-0B41CFAACDFC}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{98D81E2A-2350-4D0D-A3D3-AE13FA18ABAE}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{1526B6F0-DCFD-42F0-868B-1776395A5963}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuysEACLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{10196707-E1E6-429C-9BA4-9AD86C358154}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuysEACLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{BF2C4870-9F88-42E3-A19C-C6B2CD62B42E}D:\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [UDP Query User{DA3335A9-2149-48C9-A195-A05171B22DE6}D:\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{8EBA5CDC-C104-4031-B32A-28F1EF34D51A}] => (Allow) D:\SteamLibrary\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [{12310D32-55AE-4BC6-8B94-224A7C30CE5B}] => (Allow) D:\SteamLibrary\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [TCP Query User{A64E1AF8-95F7-4666-B39B-899A04728AF6}D:\steamlibrary\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe (stillalive studios GmbH) [File not signed]
FirewallRules: [UDP Query User{045E0B6F-098D-4D0A-A4AF-0F59CE6AE534}D:\steamlibrary\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe (stillalive studios GmbH) [File not signed]
FirewallRules: [{9EB5739C-91C1-43FB-B4F8-C86A65281730}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.)
FirewallRules: [{EA80BD18-4A50-4D1D-B671-F886615A92A0}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.)
FirewallRules: [{D009D579-C4E0-47F0-ACE7-3ABE0B385C7B}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{308CAF51-2F78-452C-AA8C-3EA4CF3628A6}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{5D281034-84B0-421C-8D18-F7BF3B8460CB}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Coaster\PlanetCoaster.exe (Frontier Developments) [File not signed]
FirewallRules: [{312F9FF5-5ED5-46AF-ABFA-CE0903901FDA}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Coaster\PlanetCoaster.exe (Frontier Developments) [File not signed]
FirewallRules: [{3789D9A1-0522-412A-B07A-E08C99015C21}] => (Allow) D:\SteamLibrary\steamapps\common\Colony Survival\colonyclient.exe () [File not signed]
FirewallRules: [{25D162E5-217F-47C3-BBE2-07572D35F68B}] => (Allow) D:\SteamLibrary\steamapps\common\Colony Survival\colonyclient.exe () [File not signed]
FirewallRules: [TCP Query User{F60CBBB4-DD5A-4C27-B24D-7366E178680A}D:\steamlibrary\steamapps\common\colony survival\colonyserver.exe] => (Allow) D:\steamlibrary\steamapps\common\colony survival\colonyserver.exe () [File not signed]
FirewallRules: [UDP Query User{094876CD-2B37-4BF3-A11B-A3F3EF2E3796}D:\steamlibrary\steamapps\common\colony survival\colonyserver.exe] => (Allow) D:\steamlibrary\steamapps\common\colony survival\colonyserver.exe () [File not signed]
FirewallRules: [{35AF6762-A7ED-409A-8833-D309D5FB9213}] => (Allow) D:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{E8A8A7FC-0EB1-447B-9548-0F5EE1EA271F}] => (Allow) D:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [TCP Query User{35BF8865-DB49-407A-BFB4-BC6BE3676061}D:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{1A82739B-1865-442C-91E2-95F8DEF38DDB}D:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [TCP Query User{388CD13C-FC85-4D0C-9B20-F1FB7114E7AA}D:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [UDP Query User{1B2C4821-1D0E-43CC-B0B2-BD52A132904E}D:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [{4A9C137E-803E-4073-B7BE-1396378F6436}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{05546AD3-E75E-4543-8A2D-53ADD9431933}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{0618261D-F550-481D-B3DE-006E2955BAED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8892565-5931-4742-9AD9-012440B69008}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0E826B5-7E80-492C-BE54-F2CC08979C95}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0FA12B37-9E89-41E3-8A7E-7876F638F863}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A7C0F8D-8AA9-4D4E-A0A3-C96E52005993}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DE40B3D-3A80-4709-9D4B-ACF889D54F84}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2AC0F1C0-B18B-44BB-9112-2F2E9A1FB182}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{02AB93D0-C888-4A82-B503-C065F34010A5}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [TCP Query User{B27683B3-934A-49A3-8F90-5509490FD4D0}C:\program files (x86)\imyfone magicmic\magicmic.exe] => (Allow) C:\program files (x86)\imyfone magicmic\magicmic.exe => No File
FirewallRules: [UDP Query User{7C0148DA-7646-4142-83AF-6696A30EAF67}C:\program files (x86)\imyfone magicmic\magicmic.exe] => (Allow) C:\program files (x86)\imyfone magicmic\magicmic.exe => No File
FirewallRules: [{CCAA287E-CEC9-4B28-A40D-D85C5D756D33}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B5AE503-686B-4A17-B04A-DCDF512334E0}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.27\OverwolfBrowser.exe => No File
FirewallRules: [{9ECECFD1-F046-4246-A1CE-8E6E6B89D5AD}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.27\OverwolfBrowser.exe => No File
FirewallRules: [{EE59861E-2E37-4A3D-953D-F8C131906183}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.27\OverwolfBrowser.exe => No File
FirewallRules: [{0A70FFDF-1773-4E57-AF92-9A2CAF6720BE}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.27\OverwolfBrowser.exe => No File
FirewallRules: [{56B50399-D6E4-45F6-8A69-953B974CFBF3}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B8C02358-75EF-4116-A51F-FF8E38607652}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{16AE0B35-DC2F-4CEB-8B5B-20EF2042702D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D075934C-F977-4A15-A738-0ED409CD8C2E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AE2FE485-B4A1-4A9A-A81E-DEEB0A8EEBFE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9BD6E83F-2880-4F6D-BBD5-602590C91715}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0591A673-A2C1-4B35-B1B7-567377781820}] => (Allow) C:\Users\Intel\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{C17AAAC5-1BF1-45A3-B080-D4C5B477072E}] => (Allow) C:\Users\Intel\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{BB6B7D00-4716-41FF-B66E-1C330DFCE8BE}] => (Allow) C:\Users\Intel\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{924B521E-04C9-4F5F-BF1F-21BEF8BCA163}] => (Allow) C:\Users\Intel\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{3B169B08-EE38-42D2-9943-385FDFD1FC3D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DCB5E1BD-179D-4368-96F1-110CEE09155E}] => (Allow) D:\SteamLibrary\steamapps\common\FPS Chess\FPSChess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A292F5E9-AE8D-4B67-B1D4-567D49A15DB1}] => (Allow) D:\SteamLibrary\steamapps\common\FPS Chess\FPSChess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{4636DF00-E861-426B-A3B9-D42F451DE898}C:\users\intel\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\intel\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{4729A038-68CB-4F11-8567-0CD64EE4A81F}C:\users\intel\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\intel\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
==================== Restore Points =========================
19-05-2023 15:20:56 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/19/2023 08:19:31 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/19/2023 01:51:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.19041.546, časové razítko: 0x1d3a15e7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2913, časové razítko: 0xa1c3e870
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d862
ID chybujícího procesu: 0x21fc
Čas spuštění chybující aplikace: 0x01d98a482ce51097
Cesta k chybující aplikaci: C:\Windows\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: ed4a2b1a-bb20-48ae-9914-31beefa25e61
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.23032.186.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (05/18/2023 08:19:31 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/18/2023 06:12:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: colonyclient.exe, verze: 2021.3.14.57736, časové razítko: 0x637b4803
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000082
ID chybujícího procesu: 0x2bd4
Čas spuštění chybující aplikace: 0x01d989a346de0b91
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Colony Survival\colonyclient.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: ece8ad0f-df01-45a0-82df-7606cd1ccac2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/18/2023 04:37:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FiveM.exe, verze: 2.0.0.6423, časové razítko: 0x644ce64f
Název chybujícího modulu: libcef.dll, verze: 103.0.0.0, časové razítko: 0x62d9e8bc
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000008907675
ID chybujícího procesu: 0x1018
Čas spuštění chybující aplikace: 0x01d9899647ca2873
Cesta k chybující aplikaci: C:\Users\Intel\AppData\Local\FiveM\FiveM.exe
Cesta k chybujícímu modulu: C:\Users\Intel\AppData\Local\FiveM\FiveM.app\bin\libcef.dll
ID zprávy: 05f7d914-ebbf-4fb0-9754-f296ebe4a8d3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/17/2023 08:19:31 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/17/2023 06:28:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x6438d9d4
Název chybujícího modulu: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x6438d9d4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000f68539
ID chybujícího procesu: 0xea8
Čas spuštění chybující aplikace: 0x01d988d94310f028
Cesta k chybující aplikaci: D:\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: D:\rocketleague\Binaries\Win64\RocketLeague.exe
ID zprávy: 10ccc848-c297-4027-876c-5e9d9014cc34
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/16/2023 08:19:32 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
System errors:
=============
Error: (05/20/2023 08:42:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TSUL98F)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/20/2023 08:06:36 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2
Error: (05/20/2023 08:06:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:59:44, 19.05.2023) bylo neočekávané.
Error: (05/20/2023 08:06:35 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (05/19/2023 03:23:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TSUL98F)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/19/2023 01:59:32 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2
Error: (05/19/2023 01:50:41 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2
Error: (05/18/2023 07:15:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TSUL98F)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2023-05-19 13:28:56
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/OfferCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Intel\Downloads\utorrent_installer(1).exe; file:_C:\Users\Intel\Downloads\utorrent_installer.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-TSUL98F\Intel
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.389.1824.0, AS: 1.389.1824.0, NIS: 1.389.1824.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-19 13:28:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/OfferCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Intel\Downloads\utorrent_installer.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-TSUL98F\Intel
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.389.1824.0, AS: 1.389.1824.0, NIS: 1.389.1824.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-19 13:28:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/uTorrent_BundleInstaller
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Intel\Downloads\utweb_installer(1).exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-TSUL98F\Intel
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.389.1824.0, AS: 1.389.1824.0, NIS: 1.389.1824.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-18 20:32:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BEAD0B5B-6EB9-4EA1-9CE5-656DFDEF5D65}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-05-17 18:19:53
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/uTorrent_BundleInstaller
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Intel\Downloads\utweb_installer(1).exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT Authority\System
Název procesu: System
Verze bezpečnostních informací: AV: 1.389.1592.0, AS: 1.389.1592.0, NIS: 1.389.1592.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
Event[0]:
Date: 2023-05-17 14:25:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Intel\Desktop\Installer\Setup.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-TSUL98F\Intel
Název procesu: C:\Windows\explorer.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508033
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.389.1592.0, AS: 1.389.1592.0, NIS: 1.389.1592.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
CodeIntegrity:
===============
Date: 2023-02-18 20:41:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. F7c 01/24/2022
Motherboard: Gigabyte Technology Co., Ltd. Z590 GAMING X
Processor: Intel(R) Core(TM) i7-10700F CPU @ 2.90GHz
Percentage of memory in use: 47%
Total physical RAM: 16251.66 MB
Available physical RAM: 8604.97 MB
Total Virtual: 27003.66 MB
Available Virtual: 13702.55 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:465.15 GB) (Free:58.87 GB) (Model: KINGSTON SNVS500G) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:150.61 GB) (Model: TOSHIBA HDWD110) NTFS
\\?\Volume{d2564b85-3517-4e48-8ed6-eecceb906c84}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{50535065-cde3-410f-addd-9d2abe43dbc6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
prosím o kontrolu logu.
Děkuji a přeji hezký den
Helena
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-05-2023
Ran by Intel (administrator) on DESKTOP-TSUL98F (Gigabyte Technology Co., Ltd. Z590 GAMING X) (20-05-2023 11:45:10)
Running from C:\Users\Intel\Downloads\FRST64.exe
Loaded Profiles: Intel
Platform: Microsoft Windows 10 Home Version 21H2 19044.2965 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <3>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.223.0.30\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.223.0.30\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe <5>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\Intel\AppData\Local\Overwolf\ProcessCache\0.223.0.30\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\LibreOffice\program\soffice.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\TeamViewer\TeamViewer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe <6>
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\Medal.exe ->) (Ferox Games B.V. -> ) C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\Medal.exe
(C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\Medal.exe ->) (Ferox Games B.V. -> Ferox Games B.V.) C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\MedalEncoder.exe
(C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\MedalEncoder.exe ->) () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\crashpad_handler.exe
(D:\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming Group Limited -> Wargaming.net) D:\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(D:\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) D:\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(Discord Inc. -> Discord Inc.) C:\Users\Intel\AppData\Local\Discord\app-1.0.9013\Discord.exe <6>
(explorer.exe ->) () [File not signed] C:\Program Files\BakkesMod\BakkesMod.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(explorer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Wargaming Group Limited -> Wargaming.net) D:\Wargaming.net\GameCenter\wgc.exe
(Ferox Games B.V. -> Medal B.V.) C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\Medal.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_5c2831a2e251017a\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_85cff5320735903d\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_85cff5320735903d\RtkAudUService64.exe [3378592 2021-10-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-05-03] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Discord] => C:\Users\Intel\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37132752 2023-05-18] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Medal] => C:\Users\Intel\AppData\Local\Medal\update.exe [1974192 2022-07-08] (Ferox Games B.V. -> )
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Spotify] => C:\Users\Intel\AppData\Roaming\Spotify\Spotify.exe [20403576 2023-05-16] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3545608 2023-04-21] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262376 2023-05-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Wargaming.net Game Center] => D:\Wargaming.net\GameCenter\wgc.exe [2181912 2023-04-20] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [BakkesMod] => C:\Program Files\BakkesMod\BakkesMod.exe [15850496 2023-01-23] () [File not signed]
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2023-05-14] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\MountPoints2: {204aa1e5-d4fb-11ec-8bd6-806e6f6e6963} - "D:\Run.exe"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3545608 2023-04-21] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\113.0.5672.127\Installer\chrmstp.exe [2023-05-19] (Google LLC -> Google LLC)
Startup: C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 7.3.lnk [2022-05-17]
ShortcutTarget: LibreOffice 7.3.lnk -> C:\Program Files\LibreOffice\program\quickstart.exe (The Document Foundation -> The Document Foundation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AA566E7-180C-4812-9CB8-7E7FFDCF4EF9} - System32\Tasks\Opera scheduled Autoupdate 1673706723 => C:\Users\Intel\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-19] (Opera Norway AS -> Opera Software)
Task: {150F9039-CB99-4376-9F7A-BFD7A4F1C5FA} - System32\Tasks\Opera scheduled Autoupdate 1656701534 => C:\Users\Intel\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-19] (Opera Norway AS -> Opera Software)
Task: {1AFE49A1-BCE2-4E11-BEB8-C0ABB86E564C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {47BF492B-45E7-4B7B-BF80-AA4263D2CE01} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {4B71E528-7752-486B-A8B5-666597DDF2BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2023-05-16] (Google Inc -> Google Inc.)
Task: {4D91F9CD-99B7-4CE7-856E-5C5D6A979B67} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-05-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {51BADF75-8891-4106-A6A2-48D7E74AA694} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2639880 2023-05-14] (Overwolf Ltd -> Overwolf LTD)
Task: {52A2BD8D-535B-45DE-A3CB-E9BA4347C306} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5CF6035E-E507-4E20-A9D8-F9BBC48F8143} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6387CB97-7A8D-4B71-BF3B-3460507874F6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {679FC4D3-60AD-4B4A-9F49-A604C5DC2640} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86A49E31-5085-492E-B94C-DB31A8749740} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92072189-BD1A-4834-8D87-EB363CE83194} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B3D9CAF-8203-43CC-A6E5-E0526F6C035C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2023-05-16] (Google Inc -> Google Inc.)
Task: {AF6A091A-4535-43B0-A432-849F3BDE93BC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DE53F3E3-94CC-435B-978A-D784D6C4A92F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8FBD395-C244-446E-9200-CC87B6092C6B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e2c2d162-5266-46bc-974f-43cc7c539e26}: [DhcpNameServer] 192.168.35.74
Tcpip\..\Interfaces\{f68a9da5-c189-48e0-bdd8-f09b8abb689e}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Intel\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-19]
FireFox:
========
FF DefaultProfile: 1idujhgd.default
FF ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Firefox\Profiles\1idujhgd.default [2022-05-16]
FF ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Firefox\Profiles\k7234vfb.default-release [2023-05-20]
FF Notifications: Mozilla\Firefox\Profiles\k7234vfb.default-release -> hxxps://aternos.org
FF Extension: (uBlock Origin) - C:\Users\Intel\AppData\Roaming\Mozilla\Firefox\Profiles\k7234vfb.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-05-03]
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2022-07-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2022-07-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default [2023-05-16]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-16]
Opera:
=======
OPR Profile: C:\Users\Intel\AppData\Roaming\Opera Software\Opera Stable [2023-05-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Intel\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-01-14]
OPR Extension: (Opera Wallet) - C:\Users\Intel\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-18]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Intel\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-01-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-05-06] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2023-02-14] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943016 2023-04-01] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-03-29] (Epic Games Inc. -> Epic Games, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9255384 2023-05-19] (Malwarebytes Inc. -> Malwarebytes)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2639880 2023-05-14] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2005416 2023-04-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [518576 2023-04-20] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297488 2023-04-20] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2196464 2023-02-24] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2023-03-15] (Razer USA Ltd. -> Razer Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [17029944 2023-05-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11023152 2023-05-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [30728 2022-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [41480 2022-05-17] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [199640 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77752 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-05-19] (Malwarebytes Inc. -> Malwarebytes)
R3 MFDriver_Driver; C:\Windows\system32\drivers\MFDriver.sys [32224 2023-05-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2022-05-17] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_006b; C:\Windows\System32\drivers\RzDev_006b.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\Windows\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22676992 2023-05-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VOICEMOD_Driver; C:\Windows\system32\drivers\mvvad.sys [48144 2022-07-26] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 GVCIDrv; \??\C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-20 11:45 - 2023-05-20 11:45 - 000026764 _____ C:\Users\Intel\Downloads\FRST.txt
2023-05-20 11:44 - 2023-05-20 11:45 - 000000000 ____D C:\FRST
2023-05-20 11:43 - 2023-05-20 11:43 - 002382336 _____ (Farbar) C:\Users\Intel\Downloads\FRST64(1).exe
2023-05-20 11:42 - 2023-05-20 11:44 - 002382336 _____ (Farbar) C:\Users\Intel\Downloads\FRST64.exe
2023-05-19 18:01 - 2023-05-19 18:01 - 000000000 ____D C:\ProgramData\PLUG
2023-05-19 15:21 - 2023-05-19 15:21 - 000000000 ____D C:\Users\Intel\AppData\Local\FPSChess
2023-05-19 14:01 - 2023-05-19 14:01 - 000000000 ____D C:\Program Files\RUXIM
2023-05-19 13:59 - 2023-05-19 13:59 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-05-19 13:55 - 2023-05-19 13:55 - 000001085 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2023-05-19 13:55 - 2023-05-19 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2023-05-19 13:55 - 2023-05-19 13:55 - 000000000 ____D C:\Program Files\VS Revo Group
2023-05-19 13:48 - 2023-05-20 08:07 - 000000000 ____D C:\Users\Intel\AppData\Local\Malwarebytes
2023-05-19 13:48 - 2023-05-19 13:48 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-05-19 13:48 - 2023-05-19 13:48 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-05-19 13:48 - 2023-05-19 13:48 - 000000000 ____D C:\Users\Intel\AppData\Local\mbam
2023-05-19 13:47 - 2023-05-19 13:47 - 002638680 _____ (Malwarebytes) C:\Users\Intel\Downloads\MBSetup.exe
2023-05-19 13:47 - 2023-05-19 13:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-05-19 13:47 - 2023-05-19 13:47 - 000000000 ____D C:\Program Files\Malwarebytes
2023-05-17 09:00 - 2023-05-17 09:00 - 000000000 ____D C:\ProgramData\KONAMI
2023-05-17 08:54 - 2023-05-17 08:56 - 000000000 ____D C:\Users\Intel\Documents\KONAMI
2023-05-16 12:13 - 2023-05-20 11:32 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-16 12:13 - 2023-05-19 18:27 - 000003768 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-05-16 12:13 - 2023-05-19 18:27 - 000003644 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-05-16 12:13 - 2023-05-19 14:13 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-16 12:13 - 2023-05-19 13:19 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-05-16 12:13 - 2023-05-16 12:13 - 000000000 ____D C:\Users\Intel\AppData\LocalLow\uTorrent.WebView2
2023-05-16 12:13 - 2023-05-16 12:13 - 000000000 ____D C:\Users\Intel\AppData\Local\Google
2023-05-16 12:13 - 2023-05-16 12:13 - 000000000 ____D C:\Program Files\Google
2023-05-16 12:12 - 2023-05-19 13:50 - 000000000 ____D C:\Users\Intel\AppData\Roaming\utorrent
2023-05-16 11:57 - 2023-05-20 08:06 - 000000000 ____D C:\Program Files\TeamViewer
2023-05-16 11:57 - 2023-05-17 19:31 - 000000895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2023-05-16 11:57 - 2023-05-16 12:00 - 000000000 ____D C:\Users\Intel\AppData\Local\TeamViewer
2023-05-16 11:57 - 2023-05-16 11:57 - 052554872 _____ (TeamViewer Germany GmbH) C:\Users\Intel\Downloads\TeamViewer_Setup_x64.exe
2023-05-16 11:57 - 2023-05-16 11:57 - 000000883 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2023-05-14 10:52 - 2023-05-14 10:52 - 116269360 _____ (Voicemod S.L. ) C:\Users\Intel\Downloads\VoicemodSetup_2.41.0.0.exe
2023-05-14 10:46 - 2023-05-19 14:13 - 053220864 _____ C:\ProgramData\MFCoreEff.dll
2023-05-14 10:46 - 2023-05-14 10:46 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Polyverse
2023-05-14 10:45 - 2023-05-14 10:45 - 000000000 ____D C:\Users\Intel\Documents\iMyFone MagicMic
2023-05-14 10:45 - 2023-05-14 10:45 - 000000000 ____D C:\Users\Intel\AppData\Local\ProductData
2023-05-14 10:45 - 2023-05-14 10:45 - 000000000 ____D C:\Users\Intel\AppData\Local\MagicMic
2023-05-14 10:44 - 2023-05-14 10:44 - 004704536 _____ C:\Users\Intel\Downloads\magicmic_setup-com_filme.exe
2023-05-14 10:44 - 2023-05-14 10:44 - 000000000 ____D C:\Program Files (x86)\imyfone_down
2023-05-13 14:39 - 2023-05-13 14:39 - 000000000 ____D C:\Users\Intel\AppData\Local\VALORANT
2023-05-13 14:38 - 2023-05-20 08:09 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-05-13 14:16 - 2023-05-19 13:50 - 000000000 ____D C:\Program Files\Riot Vanguard
2023-05-12 16:04 - 2023-05-12 16:04 - 000000000 ___HD C:\$WinREAgent
2023-05-07 18:49 - 2023-05-07 18:50 - 000000000 ____D C:\Users\Intel\Desktop\Ostatní
2023-05-07 18:48 - 2023-05-07 18:51 - 000000000 ____D C:\Users\Intel\Desktop\Launchery
2023-05-07 18:44 - 2023-05-07 18:51 - 000000000 ____D C:\Users\Intel\Desktop\Softwary
2023-05-07 18:42 - 2023-05-19 18:25 - 000000000 ____D C:\Users\Intel\Desktop\Hry
2023-05-07 09:45 - 2023-05-16 09:07 - 000000000 ____D C:\Program Files (x86)\Overwolf
2023-05-07 09:45 - 2023-05-07 09:45 - 000004408 _____ C:\Windows\system32\Tasks\Overwolf Updater Task
2023-05-07 09:45 - 2023-05-07 09:45 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2023-05-07 09:45 - 2023-05-07 09:45 - 000000000 ____D C:\ProgramData\Overwolf
2023-05-07 09:44 - 2023-05-07 09:44 - 002398240 _____ (Overwolf Ltd.) C:\Users\Intel\Downloads\Porofessor.gg - Installer(1).exe
2023-05-06 16:58 - 2023-05-06 16:58 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Overwolf
2023-05-06 16:55 - 2023-05-20 08:07 - 000000000 ____D C:\Users\Intel\AppData\Local\Overwolf
2023-05-06 16:55 - 2023-05-06 16:55 - 002398240 _____ (Overwolf Ltd.) C:\Users\Intel\Downloads\Porofessor.gg - Installer.exe
2023-05-01 10:01 - 2023-05-13 14:15 - 000000000 ____D C:\Riot Games
2023-05-01 10:01 - 2023-05-01 10:01 - 071456512 _____ (Riot Games, Inc.) C:\Users\Intel\Downloads\Install League of Legends eune.exe
2023-04-30 18:55 - 2023-04-30 18:55 - 000000000 ____D C:\Users\Intel\AppData\Local\Daedalic Entertainment GmbH
2023-04-30 18:47 - 2023-04-30 18:49 - 1058319750 _____ C:\Users\Intel\Downloads\Barotrauma.v1.0.9.0.rar
2023-04-25 19:07 - 2023-04-25 19:07 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2023-04-22 09:35 - 2023-05-19 14:13 - 000000883 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BakkesMod.lnk
2023-04-22 09:35 - 2023-04-22 09:36 - 000000000 ____D C:\Users\Intel\AppData\Roaming\bakkesmod
2023-04-22 09:35 - 2023-04-22 09:35 - 008168841 _____ C:\Users\Intel\Downloads\BakkesModSetup.zip
2023-04-22 09:35 - 2023-04-22 09:35 - 000000000 ____D C:\Program Files\BakkesMod
2023-04-21 16:31 - 2023-04-21 16:31 - 000000000 ____D C:\Users\Intel\AppData\Local\EpicOnlineServicesUIHelper
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-20 11:43 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-05-20 11:42 - 2022-05-16 12:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-20 11:41 - 2022-05-19 17:42 - 000000000 ____D C:\Program Files (x86)\Steam
2023-05-20 11:38 - 2022-06-20 21:17 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Medal
2023-05-20 11:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-20 11:29 - 2022-05-16 10:47 - 000000000 ____D C:\Users\Intel\AppData\Local\D3DSCache
2023-05-20 11:07 - 2022-05-19 17:55 - 000000000 ____D C:\Users\Intel\AppData\Local\Discord
2023-05-20 10:51 - 2022-11-25 16:31 - 000000000 ____D C:\ProgramData\Riot Games
2023-05-20 08:13 - 2022-07-03 18:19 - 000000000 ___HD C:\Users\Intel\Downloads\.opera
2023-05-20 08:13 - 2022-07-03 18:19 - 000000000 ___HD C:\Users\Intel\.opera
2023-05-20 08:13 - 2022-05-16 10:38 - 001693136 _____ C:\Windows\system32\PerfStringBackup.INI
2023-05-20 08:13 - 2019-12-07 16:41 - 000716764 _____ C:\Windows\system32\perfh005.dat
2023-05-20 08:13 - 2019-12-07 16:41 - 000144942 _____ C:\Windows\system32\perfc005.dat
2023-05-20 08:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-05-20 08:13 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-05-20 08:07 - 2022-11-22 20:45 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Microsoft\Skype for Desktop
2023-05-20 08:07 - 2022-07-08 11:41 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Spotify
2023-05-20 08:07 - 2022-06-20 21:17 - 000000000 ____D C:\Users\Intel\Documents\Medal
2023-05-20 08:07 - 2022-06-20 21:17 - 000000000 ____D C:\Medal
2023-05-20 08:07 - 2022-05-19 17:55 - 000000000 ____D C:\Users\Intel\AppData\Roaming\discord
2023-05-20 08:07 - 2022-05-16 11:52 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-20 08:06 - 2022-05-16 10:32 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-20 08:06 - 2022-05-16 10:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-05-20 08:06 - 2022-05-16 10:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-05-20 08:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-05-19 15:22 - 2022-06-21 16:09 - 000000000 ____D C:\Users\Intel\AppData\Local\log
2023-05-19 15:21 - 2022-05-16 10:54 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-19 15:20 - 2022-06-07 18:31 - 000000000 ____D C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-05-19 14:13 - 2022-11-27 16:38 - 000000016 _____ C:\ProgramData\mntemp
2023-05-19 14:13 - 2022-10-11 19:00 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-19 14:13 - 2022-06-01 15:03 - 000001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk
2023-05-19 14:13 - 2022-05-19 17:54 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-05-19 14:13 - 2022-05-16 12:25 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-19 14:13 - 2022-05-16 10:32 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-19 14:01 - 2022-07-08 11:41 - 000000000 ____D C:\Users\Intel\AppData\Local\Spotify
2023-05-19 13:59 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-05-19 13:57 - 2022-05-19 20:57 - 000000000 ____D C:\Users\Intel\AppData\Local\CrashDumps
2023-05-19 13:47 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-05-19 13:19 - 2023-02-18 20:12 - 000000000 ____D C:\Users\Intel\AppData\Local\BitTorrentHelper
2023-05-18 15:54 - 2022-05-17 09:34 - 000000000 ____D C:\Program Files\7-Zip
2023-05-18 15:54 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-17 19:31 - 2022-05-16 11:35 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-05-14 16:06 - 2022-05-16 12:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-05-14 16:06 - 2022-05-16 12:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-13 17:13 - 2022-05-17 11:12 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4045719670-31021591-3592273161-1001
2023-05-13 17:13 - 2022-05-16 10:46 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4045719670-31021591-3592273161-1001
2023-05-13 17:13 - 2022-05-16 10:44 - 000002383 _____ C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-13 16:43 - 2022-05-16 11:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-13 14:39 - 2022-11-25 16:31 - 000000000 ____D C:\Users\Intel\AppData\Local\Riot Games
2023-05-13 14:37 - 2022-11-25 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-05-12 21:19 - 2022-05-16 10:32 - 000456912 _____ C:\Windows\system32\FNTCACHE.DAT
2023-05-12 21:18 - 2019-12-07 16:41 - 000000000 ____D C:\Windows\SysWOW64\cs
2023-05-12 21:18 - 2019-12-07 16:41 - 000000000 ____D C:\Windows\system32\cs
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-05-12 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-05-12 16:09 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-05-12 16:07 - 2022-05-16 10:36 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-05-12 16:04 - 2022-05-16 11:39 - 000000000 ____D C:\Windows\system32\MRT
2023-05-12 16:02 - 2022-05-16 11:39 - 159583304 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-05-12 15:04 - 2022-05-16 10:32 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 15:04 - 2022-05-16 10:32 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-11 21:08 - 2022-11-22 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-05-11 15:58 - 2022-06-20 21:17 - 000000000 ____D C:\Users\Intel\AppData\Local\Medal
2023-05-11 15:58 - 2022-06-20 21:17 - 000000000 ____D C:\Users\Intel\AppData\Local\Ferox_Games_B.V
2023-05-09 20:22 - 2022-05-17 09:32 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-05-09 20:15 - 2022-05-16 11:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-05-05 19:40 - 2022-07-01 20:51 - 000000000 ____D C:\Users\Intel\AppData\Roaming\.tlauncher
2023-05-05 19:02 - 2022-08-18 13:59 - 000000000 ____D C:\Users\Intel\AppData\Local\FiveM
2023-05-03 17:08 - 2022-11-16 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2023-05-03 17:08 - 2022-05-16 10:32 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-05-03 17:06 - 2022-11-16 17:39 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2023-04-30 18:55 - 2023-02-18 22:17 - 000000000 ____D C:\Users\Public\Documents\OnlineFix
2023-04-26 17:15 - 2022-07-01 20:51 - 000000000 ____D C:\Users\Intel\AppData\Roaming\.minecraft
2023-04-25 19:07 - 2022-07-15 17:45 - 000000000 ____D C:\Users\Intel\Documents\My Games
==================== Files in the root of some directories ========
2023-05-14 10:46 - 2023-05-19 14:13 - 053220864 _____ () C:\ProgramData\MFCoreEff.dll
2022-06-29 20:51 - 2023-03-01 19:24 - 000007602 _____ () C:\Users\Intel\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-05-2023
Ran by Intel (20-05-2023 11:46:01)
Running from C:\Users\Intel\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2965 (X64) (2022-05-16 08:34:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4045719670-31021591-3592273161-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4045719670-31021591-3592273161-503 - Limited - Disabled)
Guest (S-1-5-21-4045719670-31021591-3592273161-501 - Limited - Disabled)
Intel (S-1-5-21-4045719670-31021591-3592273161-1001 - Administrator - Enabled) => C:\Users\Intel
WDAGUtilityAccount (S-1-5-21-4045719670-31021591-3592273161-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod)
BurnAware Free 15.4 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
Discord (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{5509B79F-D323-4265-941C-C4402A915A38}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.32 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{acfd3daa-8cad-4514-bc73-64a154033052}) (Version: 1.0.3.32 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{97f3a665-a91b-4def-91e2-97fec9f22bfa}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.8.0 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{7eeee667-b295-4acd-9a4e-1160421db765}) (Version: 1.0.8.0 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
FiveM (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.127 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM\...\{89D00C61-DC40-4846-B938-E2E6158EDAAA}) (Version: 10.1.18836.8283 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 - Intel(R) Corporation)
Intel(R) LMS (HKLM\...\{EBE07B2C-43AB-4FA7-9783-D07C6A1124DE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2105.15.0.2155 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{39479C27-85A6-40FF-BEFC-1F27F824F303}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{BC46A079-3405-414F-8157-B7C1FC40AAA3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{469E67E3-F4BD-4EC7-B5F2-81CF63A1A25C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{3717BB4D-8085-4A84-8952-8CC8F988DC39}) (Version: 30.100.2051.37 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2051.37 - Intel Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Kingston SSD Manager x64 1.5.1.8 (HKLM-x32\...\{53F657CD-C4FC-4DCD-826E-6862917532AC}_is1) (Version: 1.5.1.8 - @2021 Kingston Digital, Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
LibreOffice 7.3.3.2 (HKLM\...\{2C4A93B5-0849-44CC-8302-C73E05930E93}) (Version: 7.3.3.2 - The Document Foundation)
Malwarebytes version 4.5.29.268 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.29.268 - Malwarebytes)
Medal (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Medal) (Version: 4.1687.0 - Medal B.V.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\OneDriveSetup.exe) (Version: 23.086.0423.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 113.0.1 (x64 cs)) (Version: 113.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 100.0 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.223.0.30 - Overwolf Ltd.)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Porofessor.gg (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.290 - Overwolf app)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.0428.042117 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9257.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.050.0511.2021 - Realtek)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Riot Client (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.70.1389 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.7 - Rockstar Games)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Skype verze 8.97 (HKLM-x32\...\Skype_is1) (Version: 8.97 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Spotify) (Version: 1.2.11.916.geb595a67 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.8.4 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.8.4 - General Workings, Inc.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.41.9 - TeamViewer)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.86 - TLauncher Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\Wargaming.net Game Center) (Version: 23.1.0.2222 - Wargaming.net)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\2135834465) (Version: - Wargaming.net)
Packages:
=========
Crosshair V2 -> C:\Program Files\WindowsApps\47492CenterpointGaming.CrosshairV2_1.0.15.0_neutral__rz8d8f65gztyc [2023-01-27] (CenterPoint Gaming)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-27] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-08-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-08-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-18] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.258.0_x64__dt26b99r8h8gj [2022-05-17] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-23] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4045719670-31021591-3592273161-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-05-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-05-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-03-02 08:55 - 2023-02-27 22:39 - 001393152 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2023-03-18 10:08 - 2023-05-13 10:21 - 000021504 _____ () [File not signed] [File is in use] C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\node_modules\@get-wrecked\iframe-editor\medalWrapper\build-1.0.217\assemblies\DllBridge.dll
2022-07-08 11:39 - 2023-05-13 10:21 - 000208896 _____ () [File not signed] \\?\C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\node_modules\ffi-napi\build\Release\ffi_bindings.node
2022-07-08 11:39 - 2023-05-13 10:21 - 000195584 _____ () [File not signed] \\?\C:\Users\Intel\AppData\Local\Medal\app-4.1687.0\resources\app\node_modules\ref-napi\prebuilds\win32-x64\electron.napi.node
2022-05-19 17:43 - 2022-11-07 12:17 - 000387072 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-05-19 17:43 - 2022-11-07 12:17 - 008052736 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 000467456 _____ () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\libmbedcrypto.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 000182272 _____ () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\libmbedtls.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 000061440 _____ () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\libmbedx509.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 001332736 _____ () [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\sqlcipher.DLL
2023-05-17 14:23 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 001009152 _____ (Medal B.V.) [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\medal.device.windows.x64.dll
2023-05-11 15:58 - 2023-05-11 15:58 - 000785408 _____ (Medal B.V.) [File not signed] C:\Users\Intel\AppData\Local\Medal\recorder-3.656.0\DLLs\Medal.Log.x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:err [1762]
AlternateDataStreams: C:\Users\All Users:err [1762]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1762]
AlternateDataStreams: C:\ProgramData\MFCoreEff.dll:C215A52614 [3442]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BakkesMod.lnk:14E057C8D9 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk:C7FE7E9A98 [3442]
AlternateDataStreams: C:\Users\Intel\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8206]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2022-07-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2022-07-01] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-4045719670-31021591-3592273161-1001\...\StartupApproved\Run: => "Voicemod"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6A1011D0-AA93-46D7-ACB0-C39FFB2D864B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{26E13982-3880-4F8B-9198-606820CC024D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{19B628C8-E03E-44CB-B922-57E49AEF4037}] => (Allow) LPort=9009
FirewallRules: [{DDBDFD2E-5B44-4207-A5C1-C7D22FC015FD}] => (Allow) LPort=9009
FirewallRules: [{5CB0175D-7E54-4A1E-AB1C-0BD34F67CA68}] => (Allow) LPort=9009
FirewallRules: [{EBF67DD6-2790-49B2-B7C3-9A6BEA7E31EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{281CAA13-B315-4498-9680-3881C4CDEC36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A97300F7-E51C-4ACE-BC40-D9CE9D677EF6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{712EF3A8-84BE-43A3-B30D-03FC60B00A4C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{47F3DB4F-E889-45D1-8770-3BE584119FCE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EDE23D7E-7552-4142-B053-3CE26BB015E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{F13C21A9-C620-4141-9282-066B80DFD2E7}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{6D265005-9C98-4E0E-AFC5-73DB276139B1}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{0839E3B0-B704-4D22-AA4A-028E030C8570}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{E45D6EC7-4430-43BC-A3E5-19EDF0057F82}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{EDF6C5E9-EE4E-427C-BC7C-8FEE18CAE847}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{CB302779-179E-4D8B-87F4-1264ABE65F65}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{4757D081-3537-46E0-B350-8F67B726F478}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{D8260D91-77A7-4B4C-ABCC-01D1D1FADE5C}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{0FBEA44F-65B6-4289-A409-624B995BFCEA}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{E3DBACBA-1654-4294-B138-720C9F5A42DF}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{AFFEE993-0FDE-491A-906A-96B26844D8AC}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{B7091B0E-1396-4BA1-A1CF-A809406A7E25}C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\intel\desktop\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{01B623F6-B0A5-442A-9768-5308CA64C8ED}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{F0C12C3C-C2B7-4867-80D7-FACD192A7487}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{7A98231E-49EF-4072-B191-B0CD43B1075F}C:\users\intel\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\intel\appdata\local\medal\app-4.1000.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [UDP Query User{0B06EAB3-63DE-495D-9BEE-14AD5C81F14E}C:\users\intel\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\intel\appdata\local\medal\app-4.1000.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [TCP Query User{159E019C-F5F9-4C61-A545-447592A18144}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{044440E8-1F4D-4DF4-BF48-424D4C83F8FE}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{F76802BF-36C5-49DC-ABD7-AB3EFDACFB81}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{B2CEBAE6-2584-45A6-B17C-9DC0999EBEF5}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{0A9643A3-AEFB-4FD4-BF9A-E56A65D0C10B}] => (Allow) C:\Users\Intel\AppData\Local\Programs\Opera\88.0.4412.53\opera.exe => No File
FirewallRules: [TCP Query User{AF750022-B9AF-45E3-88ED-737CF7232D14}C:\users\intel\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{EF42914E-70AB-4025-8723-7E7D5CD09D58}C:\users\intel\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{7B7FFB50-0CF4-4BA0-93D2-E28F33F14165}C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{AC046230-42F8-4519-9BC6-E62096CDDB8A}C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{AD854C57-8168-451A-9E10-FB2F9A6F18FB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C21EFB41-B945-4E91-B626-4BF20009C11D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E0224B89-BC76-4B3F-A74E-7D54EEA18336}C:\users\intel\appdata\local\medal\app-4.1687.0\medal.exe] => (Allow) C:\users\intel\appdata\local\medal\app-4.1687.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [UDP Query User{F702D9B5-899E-41D4-9CA6-97222372D7C2}C:\users\intel\appdata\local\medal\app-4.1687.0\medal.exe] => (Allow) C:\users\intel\appdata\local\medal\app-4.1687.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [TCP Query User{E4B3D147-D2C4-43BC-964A-ED75090163AD}C:\users\intel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\intel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C4ABB032-4699-4387-A44A-D24D1A86D921}C:\users\intel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\intel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{32C1B923-A2D8-4E35-BFF2-C8CF9BDC7254}C:\users\intel\appdata\local\fivem\fivem.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{863D4CFE-050C-4535-9017-124BF1A87A3A}C:\users\intel\appdata\local\fivem\fivem.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{B4CE235D-3B62-45A9-A6F5-F3D1F65A1E1F}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [UDP Query User{6EA2B509-FBD4-4E6E-9689-D83B5AE45EB1}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [TCP Query User{DC8F7AA6-0A8D-4A26-B17A-4651E5E15C34}C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{3CBC480B-5BE6-4101-85FD-D3EB3D16A5F9}C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{A21C7C26-F804-47D3-9BBE-8A1FC266BDC8}] => (Block) C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{146C7513-786E-44BD-93B4-EB367D276399}] => (Block) C:\users\intel\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{A6C1CBDA-0A3C-476A-B0CC-F5B6A40D518B}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{4DDEBFE6-332D-4AE5-B236-420C2AB9BA69}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{0B18DFCF-86E5-487E-9C73-C9FEB1EF2801}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{C4ED63A7-9120-45F3-8DB9-D98078457AFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{794FFFD6-B8F6-496A-B39C-C965C113944D}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [TCP Query User{ED9C5183-C26B-4976-B995-3CA067F09DD1}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{23493769-282B-4F51-A939-C3242E20DB8C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{DFA43C0A-4CFF-4757-A1CB-0B1A9B08CCD7}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{30C1D12A-FF15-4ABA-A622-ADD6DF080C28}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{A087F31B-0C7C-4C51-B6A1-ED5C85889238}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{9FC03185-D7E6-45FB-B54C-89589A179D74}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{52A5BF59-4C5D-4DBF-AECF-1764872ACAE2}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{748F41AF-339A-40CD-A74F-404C7ACEDDA9}C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\intel\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{0E9411B2-271A-4E63-A90C-ABE90188A925}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{BBBD5271-5BE4-4F1D-A8DA-F3AB8221ECA7}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{44ABBCB3-8604-4ABE-8A72-0F2013E2390E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlapshotRebound\Slapshot.exe () [File not signed]
FirewallRules: [{3278FF21-5788-48EE-A0E5-CDCEA1651DCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlapshotRebound\Slapshot.exe () [File not signed]
FirewallRules: [TCP Query User{DDB4E24E-AA51-4081-9A07-B14027098B06}C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{691D97E8-728E-4EA3-8AF0-3868817D0671}C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\intel\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{E68963C6-7DB1-4A78-853C-F8B258E9C33A}D:\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A6E176D-E5AA-429C-ADC3-5C934692428F}D:\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{4695A77E-21F8-454D-82D7-CE4793EE96E8}] => (Allow) D:\SteamLibrary\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [{5DA3CDDF-0F59-4554-861A-4F4DB475E8FD}] => (Allow) D:\SteamLibrary\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [TCP Query User{CDB0E561-03E0-4028-96CE-018D8E0EE6D1}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FF32D3BD-2032-4B6C-8521-E3466291AA33}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E734F426-FECF-47D3-B6C6-FBBB1FC7192F}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{A79F7F94-9704-4753-80F6-E36D3AC62CDD}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{DFEBE4BD-E596-44D7-8A8A-7C879BA9CAB6}] => (Allow) D:\SteamLibrary\steamapps\common\Fistful of Frags\sdk\hl2.exe (Valve -> )
FirewallRules: [{DEEF9E60-1CFB-4FE2-8AE7-10AC46151D49}] => (Allow) D:\SteamLibrary\steamapps\common\Fistful of Frags\sdk\hl2.exe (Valve -> )
FirewallRules: [{4B4D949D-569D-4FE2-A5BB-CF9DEEFAA033}] => (Allow) D:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{9317A32F-E917-4F89-B5FB-DCD446E7090C}] => (Allow) D:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [TCP Query User{16F40B6D-EEA0-4EB8-B8E1-01C9A2A97CA0}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [UDP Query User{A2DB0D58-ABFA-4B82-89EB-95539DCE1EB9}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [{CB12C8B9-4E88-4A27-9935-D68C4CFBFD3D}] => (Allow) D:\SteamLibrary\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F18C2CF3-B449-4FDE-9C0B-F27913F6BE25}] => (Allow) D:\SteamLibrary\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1383A508-731A-4C82-9AB3-8719D127DCB5}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{81E8ACF1-4E40-4844-83C6-F49D38E01FAF}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{1EED2439-A953-4DFB-AB4C-B0DB00602F69}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{6A2799A6-9165-4610-837C-C030C5D6927A}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{88B36314-6661-402E-AAB0-CF0DF7F46C87}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [TCP Query User{7702C8A2-6249-4E49-8291-62E4D4CA1060}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F77AFC3F-33AC-4649-B619-904C9E32C4F6}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{783B9C4D-156E-48AA-9B1B-C20BA1665EA5}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{E6D395BC-A464-4A88-A8A0-416F50A66850}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{9E5D0672-A9F3-4A84-9D00-72E8ED58FF28}] => (Allow) D:\SteamLibrary\steamapps\common\F13Game\EAC_Launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6031375D-98F5-4311-950C-1BDFF0BE50F7}] => (Allow) D:\SteamLibrary\steamapps\common\F13Game\EAC_Launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5678EDCC-651E-4576-AEC9-858A1F24DB7A}] => (Allow) D:\SteamLibrary\steamapps\common\People Playground\People Playground.exe () [File not signed]
FirewallRules: [{608353BC-12A8-4C1A-9ED5-2071F787D711}] => (Allow) D:\SteamLibrary\steamapps\common\People Playground\People Playground.exe () [File not signed]
FirewallRules: [{38AF0893-BE62-4633-8B35-ACD4DC8E278B}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{4F64398C-4903-4BD2-8B7D-69757A88DA1F}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{6331A886-7064-4721-989E-44EED6D774CA}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> )
FirewallRules: [{5D8DBD70-6F16-43F0-8ACA-A8F35BA067AD}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> )
FirewallRules: [{CB66FF09-A0B3-4E6E-B6A9-9CF069A185BA}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{6433BCFC-6279-4562-B4FD-79E7001EA0D5}] => (Allow) C:\Users\Intel\AppData\Local\Programs\Opera\94.0.4606.65\opera.exe => No File
FirewallRules: [TCP Query User{6FA660E2-49AC-4AF5-A0C7-E4F23E6966FE}C:\users\intel\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\intel\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{0746804B-22A4-4299-A5B7-E80637E1CB06}C:\users\intel\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\intel\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [{0CF2D509-ABBC-4A7F-8345-812700B242B8}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{6EDC31D8-7905-4037-BEBA-7ACAEB4CE5A7}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{E6F46B69-B3D6-491B-8FA0-FA0C64262735}] => (Allow) C:\Users\Intel\AppData\Local\Programs\Opera\94.0.4606.76\opera.exe => No File
FirewallRules: [{0CC624AF-FA39-4C2C-93D1-BDF79522C6EE}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{10845EF9-7346-4648-86CA-093F5A11F24D}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E2F08D02-48A7-4CAE-A000-35D80ACB120B}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{0B639D7D-4484-4F83-82F7-730A99593B92}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{D7AACE09-4986-4128-9FEA-4676910E40DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3285DF0D-B041-4493-A427-3CE7C99E9549}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7F34046C-51DA-4049-8FE4-89705290CF2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0DCEAD58-70FC-4AE2-91A5-EA2C60B03E48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CD8E65E6-ACE7-411D-AF28-902C50EDF1C7}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{7395E1C2-446E-4217-9561-12B9676AC33A}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [TCP Query User{B4BC6F3B-3621-45DA-95EE-892952AF6533}D:\mega gra\ready or not build.20102022\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) D:\mega gra\ready or not build.20102022\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [File not signed]
FirewallRules: [UDP Query User{D24019A2-A96E-4E07-A516-341E346F1AFA}D:\mega gra\ready or not build.20102022\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) D:\mega gra\ready or not build.20102022\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [File not signed]
FirewallRules: [{CF59F7BA-4F32-424E-AB35-D6391BD7D6C2}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{3679BEA3-36C3-4B1B-8886-4C46E2001F9B}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{A9F5983A-A5AC-496E-8F28-A1FBC78C73DB}D:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User{7C3B5A68-97A5-4F74-A171-10D6741F6E95}D:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [{C5D86689-2C96-4467-8915-A4F4B372514E}] => (Allow) D:\SteamLibrary\steamapps\common\Toribash\toribash.exe () [File not signed]
FirewallRules: [{F54E1EAD-455F-48E6-941E-7C730208F081}] => (Allow) D:\SteamLibrary\steamapps\common\Toribash\toribash.exe () [File not signed]
FirewallRules: [{213A84E8-E42B-408F-9F94-B17965442693}] => (Allow) D:\SteamLibrary\steamapps\common\One-armed cook\OAC.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{79A993ED-6C43-4075-9D4A-8A74641C3CD4}] => (Allow) D:\SteamLibrary\steamapps\common\One-armed cook\OAC.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{7B2F9FEE-0A28-4F89-B022-F2DE2BD7EF1D}D:\steamlibrary\steamapps\common\one-armed cook\oac\binaries\win64\oac.exe] => (Allow) D:\steamlibrary\steamapps\common\one-armed cook\oac\binaries\win64\oac.exe => No File
FirewallRules: [UDP Query User{6871E1A7-AAA8-4401-ACDF-3A3670C4E4C5}D:\steamlibrary\steamapps\common\one-armed cook\oac\binaries\win64\oac.exe] => (Allow) D:\steamlibrary\steamapps\common\one-armed cook\oac\binaries\win64\oac.exe => No File
FirewallRules: [{15C6B1CB-CF72-4409-BC84-00763441E1E7}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{35594E44-5BFB-4979-8351-7CD97F71FF59}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{245955D8-1DEE-4EA4-876B-F070E7E2E066}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{444BE1FC-0DC9-4B07-B7BC-1AE8440515F0}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{8FCF0884-BB28-4DEC-96D3-850DB09C681B}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{0597B9BC-0307-4D0E-9E86-F25CFEAACF11}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{4CA5E106-2D6C-4D2B-878F-059DB989644E}C:\users\intel\appdata\local\ubisoft\r6siege\y7s4.2.0.1pc_c7361317_d1569606_s50031_50497889\2864878807\rainbowsix.exe] => (Allow) C:\users\intel\appdata\local\ubisoft\r6siege\y7s4.2.0.1pc_c7361317_d1569606_s50031_50497889\2864878807\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{675F2370-0352-4B83-8D71-3141D00E5B37}C:\users\intel\appdata\local\ubisoft\r6siege\y7s4.2.0.1pc_c7361317_d1569606_s50031_50497889\2864878807\rainbowsix.exe] => (Allow) C:\users\intel\appdata\local\ubisoft\r6siege\y7s4.2.0.1pc_c7361317_d1569606_s50031_50497889\2864878807\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{6294BA6F-C878-4636-B5B5-BA28ED27C295}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{0D0D2E57-8265-4BB2-B243-94B854E02018}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D14C46A7-1DB3-449E-BDD5-4BB33C34E6A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4A95BC5C-FC63-48BB-A237-9263AF0BDBA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{849F55C7-0FF3-48A7-B74D-D920CD8A0285}C:\users\intel\appdata\local\ubisoft\r6siege\y8s1.0.0_c7422506_d1584938_s50590_52218207\3382260244\rainbowsix.exe] => (Allow) C:\users\intel\appdata\local\ubisoft\r6siege\y8s1.0.0_c7422506_d1584938_s50590_52218207\3382260244\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{C5A38387-5FF8-4B0B-B553-98D5515CD4FC}C:\users\intel\appdata\local\ubisoft\r6siege\y8s1.0.0_c7422506_d1584938_s50590_52218207\3382260244\rainbowsix.exe] => (Allow) C:\users\intel\appdata\local\ubisoft\r6siege\y8s1.0.0_c7422506_d1584938_s50590_52218207\3382260244\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{A617798F-2B70-4EE1-9907-ADC9F7F7C7C0}D:\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [UDP Query User{91CC8A53-F9C4-4D40-9B05-9AE6C1E75261}D:\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{3B9C34EA-C53E-4D86-8DD4-0B41CFAACDFC}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{98D81E2A-2350-4D0D-A3D3-AE13FA18ABAE}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{1526B6F0-DCFD-42F0-868B-1776395A5963}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuysEACLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{10196707-E1E6-429C-9BA4-9AD86C358154}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuysEACLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{BF2C4870-9F88-42E3-A19C-C6B2CD62B42E}D:\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [UDP Query User{DA3335A9-2149-48C9-A195-A05171B22DE6}D:\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{8EBA5CDC-C104-4031-B32A-28F1EF34D51A}] => (Allow) D:\SteamLibrary\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [{12310D32-55AE-4BC6-8B94-224A7C30CE5B}] => (Allow) D:\SteamLibrary\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [TCP Query User{A64E1AF8-95F7-4666-B39B-899A04728AF6}D:\steamlibrary\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe (stillalive studios GmbH) [File not signed]
FirewallRules: [UDP Query User{045E0B6F-098D-4D0A-A4AF-0F59CE6AE534}D:\steamlibrary\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe (stillalive studios GmbH) [File not signed]
FirewallRules: [{9EB5739C-91C1-43FB-B4F8-C86A65281730}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.)
FirewallRules: [{EA80BD18-4A50-4D1D-B671-F886615A92A0}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.)
FirewallRules: [{D009D579-C4E0-47F0-ACE7-3ABE0B385C7B}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{308CAF51-2F78-452C-AA8C-3EA4CF3628A6}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{5D281034-84B0-421C-8D18-F7BF3B8460CB}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Coaster\PlanetCoaster.exe (Frontier Developments) [File not signed]
FirewallRules: [{312F9FF5-5ED5-46AF-ABFA-CE0903901FDA}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Coaster\PlanetCoaster.exe (Frontier Developments) [File not signed]
FirewallRules: [{3789D9A1-0522-412A-B07A-E08C99015C21}] => (Allow) D:\SteamLibrary\steamapps\common\Colony Survival\colonyclient.exe () [File not signed]
FirewallRules: [{25D162E5-217F-47C3-BBE2-07572D35F68B}] => (Allow) D:\SteamLibrary\steamapps\common\Colony Survival\colonyclient.exe () [File not signed]
FirewallRules: [TCP Query User{F60CBBB4-DD5A-4C27-B24D-7366E178680A}D:\steamlibrary\steamapps\common\colony survival\colonyserver.exe] => (Allow) D:\steamlibrary\steamapps\common\colony survival\colonyserver.exe () [File not signed]
FirewallRules: [UDP Query User{094876CD-2B37-4BF3-A11B-A3F3EF2E3796}D:\steamlibrary\steamapps\common\colony survival\colonyserver.exe] => (Allow) D:\steamlibrary\steamapps\common\colony survival\colonyserver.exe () [File not signed]
FirewallRules: [{35AF6762-A7ED-409A-8833-D309D5FB9213}] => (Allow) D:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{E8A8A7FC-0EB1-447B-9548-0F5EE1EA271F}] => (Allow) D:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [TCP Query User{35BF8865-DB49-407A-BFB4-BC6BE3676061}D:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{1A82739B-1865-442C-91E2-95F8DEF38DDB}D:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [TCP Query User{388CD13C-FC85-4D0C-9B20-F1FB7114E7AA}D:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [UDP Query User{1B2C4821-1D0E-43CC-B0B2-BD52A132904E}D:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [{4A9C137E-803E-4073-B7BE-1396378F6436}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{05546AD3-E75E-4543-8A2D-53ADD9431933}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{0618261D-F550-481D-B3DE-006E2955BAED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8892565-5931-4742-9AD9-012440B69008}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0E826B5-7E80-492C-BE54-F2CC08979C95}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0FA12B37-9E89-41E3-8A7E-7876F638F863}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A7C0F8D-8AA9-4D4E-A0A3-C96E52005993}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DE40B3D-3A80-4709-9D4B-ACF889D54F84}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2AC0F1C0-B18B-44BB-9112-2F2E9A1FB182}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{02AB93D0-C888-4A82-B503-C065F34010A5}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [TCP Query User{B27683B3-934A-49A3-8F90-5509490FD4D0}C:\program files (x86)\imyfone magicmic\magicmic.exe] => (Allow) C:\program files (x86)\imyfone magicmic\magicmic.exe => No File
FirewallRules: [UDP Query User{7C0148DA-7646-4142-83AF-6696A30EAF67}C:\program files (x86)\imyfone magicmic\magicmic.exe] => (Allow) C:\program files (x86)\imyfone magicmic\magicmic.exe => No File
FirewallRules: [{CCAA287E-CEC9-4B28-A40D-D85C5D756D33}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B5AE503-686B-4A17-B04A-DCDF512334E0}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.27\OverwolfBrowser.exe => No File
FirewallRules: [{9ECECFD1-F046-4246-A1CE-8E6E6B89D5AD}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.27\OverwolfBrowser.exe => No File
FirewallRules: [{EE59861E-2E37-4A3D-953D-F8C131906183}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.27\OverwolfBrowser.exe => No File
FirewallRules: [{0A70FFDF-1773-4E57-AF92-9A2CAF6720BE}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.27\OverwolfBrowser.exe => No File
FirewallRules: [{56B50399-D6E4-45F6-8A69-953B974CFBF3}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B8C02358-75EF-4116-A51F-FF8E38607652}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{16AE0B35-DC2F-4CEB-8B5B-20EF2042702D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D075934C-F977-4A15-A738-0ED409CD8C2E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AE2FE485-B4A1-4A9A-A81E-DEEB0A8EEBFE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9BD6E83F-2880-4F6D-BBD5-602590C91715}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0591A673-A2C1-4B35-B1B7-567377781820}] => (Allow) C:\Users\Intel\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{C17AAAC5-1BF1-45A3-B080-D4C5B477072E}] => (Allow) C:\Users\Intel\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{BB6B7D00-4716-41FF-B66E-1C330DFCE8BE}] => (Allow) C:\Users\Intel\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{924B521E-04C9-4F5F-BF1F-21BEF8BCA163}] => (Allow) C:\Users\Intel\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{3B169B08-EE38-42D2-9943-385FDFD1FC3D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DCB5E1BD-179D-4368-96F1-110CEE09155E}] => (Allow) D:\SteamLibrary\steamapps\common\FPS Chess\FPSChess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A292F5E9-AE8D-4B67-B1D4-567D49A15DB1}] => (Allow) D:\SteamLibrary\steamapps\common\FPS Chess\FPSChess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{4636DF00-E861-426B-A3B9-D42F451DE898}C:\users\intel\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\intel\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{4729A038-68CB-4F11-8567-0CD64EE4A81F}C:\users\intel\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\intel\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
==================== Restore Points =========================
19-05-2023 15:20:56 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/19/2023 08:19:31 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/19/2023 01:51:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.19041.546, časové razítko: 0x1d3a15e7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2913, časové razítko: 0xa1c3e870
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d862
ID chybujícího procesu: 0x21fc
Čas spuštění chybující aplikace: 0x01d98a482ce51097
Cesta k chybující aplikaci: C:\Windows\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: ed4a2b1a-bb20-48ae-9914-31beefa25e61
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.23032.186.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (05/18/2023 08:19:31 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/18/2023 06:12:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: colonyclient.exe, verze: 2021.3.14.57736, časové razítko: 0x637b4803
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000082
ID chybujícího procesu: 0x2bd4
Čas spuštění chybující aplikace: 0x01d989a346de0b91
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Colony Survival\colonyclient.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: ece8ad0f-df01-45a0-82df-7606cd1ccac2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/18/2023 04:37:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FiveM.exe, verze: 2.0.0.6423, časové razítko: 0x644ce64f
Název chybujícího modulu: libcef.dll, verze: 103.0.0.0, časové razítko: 0x62d9e8bc
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000008907675
ID chybujícího procesu: 0x1018
Čas spuštění chybující aplikace: 0x01d9899647ca2873
Cesta k chybující aplikaci: C:\Users\Intel\AppData\Local\FiveM\FiveM.exe
Cesta k chybujícímu modulu: C:\Users\Intel\AppData\Local\FiveM\FiveM.app\bin\libcef.dll
ID zprávy: 05f7d914-ebbf-4fb0-9754-f296ebe4a8d3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/17/2023 08:19:31 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/17/2023 06:28:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x6438d9d4
Název chybujícího modulu: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x6438d9d4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000f68539
ID chybujícího procesu: 0xea8
Čas spuštění chybující aplikace: 0x01d988d94310f028
Cesta k chybující aplikaci: D:\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: D:\rocketleague\Binaries\Win64\RocketLeague.exe
ID zprávy: 10ccc848-c297-4027-876c-5e9d9014cc34
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/16/2023 08:19:32 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
System errors:
=============
Error: (05/20/2023 08:42:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TSUL98F)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/20/2023 08:06:36 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2
Error: (05/20/2023 08:06:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:59:44, 19.05.2023) bylo neočekávané.
Error: (05/20/2023 08:06:35 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (05/19/2023 03:23:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TSUL98F)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/19/2023 01:59:32 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2
Error: (05/19/2023 01:50:41 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2
Error: (05/18/2023 07:15:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TSUL98F)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2023-05-19 13:28:56
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/OfferCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Intel\Downloads\utorrent_installer(1).exe; file:_C:\Users\Intel\Downloads\utorrent_installer.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-TSUL98F\Intel
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.389.1824.0, AS: 1.389.1824.0, NIS: 1.389.1824.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-19 13:28:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/OfferCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Intel\Downloads\utorrent_installer.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-TSUL98F\Intel
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.389.1824.0, AS: 1.389.1824.0, NIS: 1.389.1824.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-19 13:28:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/uTorrent_BundleInstaller
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Intel\Downloads\utweb_installer(1).exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-TSUL98F\Intel
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.389.1824.0, AS: 1.389.1824.0, NIS: 1.389.1824.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-18 20:32:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BEAD0B5B-6EB9-4EA1-9CE5-656DFDEF5D65}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-05-17 18:19:53
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/uTorrent_BundleInstaller
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Intel\Downloads\utweb_installer(1).exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT Authority\System
Název procesu: System
Verze bezpečnostních informací: AV: 1.389.1592.0, AS: 1.389.1592.0, NIS: 1.389.1592.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
Event[0]:
Date: 2023-05-17 14:25:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Intel\Desktop\Installer\Setup.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-TSUL98F\Intel
Název procesu: C:\Windows\explorer.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508033
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.389.1592.0, AS: 1.389.1592.0, NIS: 1.389.1592.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3
CodeIntegrity:
===============
Date: 2023-02-18 20:41:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. F7c 01/24/2022
Motherboard: Gigabyte Technology Co., Ltd. Z590 GAMING X
Processor: Intel(R) Core(TM) i7-10700F CPU @ 2.90GHz
Percentage of memory in use: 47%
Total physical RAM: 16251.66 MB
Available physical RAM: 8604.97 MB
Total Virtual: 27003.66 MB
Available Virtual: 13702.55 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:465.15 GB) (Free:58.87 GB) (Model: KINGSTON SNVS500G) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:150.61 GB) (Model: TOSHIBA HDWD110) NTFS
\\?\Volume{d2564b85-3517-4e48-8ed6-eecceb906c84}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{50535065-cde3-410f-addd-9d2abe43dbc6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================