Kontrola logu z FRST
Napsal: 10 kvě 2026 06:53
Ahoj, opět po pár letech (před chvílí jsem se zděsil, že moje registrace je z roku 2009 
)
Prosím o kontrolu logu, podezření konkrétní nemám, jen klasicky "ukradnutý" účet z IG na pár minut i přes 2fazove overovaní, jediny misto odkud by to mohlo jit je tento PC.
Díky moc a at se dari.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2026
Ran by Gambo (administrator) on GG (Micro-Star International Co., Ltd. MS-7D15) (10-05-2026 07:49:01)
Running from C:\Users\Gambo\Desktop\FRST64 (1).exe
Loaded Profiles: Gambo
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe <2>
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\Total Commander\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MidiSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f4c7a2fd13e0f763\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.264.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\124.0.3.0\GoogleDriveFS.exe [77810328 2026-04-30] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\124.0.3.0\GoogleDriveFS.exe [77810328 2026-04-30] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1987904 2026-05-01] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [39520672 2025-11-13] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13872608 2023-06-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\124.0.3.0\GoogleDriveFS.exe [77810328 2026-04-30] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [42087896 2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [electron.app.CurseForge] => C:\Users\Gambo\AppData\Local\Programs\CurseForge Windows\CurseForge.exe [211986448 2026-04-26] (Overwolf Ltd -> Overwolf)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [MicrosoftEdgeAutoLaunch_FCBCAC5CBE4B3C071C4385DC999D9513] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5216584 2026-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\MountPoints2: {ff336b00-14de-11ed-9013-d8bbc14ca168} - "F:\setup.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\124.0.3.0\GoogleDriveFS.exe [77810328 2026-04-30] (Google LLC -> Google LLC.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\HP be2a Status Monitor: C:\Windows\system32\hpinkstsbe2aLM.dll [468576 2018-06-15] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3971224 2026-04-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\148.0.7778.97\Installer\chrmstp.exe [7614616 2026-05-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\148.1.90.121\Installer\chrmstp.exe [6168144 2026-05-07] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TurboTop.lnk [2022-07-29]
ShortcutTarget: TurboTop.lnk -> C:\Program Files (x86)\TurboTop\TurboTop.exe (Savard Software -> Savard Software)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {D1D59D46-021A-4B28-A6FA-30E32B3D08E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {04DB1BFF-58A1-4A85-A84A-4983BADDD126} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{F7F6B3D9-B89F-4FAD-A681-F24066316110} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2026-05-06] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {A6A2D267-410D-45DA-957F-A86F81AF6645} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{2F9E7761-7944-4808-841A-F9FB297FC5A9} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2026-05-06] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {00B2D801-7253-4901-915D-C1C8D7099EFD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem149.0.7814.0{B185B800-AB9B-4704-8905-F00D24EFBB4E} => C:\Program Files (x86)\Google\GoogleUpdater\149.0.7814.0\updater.exe [8770200 2026-04-28] (Google LLC -> Google LLC)
Task: {741A1213-4CDE-45D1-9D40-6A206C9CDE5B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [95240 2026-04-12] (HP Inc. -> HP Inc.)
Task: {F129A21B-5503-492D-BB4B-30B05A74F0CF} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [95240 2026-04-12] (HP Inc. -> HP Inc.)
Task: {47DFF2D8-75A7-4183-BE70-3C736AD64678} - System32\Tasks\Intel\Intel Telemetry 3 => C:\Program Files\Intel\Telemetry 3.0\lrio.exe [6045240 2024-02-14] (Intel Corporation -> Intel Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {D54C8FA2-1932-47FB-9F91-F1B2E506D621} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B8EC246-F4AD-4805-9199-AFF8AB984D7F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE4E9AD3-E908-4477-93A8-5D5F43D996EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8B1091A-3B23-4DAE-87E7-D1064D634FF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D9FC952-DBD0-4C49-B444-E910836C428E} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-09-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FEC84663-A901-43FF-9DF6-77DAAE3B1915} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2399560 2026-05-01] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {CF203CAF-20D7-477C-833F-C8560A6D1CE9} - System32\Tasks\TempClean1 => C:\Windows\system32\wevtutil.exe [299008 2025-11-13] (Microsoft Windows -> Microsoft Corporation) -> cl Application <==== ATTENTION
Task: {499BCDC6-3941-44BE-98FC-74E06C5AF762} - System32\Tasks\TempClean2 => C:\Windows\system32\wevtutil.exe [299008 2025-11-13] (Microsoft Windows -> Microsoft Corporation) -> cl System <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0dabefed-6c96-4ba2-9e5f-70331d309246}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b2b41660-b851-4ac6-9eb0-b94568299a0e}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Inc.)
Edge:
=======
Edge Profile: C:\Users\Gambo\AppData\Local\Microsoft\Edge\User Data\Default [2026-05-09]
Edge Extension: (Dokumenty Google offline) - C:\Users\Gambo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\Gambo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-10]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default [2026-05-10]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2026-05-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-19]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-21]
CHR Profile: C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-10]
CHR Profile: C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-08-11]
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.cz/"
CHR Extension: (Just Black) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2022-06-21]
CHR Extension: (BetterTTV) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2025-08-11]
CHR Extension: (PotPlayer YouTube Shortcut, Open Links) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfdpeaefecdlkdlgdpjjllmhlnckcodp [2025-08-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-08-11]
CHR Extension: (FrankerFaceZ) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2025-08-11]
CHR Extension: (Return YouTube Dislike) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gebbhagfogifgggkldgodflihgfeippi [2025-05-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-08-11]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-05-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2025-05-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-21]
CHR Profile: C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\System Profile [2026-05-10]
CHR HKU\S-1-5-21-4011095094-138222901-1307975021-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR DefaultProfile: Default
Brave:
=======
BRA Profile: C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2026-05-09]
BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2026-05-08]
BRA Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2026-05-06]
BRA Extension: (Brave Ad Block Updater (Brave First Party Adblock Filters (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2026-05-08]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2026-05-08]
BRA Extension: (Brave NTP background images) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2026-05-06]
BRA Extension: (Brave Ad Block Updater (Mobile app promo blocker (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2026-05-08]
BRA Extension: (Brave Ad Block Updater (Cookie notice blocker (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2026-05-09]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2026-05-09]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2026-05-06]
BRA Extension: (Brave Ads Resources) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2026-05-06]
BRA Extension: (Brave Ad Block Updater (Brave Default Adblock Filters (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2026-05-09]
BRA Extension: (Brave Ad Block Updater (Brave Default Privacy Filters (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\kihnoaefogbkmblfimmibknnmkllbhlf [2026-05-09]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2026-05-06]
BRA Extension: (Brave User Agent) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\nlpaeekllejnmhoonlpcefpfnpbajbpe [2026-05-08]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2026-05-06]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2026-05-06] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\148.1.90.121\elevation_service.exe [4675664 2026-05-07] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2026-05-06] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3071904 2025-11-13] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-06-22] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2346464 2023-06-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-06-07] (GOG sp. z o.o -> GOG.com)
S2 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [401792 2026-04-10] (Microsoft Corporation -> Windows (R) Win 7 DDK provider)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [244232 2026-04-12] (HP Inc. -> HP Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11483256 2026-05-10] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-05-10] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f4c7a2fd13e0f763\Display.NvContainer\NVDisplay.Container.exe [1275624 2026-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2399560 2026-05-01] (Overwolf Ltd -> Overwolf LTD)
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300232 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1576056 2025-12-05] (Rockstar Games, Inc. -> Rockstar Games)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513672 2025-04-28] (Razer USA Ltd. -> Razer Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [569344 2024-12-08] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [200704 2024-12-08] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2024-12-08] (Microsoft Corporation) [File not signed]
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-03-09] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2026-05-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245864 2026-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [647560 2026-04-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-17] (Microsoft Windows -> Microsoft Corporation)
S3 usbscan; \SystemRoot\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys (No File)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2026-05-10 07:49 - 2026-05-10 07:49 - 000025024 _____ C:\Users\Gambo\Desktop\FRST.txt
2026-05-10 07:46 - 2026-05-10 07:48 - 002447360 _____ (Farbar) C:\Users\Gambo\Desktop\FRST64 (1).exe
2026-05-10 07:42 - 2026-05-10 07:43 - 000000000 ____D C:\AdwCleaner
2026-05-10 07:42 - 2026-05-10 07:42 - 009633776 _____ (Malwarebytes) C:\Users\Gambo\Downloads\adwcleaner_8.7.1.exe
2026-05-10 07:42 - 2026-05-10 07:42 - 009633072 _____ (Malwarebytes) C:\Users\Gambo\Downloads\adwcleaner.exe
2026-05-10 07:36 - 2026-05-10 07:38 - 000000000 ____D C:\Users\Gambo\AppData\Local\Malwarebytes
2026-05-10 07:36 - 2026-05-10 07:36 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2026-05-10 07:36 - 2026-05-10 07:36 - 000002098 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2026-05-10 07:36 - 2026-05-10 07:36 - 000000000 ____D C:\Users\Gambo\AppData\Local\Sentry
2026-05-10 07:35 - 2026-05-10 07:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2026-05-10 07:35 - 2026-05-10 07:35 - 000000000 ____D C:\Program Files\Malwarebytes
2026-05-10 07:34 - 2026-05-10 07:49 - 000000000 ____D C:\FRST
2026-05-10 07:34 - 2026-05-10 07:35 - 002851456 _____ (Malwarebytes) C:\Users\Gambo\Downloads\MBSetup.exe
2026-05-10 07:34 - 2026-05-10 07:35 - 000027076 _____ C:\Users\Gambo\Downloads\FRST.txt
2026-05-10 07:33 - 2026-05-10 07:33 - 002447360 _____ (Farbar) C:\Users\Gambo\Downloads\FRST64.exe
2026-05-09 14:55 - 2026-05-09 14:55 - 000000000 ____D C:\Users\Public\Documents\MicrosoftStore
2026-05-09 14:55 - 2026-05-09 14:55 - 000000000 ____D C:\Users\Gambo\AppData\Local\NewMoon
2026-05-09 14:53 - 2026-05-09 14:53 - 005784976 _____ (Power Software Ltd) C:\Users\Gambo\Downloads\PowerISO9-x64.exe
2026-05-09 14:53 - 2026-05-09 14:53 - 000000870 _____ C:\Users\Public\Desktop\PowerISO.lnk
2026-05-09 14:53 - 2026-05-09 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2026-05-09 14:53 - 2026-05-09 14:53 - 000000000 ____D C:\Program Files\PowerISO
2026-05-09 14:53 - 2017-06-07 02:36 - 000138296 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2026-05-09 14:49 - 2026-05-09 14:49 - 001576544 _____ (Sysprogs OU) C:\Users\Gambo\Downloads\WinCDEmu-4.1 (1).exe
2026-05-09 14:49 - 2026-05-09 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2026-05-09 14:48 - 2026-05-09 14:48 - 002002280 _____ (Akeo Consulting) C:\Users\Gambo\Downloads\rufus-4.14.exe
2026-05-09 14:48 - 2026-05-09 14:48 - 000000270 __RSH C:\ProgramData\ntuser.pol
2026-05-07 14:35 - 2026-05-07 14:35 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2026-05-07 14:35 - 2026-05-07 14:35 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2026-05-06 15:53 - 2026-05-07 19:59 - 000002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2026-05-06 15:53 - 2026-05-07 19:59 - 000002340 _____ C:\Users\Public\Desktop\Brave.lnk
2026-05-06 15:53 - 2026-05-06 15:53 - 001276768 _____ (BraveSoftware Inc.) C:\Users\Gambo\Downloads\BraveBrowserSetup-BRV010.exe
2026-05-06 15:53 - 2026-05-06 15:53 - 000003866 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{2F9E7761-7944-4808-841A-F9FB297FC5A9}
2026-05-06 15:53 - 2026-05-06 15:53 - 000003742 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{F7F6B3D9-B89F-4FAD-A681-F24066316110}
2026-05-06 15:53 - 2026-05-06 15:53 - 000000000 ____D C:\Users\Gambo\AppData\Local\BraveSoftware
2026-05-06 15:53 - 2026-05-06 15:53 - 000000000 ____D C:\Program Files\BraveSoftware
2026-05-06 15:53 - 2026-05-06 15:53 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2026-05-05 17:05 - 2026-05-09 08:53 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-05-04 19:41 - 2026-05-04 19:42 - 000000000 ____D C:\Users\Gambo\Downloads\REPLACED-RUNE
2026-05-04 14:51 - 2026-05-04 14:51 - 000000000 ____D C:\Users\Gambo\CrossDevice
2026-05-04 14:51 - 2026-05-04 14:51 - 000000000 ____D C:\ProgramData\CrossDevice
2026-05-03 10:09 - 2026-05-03 10:09 - 000482612 _____ C:\Users\Gambo\Downloads\4002493421.pdf
2026-05-01 14:22 - 2026-05-01 14:23 - 000000000 ____D C:\Users\Gambo\Desktop\Kolo
2026-05-01 14:11 - 2026-05-01 14:11 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\msihmdt
2026-05-01 14:06 - 2026-05-01 14:07 - 3580476785 _____ C:\Users\Gambo\Downloads\SimtSimulator_1-8-101.zip
2026-05-01 14:06 - 2026-05-01 14:06 - 001212933 _____ C:\Users\Gambo\Downloads\SimtSimulator_patch1131.zip
2026-04-30 17:33 - 2026-04-30 17:42 - 000000000 ____D C:\common_attachment
2026-04-30 17:32 - 2026-04-30 17:32 - 000000000 ____D C:\Users\Gambo\AppData\Local\Bytedance
2026-04-30 17:31 - 2026-04-30 17:31 - 000001390 _____ C:\Users\Gambo\Desktop\CapCut.lnk
2026-04-30 17:31 - 2026-04-30 17:31 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut
2026-04-30 17:31 - 2026-04-30 17:31 - 000000000 ____D C:\Users\Gambo\AppData\Local\VEDetector
2026-04-30 17:31 - 2026-04-30 17:31 - 000000000 ____D C:\Users\Gambo\AppData\Local\CapCut
2026-04-30 17:30 - 2026-04-30 17:30 - 002879000 _____ C:\Users\Gambo\Downloads\CapCut_7634575114851336209_installer.exe
2026-04-30 15:44 - 2026-04-30 15:44 - 000000585 _____ C:\Users\Public\Desktop\Burning Crusade Anniversary.lnk
2026-04-30 15:44 - 2026-04-30 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burning Crusade Anniversary
2026-04-28 19:13 - 2026-04-28 19:13 - 000000000 ____D C:\Users\Gambo\AppData\LocalLow\Not Knowing Corporation
2026-04-28 19:07 - 2026-04-28 19:10 - 1330359536 _____ C:\Users\Gambo\Downloads\Cleared.Hot.v0.2.4.17671.rar
2026-04-28 19:07 - 2026-04-28 19:10 - 1326038977 _____ C:\Users\Gambo\Downloads\Cleared.Hot.v0.2.5.17788.rar
2026-04-28 15:25 - 2026-04-28 15:25 - 000031110 _____ C:\Users\Gambo\Downloads\okolo-brnenske-prehrady-k-hradu-veveri-a-na-stezku-zouvalka (1).pdf
2026-04-28 15:22 - 2026-04-28 15:22 - 000031110 _____ C:\Users\Gambo\Downloads\okolo-brnenske-prehrady-k-hradu-veveri-a-na-stezku-zouvalka.pdf
2026-04-23 16:42 - 2026-04-23 16:42 - 000000000 ____D C:\Program Files\Microsoft GameInput
2026-04-23 16:41 - 2026-04-23 16:41 - 000477640 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_e.dll.0
2026-04-23 14:44 - 2026-05-10 07:38 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\CurseForge
2026-04-23 14:44 - 2026-04-27 15:31 - 000000000 ____D C:\Users\Gambo\AppData\Local\curseforge-updater
2026-04-23 14:44 - 2026-04-23 14:44 - 000002446 _____ C:\Users\Gambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CurseForge.lnk
2026-04-23 14:44 - 2026-04-23 14:44 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\ow-electron
2026-04-23 14:43 - 2026-04-23 14:43 - 002787552 _____ (Overwolf Ltd.) C:\Users\Gambo\Downloads\CurseForge Windows - Installer.exe
2026-04-21 15:40 - 2026-04-21 15:40 - 000285820 _____ C:\Users\Gambo\Downloads\ok-7-2026-rozhodnuti.pdf
2026-04-17 14:05 - 2026-04-17 14:05 - 008115230 _____ C:\Users\Gambo\Downloads\VIRTUAL ZOOM s.r.o. - Datart0426_cz.pdf
2026-04-17 13:25 - 2026-04-17 13:25 - 000629834 _____ C:\Users\Gambo\Downloads\Mafia-Manual-cz.pdf
2026-04-17 13:09 - 2026-04-17 13:09 - 000036843 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-17 13:09 - 2026-04-17 13:09 - 000036843 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2026-04-17 13:09 - 2026-04-17 13:09 - 000004575 _____ C:\WINDOWS\system32\ResPriUHMImageList
2026-04-17 13:09 - 2026-04-17 13:09 - 000004575 _____ C:\WINDOWS\system32\ResPriLMImageList
2026-04-17 13:09 - 2026-04-17 13:09 - 000004575 _____ C:\WINDOWS\system32\ResPriImageList
2026-04-17 13:09 - 2026-04-17 13:09 - 000004575 _____ C:\WINDOWS\system32\ResPriHMImageList
2026-04-12 14:55 - 2026-04-12 14:55 - 008605696 _____ C:\Users\Gambo\Downloads\czmanager-agent-windows-1.4.0.exe
2026-04-12 14:53 - 2026-04-12 14:53 - 020849103 _____ C:\Users\Gambo\Downloads\Resident_Evil_Requiem_1.5.0_25032026_1521.zip
2026-04-12 14:50 - 2026-04-28 20:24 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\GSE Saves
2026-04-12 14:16 - 2026-04-12 14:29 - 3401717149 _____ C:\Users\Gambo\Downloads\PowerWash.Simulator.2.rar
2026-04-12 12:57 - 2026-04-12 14:59 - 000000000 ____D C:\Users\Gambo\Downloads\Resident.Evil.Requiem.Deluxe.Edition.Build.22277314-InsaneRamZes
2026-04-12 12:55 - 2026-04-12 12:55 - 000104469 _____ C:\Users\Gambo\Downloads\Resident.Evil.Requiem-VOICES38.torrent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2026-05-10 07:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-05-10 07:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-05-10 07:43 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-05-10 07:43 - 2022-06-21 19:35 - 000000000 ____D C:\ProgramData\NVIDIA
2026-05-10 07:36 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2026-05-10 07:36 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-05-10 07:36 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2026-05-10 07:36 - 2022-06-21 19:38 - 000000000 ____D C:\Users\Gambo\AppData\Local\Packages
2026-05-10 07:36 - 2022-06-21 19:35 - 000000000 ____D C:\ProgramData\Packages
2026-05-10 07:32 - 2022-06-21 19:38 - 000000000 ___SD C:\Users\Gambo\AppData\Roaming\Microsoft\Credentials
2026-05-09 23:47 - 2022-06-21 19:56 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\discord
2026-05-09 23:41 - 2022-06-21 19:56 - 000000000 ____D C:\Users\Gambo\AppData\Local\Discord
2026-05-09 23:13 - 2023-01-17 11:57 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2026-05-09 23:13 - 2022-06-21 19:30 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-05-09 15:23 - 2022-06-21 20:54 - 000000000 ____D C:\Program Files (x86)\Steam
2026-05-09 15:20 - 2022-06-21 20:00 - 000000000 ____D C:\Users\Gambo\AppData\Local\Battle.net
2026-05-09 14:55 - 2022-06-21 20:04 - 000000000 ____D C:\Users\Gambo\AppData\Local\UnrealEngine
2026-05-09 14:55 - 2022-06-21 19:38 - 000000000 ____D C:\Users\Gambo\AppData\Local\D3DSCache
2026-05-09 14:49 - 2022-06-21 20:09 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\qBittorrent
2026-05-07 14:35 - 2024-12-08 14:00 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-05-06 15:55 - 2022-06-21 19:55 - 000000000 ____D C:\Program Files (x86)\Overwolf
2026-05-06 15:55 - 2022-06-21 19:41 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-05-06 15:55 - 2022-06-21 19:41 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-05-04 14:51 - 2024-12-08 13:47 - 000000000 ____D C:\Users\Gambo
2026-05-03 10:10 - 2023-01-11 13:28 - 000002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-05-03 10:10 - 2023-01-11 13:28 - 000002078 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2026-04-30 17:41 - 2022-06-28 21:05 - 000000000 ____D C:\Users\Gambo\AppData\Local\CrashDumps
2026-04-30 15:41 - 2022-06-21 19:55 - 000002334 _____ C:\Users\Gambo\Desktop\CurseForge.lnk
2026-04-30 15:41 - 2022-06-21 19:54 - 000000000 ____D C:\Users\Gambo\AppData\Local\Overwolf
2026-04-30 15:34 - 2024-11-17 19:05 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2026-04-30 15:34 - 2024-11-17 19:05 - 000002061 _____ C:\Users\Gambo\Desktop\Google Drive.lnk
2026-04-30 15:07 - 2024-12-08 13:57 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-04-30 15:07 - 2024-12-08 13:57 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-04-24 18:46 - 2022-06-21 19:56 - 000002260 _____ C:\Users\Gambo\Desktop\Discord.lnk
2026-04-24 16:52 - 2025-04-22 19:32 - 004590024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000911816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000289224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000260552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000166344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000154056 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2026-04-24 16:52 - 2025-04-22 19:32 - 000084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2026-04-24 16:50 - 2022-06-21 20:00 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 16:41 - 2025-04-22 19:32 - 001141192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll.1
2026-04-23 16:41 - 2025-04-22 19:32 - 001141192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll.0
2026-04-20 14:40 - 2024-12-08 13:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-04-20 14:40 - 2024-12-08 13:55 - 000007300 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-20 14:40 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2026-04-20 14:40 - 2022-06-21 19:30 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-19 20:17 - 2024-12-08 13:55 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2026-04-19 20:17 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2026-04-19 20:16 - 2024-12-08 13:55 - 000505064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-04-19 20:15 - 2025-07-25 17:51 - 000000000 ____D C:\WINDOWS\system32\ruxim
2026-04-19 20:15 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-04-19 20:15 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2026-04-19 20:15 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\system32\cs
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-19 20:15 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2026-04-19 15:18 - 2022-06-21 20:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-04-19 15:15 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2026-04-19 15:15 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2026-04-19 15:15 - 2022-06-21 20:32 - 218249592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-04-17 13:09 - 2024-12-08 13:57 - 003268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-04-17 12:58 - 2022-06-21 19:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2026-04-12 14:49 - 2022-06-21 20:59 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2026-04-12 14:47 - 2022-06-21 20:54 - 000000000 ____D C:\Users\Gambo\AppData\Local\Steam
2026-04-12 12:12 - 2025-05-03 08:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2026-04-12 12:12 - 2025-03-06 20:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2026-04-12 12:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2026-04-11 01:24 - 2025-09-24 14:57 - 000013696 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2026-04-11 01:23 - 2025-09-24 14:57 - 001155496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\GameInputRedist.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000182696 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\XInput1_3.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000182144 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\XInput1_2.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000182144 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\XInput1_1.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000145320 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\XInput1_3.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000143784 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\XInput1_2.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000143744 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\XInput1_1.dll
==================== Files in the root of some directories ========
2023-10-29 13:39 - 2023-10-29 13:39 - 000000020 _____ () C:\Users\Gambo\AppData\Roaming\edge.dxt
2024-12-15 10:29 - 2025-10-18 14:14 - 003354624 _____ () C:\Users\Gambo\AppData\Roaming\emp.bin
2022-10-28 22:02 - 2022-10-28 22:02 - 000332800 _____ () C:\Users\Gambo\AppData\Roaming\patcher.dll
2023-01-31 12:51 - 2023-01-31 12:54 - 001065984 _____ () C:\Users\Gambo\AppData\Local\file__0.localstorage
2022-06-21 23:09 - 2023-11-22 19:45 - 000007597 _____ () C:\Users\Gambo\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2026
Ran by Gambo (10-05-2026 07:50:56)
Running from C:\Users\Gambo\Desktop
Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) (2024-12-08 11:57:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4011095094-138222901-1307975021-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-4011095094-138222901-1307975021-503 - Limited - Disabled)
Gambo (S-1-5-21-4011095094-138222901-1307975021-1001 - Administrators - Enabled) => C:\Users\Gambo
Guest (S-1-5-21-4011095094-138222901-1307975021-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4011095094-138222901-1307975021-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Disabled - Up to date) {A537353A-1D6A-F6B5-9153-CE1CF80FBE66}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 26.001.21529 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 148.1.90.121 - Autoři prohlížeče Brave)
Burning Crusade Anniversary (HKLM-x32\...\World of Warcraft Classic Anniversary) (Version: - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version: - Blizzard Entertainment)
Call of Duty Black Ops 2 (HKLM-x32\...\{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1) (Version: 1.0 - Treyarch)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Call of Duty Modern Warfare Remastered v.1.0 (HKLM-x32\...\Call of Duty Modern Warfare Remastered_is1) (Version: - )
Call of Duty verze 1.0 (HKLM-x32\...\{49C3E7C6-82F3-459F-A0B4-74454BA2FA43}_is1) (Version: 1.0 - Activision)
Call of Duty World at War verze 1.7 (HKLM-x32\...\{40F898EE-104A-445C-8C6C-5F37D35B37C2}_is1) (Version: 1.7 - Activision)
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - )
CapCut (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\CapCut) (Version: 8.5.0.3590 - Bytedance Pte. Ltd.)
Cataclysm Classic (HKLM-x32\...\Cataclysm Classic) (Version: - Blizzard Entertainment)
CoD 2 čeština 1.1 (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S[al!er!)
Crack_Files version final (HKLM-x32\...\Crack_Files_is1) (Version: final - The)
CurseForge (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 1.302.1.3108 - Overwolf app)
CurseForge 1.302.1-33108 (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 1.302.1-33108 - Overwolf)
Desperados 3 (HKLM-x32\...\1914500649_is1) (Version: 1.7 - GOG.com)
Desperados III DLC1 (HKLM-x32\...\1314240626_is1) (Version: 1.7 - GOG.com)
Desperados III DLC2 (HKLM-x32\...\1231933524_is1) (Version: 1.7 - GOG.com)
Desperados III DLC3 (HKLM-x32\...\1984454669_is1) (Version: 1.7 - GOG.com)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Discord) (Version: 1.0.9236 - Discord Inc.)
DOOM - Čeština (HKLM\...\{0F82DB67-2B5E-4378-96C3-55714357703E}}_is1) (Version: 1.1 - Necronos)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.67.2 - GOG.com)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 124.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 148.0.7778.97 - Google LLC)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HxD Hex Editor 2.5 (HKLM\...\HxD_is1) (Version: 2.5 - Maël Hörz)
Chameleon version 1.0 (HKLM-x32\...\{4494C122-3B15-4952-928F-D2446959E12D}_is1) (Version: 1.0 - Take-Two Interactive, Cenega Czech)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{fdc445a5-0180-47a6-a653-ab97fa2d4723}) (Version: 7.14.2.14 - Intel Corporation)
Kodi (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Kodi) (Version: 19.4.0.0 - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.3.4.2 (HKLM\...\{C9090ED0-F3EE-4FF2-A3E1-0F2598FC7107}) (Version: 7.3.4.2 - The Document Foundation)
Lies of P (HKLM-x32\...\Lies of P_is1) (Version: - )
Lies of P CZ verze 1.3 (HKLM-x32\...\{6562EA58-1DF6-4F30-984D-407C7ECCE0D1}}_is1) (Version: 1.3 - Luc2as)
Malwarebytes version 5.5.5.253 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.5.5.253 - Malwarebytes)
Medal of Honor - Allied Assault War Chest (HKLM-x32\...\1207659126_is1) (Version: 2.1.0.22 - GOG.com)
Metal Gear (HKLM-x32\...\2022393863_is1) (Version: 1.0 - GOG.com)
Metal Gear Solid (HKLM-x32\...\1771973390_is1) (Version: 1.0 - GOG.com)
Metal Gear Solid 2: Substance (HKLM-x32\...\2069117974_is1) (Version: 1.0 - GOG.com)
Microsoft .NET Host - 6.0.26 (x64) (HKLM\...\{87EBA554-A002-4EF4-A612-4FFD06092B5B}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.6 (x64) (HKLM\...\{EAEDD1FB-8876-4FD8-98A6-3AF439887414}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.6 (x64) (HKLM\...\{59C4A6C5-E254-4819-B254-0B4FF17747EB}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.6 (x64) (HKLM\...\{F69305BE-6EFA-45D0-9635-752373304A1A}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 148.0.3967.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 147.0.3912.98 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM\...\{45B61AD4-7D73-48B9-B9B4-724C9F0828E6}) (Version: 3.3.195.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM-x32\...\{b2476903-b8da-4dcc-903f-378730bb4c48}) (Version: 6.0.26.33205 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM\...\{0EF5DD4D-EC49-4AE7-8C9A-F64FF8B3EA58}) (Version: 64.24.15241 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM-x32\...\{942f6911-1a02-4186-8c4c-b27eb2b9733d}) (Version: 8.0.6.33720 - Microsoft Corporation)
NVIDIA App 11.0.5.266 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.266 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 591.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 591.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Outlast (CZ Dabing) (HKLM-x32\...\FPD_OUTLAST_is1) (Version: 1.0 - Fénix ProDabing)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.296.3.3 - Overwolf Ltd.)
PC Building Simulator (HKLM-x32\...\2147483071_is1) (Version: v1.15.3.0 - GOG.com)
PDFgear 2.1.14 (HKLM\...\{7DACF63A-4EE4-4837-9AF9-C65D4509FFB4}_is1) (Version: 2.1.14 - PDFgear)
POTION CRAFT ALCHEMIST SIMULATOR (HKLM-x32\...\POTION CRAFT ALCHEMIST SIMULATOR_) (Version: - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 231220 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 9.3 - Power Software Ltd)
PS Remote Play (HKLM-x32\...\{3A3A09F0-36EC-4CDD-BAA5-98BC05815E3C}) (Version: 5.5.0.08250 - Sony Interactive Entertainment Inc.)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.2 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.10.0730.071519 - Razer Inc.)
REDlauncher (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Resident Evil 4 Remake (HKLM-x32\...\Resident Evil 4 Remake_is1) (Version: 0.0.0 - DODI-Repacks)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.105.2720 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.146 - Rockstar Games)
Řež (HKLM-x32\...\Rez) (Version: - )
SIFU.REPACK-KaOs (HKLM\...\SIFU.REPACK-KaOs_is1) (Version: - ReMiX)
Silent Hill 2 Remake (HKLM-x32\...\Silent Hill 2 Remake_is1) (Version: - )
Slovenská lokalizácia hry Call of Duty: World War II (HKLM-x32\...\Lokalizacia CoDWW2) (Version: 1.0 - )
Spyro Reignited Trilogy (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Spyro Reignited Trilogy) (Version: - HOODLUM)
Starfield CZ v1.0 (HKLM-x32\...\Starfield CZ) (Version: 1.0 - Squiee)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Still Wakes the Deep (HKLM-x32\...\FLT_Still_Wakes_the_Deep) (Version: - )
Summer & Winter: Olympic Challenge (HKLM-x32\...\1820973446_is1) (Version: 1.0 - GOG.com)
Tetris Effect (HKLM-x32\...\Tetris Effect_is1) (Version: - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
TurboTop 2.8 (HKLM-x32\...\TurboTop_is1) (Version: 2.8.0.21 - Savard Software)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 140.0.10857 - Ubisoft)
Unreal Mod Unlocker Basic 0.35.8 (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\4e2d47ec-b6e7-5c43-9049-ebb0eaf9f354) (Version: 0.35.8 - Illusory)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.11.7 - Black Tree Gaming Ltd.)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WeMod (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\WeMod) (Version: 8.3.1 - WeMod)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
World of Warcraft Classic Era (HKLM-x32\...\World of Warcraft Classic Era) (Version: - Blizzard Entertainment)
Wrath of the Lich King Classic (HKLM-x32\...\Wrath of the Lich King Classic) (Version: - Blizzard Entertainment)
Zygor Client Uninstaller (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\902d341c-51df-594b-a26c-ea7ab5a2af33) (Version: 4.5.7 - Zygor Guides)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-14] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2026-05-03] ()
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_164.1.1128.0_x64__v10z8vjag6ke6 [2026-04-12] (HP Inc.)
LG Monitor App Installer -> C:\Program Files\WindowsApps\LGElectronics.LGMonitorApp_1.2602.502.0_x86__cfnzzhwkr8z5w [2026-03-09] (LG Electronics Inc.)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2026-05-10] ()
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft.Photos.MediaEngineDLC -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-11-24] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-09] (NVIDIA Corp.)
Sniptool -> C:\Program Files\WindowsApps\53483DanStromi.Sniptool_2.1.0.0_neutral__1wr99jw2hr0ag [2026-01-21] (DanStromi)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-31] (Microsoft Corp.)
WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.836.2153.0_x64__8wekyb3d8bbwe [2026-04-29] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8002.0.1.0_x64__8wekyb3d8bbwe [2026-04-29] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2022-06-21] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4011095094-138222901-1307975021-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4011095094-138222901-1307975021-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4011095094-138222901-1307975021-1001_Classes\CLSID\{9C1FB437-1219-4D0E-84FB-36F93444C8D6} -> [Xiaomi 15T Pro] => C:\Users\Gambo\CrossDevice\Xiaomi 15T Pro [2026-05-04 14:51]
CustomCLSID: HKU\S-1-5-21-4011095094-138222901-1307975021-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2026-04-20] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-05-10] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2026-04-20] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f4c7a2fd13e0f763\nvshext.dll [2026-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-05-10] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2026-04-20] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 1
HKLM\...\Drivers32: [midi1] => C:\Windows\system32\wdmaud2.drv [143360 2026-04-17] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [94720 2026-04-17] (Microsoft Windows -> Microsoft Corporation)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Gambo\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
==================== Loaded Modules (Whitelisted) =============
2024-11-16 16:06 - 2025-10-18 13:05 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.1.1
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe 2.5GbE Family Controller -> rt640x64.sys
Wi-Fi: Intel(R) Wi-Fi 6E AX210 160MHz -> Netwtw14.sys
steamxboxndi: Steam Xbox Controller Enhanced Features Driver
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gambo\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\496300837_1223697185793761_3587453401012997104_n.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Users\Gambo\AppData\Roaming\IntegrityCheck
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "TurboTop.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_FCBCAC5CBE4B3C071C4385DC999D9513"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "electron.app.CurseForge"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "GoogleDriveFS"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{53FE8E8E-7480-41D8-85C4-B8F0C6B78036}D:\hry\warcraft.iii.reforged.v1.36.1.21015\game\_retail_\x86_64\warcraft iii.exe] => (Block) D:\hry\warcraft.iii.reforged.v1.36.1.21015\game\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
FirewallRules: [TCP Query User{E2068BE6-CCE9-4165-85C8-6ABCCEBE9F80}D:\hry\warcraft.iii.reforged.v1.36.1.21015\game\_retail_\x86_64\warcraft iii.exe] => (Block) D:\hry\warcraft.iii.reforged.v1.36.1.21015\game\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
FirewallRules: [UDP Query User{12C1F8D5-03D9-481C-839E-37A41FD2F67F}D:\hry\assassins.creed.mirage.v1.0.6\game\scimitar_engine_win64_vs2019_dx12_qx.exe] => (Allow) D:\hry\assassins.creed.mirage.v1.0.6\game\scimitar_engine_win64_vs2019_dx12_qx.exe () [File not signed]
FirewallRules: [TCP Query User{451FEC1B-11E0-4A40-8F2C-9F476C5BA53E}D:\hry\assassins.creed.mirage.v1.0.6\game\scimitar_engine_win64_vs2019_dx12_qx.exe] => (Allow) D:\hry\assassins.creed.mirage.v1.0.6\game\scimitar_engine_win64_vs2019_dx12_qx.exe () [File not signed]
FirewallRules: [{58F7CE53-A9A4-4D92-9EAC-0B122ED54749}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Update\hl2.exe (Valve -> )
FirewallRules: [{8FA233D4-1713-44F0-9B42-E6294CDBFFB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Update\hl2.exe (Valve -> )
FirewallRules: [{64092CFE-B4DA-4F05-83B4-0DEB60BB7C21}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\Data\ra3_1.12.game (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{33688914-E4FF-4DF9-8C77-6BD26D953741}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\Data\ra3_1.12.game (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{03E1A480-0D5C-495A-AB72-73DF033549EE}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\RA3.exe (Electronic Arts, Inc. -> Electronic Arts, Inc.) [File not signed]
FirewallRules: [{BA513F4F-F93D-43FC-9295-7863062F5BE6}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\RA3.exe (Electronic Arts, Inc. -> Electronic Arts, Inc.) [File not signed]
FirewallRules: [{FA817050-5BD5-42FC-9EDC-1A0D59503405}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\Data\WorldBuilder.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{A13D3D04-2101-424A-BB86-B2F10DAB3299}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\Data\WorldBuilder.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{DCCCC23F-2B88-433E-91CA-489D19DD26F2}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\runme.exe (Electronic Arts, Inc. -> ) [File not signed]
FirewallRules: [{AB92AEF3-875A-4F79-B24E-E43F0E7FAE11}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\runme.exe (Electronic Arts, Inc. -> ) [File not signed]
FirewallRules: [UDP Query User{020403F8-28BA-4011-AAE1-A982E9877B8E}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [TCP Query User{B84A6887-1EB1-46D4-9308-3FF936C03579}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [UDP Query User{D6C75B23-8292-4BE4-9D5C-152AD053EDD9}D:\hry\call of duty ghosts\iw6sp64_ship.exe] => (Block) D:\hry\call of duty ghosts\iw6sp64_ship.exe => No File
FirewallRules: [TCP Query User{7AE4D61E-13EF-47F5-9BFD-6334E63EFBFE}D:\hry\call of duty ghosts\iw6sp64_ship.exe] => (Block) D:\hry\call of duty ghosts\iw6sp64_ship.exe => No File
FirewallRules: [UDP Query User{4309F14B-3703-4EE9-8591-86A9231CE031}D:\hry\call of duty black ops cold war\blackopscoldwar.exe] => (Block) D:\hry\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [TCP Query User{E07BE3F6-355B-469B-955F-99E7CA31084A}D:\hry\call of duty black ops cold war\blackopscoldwar.exe] => (Block) D:\hry\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{F5C391E3-A941-4C0E-9BA7-4228A587865B}D:\hry\call of duty black ops 2\t6mp.exe] => (Block) D:\hry\call of duty black ops 2\t6mp.exe (Activision Publishing Inc.) [File not signed]
FirewallRules: [TCP Query User{8A3F71A3-FBE8-4E6A-B44D-C74EE5BD4FC1}D:\hry\call of duty black ops 2\t6mp.exe] => (Block) D:\hry\call of duty black ops 2\t6mp.exe (Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{427F048C-95FC-4F82-91F4-1B9DB677B5D0}D:\hry\call of duty black ops 2\t6sp.exe] => (Block) D:\hry\call of duty black ops 2\t6sp.exe (Activision Publishing Inc.) [File not signed]
FirewallRules: [TCP Query User{BA4FE0A2-B827-43D4-BDE2-9AD5E7F7E319}D:\hry\call of duty black ops 2\t6sp.exe] => (Block) D:\hry\call of duty black ops 2\t6sp.exe (Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{3EAAD793-2550-4161-B606-C22E2F37C0DF}D:\hry\call of duty - black ops\blackops.exe] => (Block) D:\hry\call of duty - black ops\blackops.exe () [File not signed]
FirewallRules: [TCP Query User{8C7FEA20-1CE2-4B5D-9AB3-B7F99BF452B9}D:\hry\call of duty - black ops\blackops.exe] => (Block) D:\hry\call of duty - black ops\blackops.exe () [File not signed]
FirewallRules: [UDP Query User{BE51D356-08E8-4FFE-943D-7EC04E88350A}D:\hry\call of duty- modern warfare 3\iw5mp_server.exe] => (Allow) D:\hry\call of duty- modern warfare 3\iw5mp_server.exe () [File not signed]
FirewallRules: [TCP Query User{22BA52FE-52D4-4F98-9689-BEB1D12A9552}D:\hry\call of duty- modern warfare 3\iw5mp_server.exe] => (Allow) D:\hry\call of duty- modern warfare 3\iw5mp_server.exe () [File not signed]
FirewallRules: [UDP Query User{22D6361F-EF07-453D-8E95-F19EBB82EFE0}C:\users\gambo\downloads\anydesk.exe] => (Allow) C:\users\gambo\downloads\anydesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{C18D7D8B-5B51-47F7-9989-9F5C4B154FDB}C:\users\gambo\downloads\anydesk.exe] => (Allow) C:\users\gambo\downloads\anydesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{4B33ACA7-89BA-4253-A336-BF26BBD00B38}D:\steamlibrary\steamapps\common\black myth wukong benchmark tool\b1\binaries\win64\b1-win64-shipping.exe] => (Block) D:\steamlibrary\steamapps\common\black myth wukong benchmark tool\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [TCP Query User{AF237428-FC51-4AFC-BB16-7EF58452A07C}D:\steamlibrary\steamapps\common\black myth wukong benchmark tool\b1\binaries\win64\b1-win64-shipping.exe] => (Block) D:\steamlibrary\steamapps\common\black myth wukong benchmark tool\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [{827A8EE4-A0ED-4A11-BFCB-61B3753F2B89}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\launcher.x64.exe () [File not signed]
FirewallRules: [{5A9F5162-46AC-431A-92D0-BA9AB503F53F}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\launcher.x64.exe () [File not signed]
FirewallRules: [{05FF3FAD-102E-4504-92F5-C5D40CD299C0}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe (Robot Entertainment, Inc.) [File not signed]
FirewallRules: [{B1AFAB0D-ED7F-42B9-8917-3C6650816C24}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe (Robot Entertainment, Inc.) [File not signed]
FirewallRules: [{E48415FF-F9B4-40A8-BA0E-FA2D9A8FE5FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast 2\Binaries\Win64\Outlast2.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{7CBF65DC-BB96-4405-9924-62A30F01E1D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast 2\Binaries\Win64\Outlast2.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{A9D91C6F-D330-4D7C-927D-7CBAC2F05187}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [TCP Query User{C83160BB-4FA5-4E41-B9D5-3B1674262E05}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{C92E3B78-4589-486B-993B-EA64FA0A3B9E}] => (Allow) D:\SteamLibrary\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{F360539A-739C-47FD-B796-7CA05FF21F99}] => (Allow) D:\SteamLibrary\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{3B4219EF-56A1-4AA3-A5EC-AE53E98BC7F7}C:\program files (x86)\steam\steamapps\common\pine harbor demo\pineharbor\binaries\win64\pineharbor-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pine harbor demo\pineharbor\binaries\win64\pineharbor-win64-shipping.exe => No File
FirewallRules: [TCP Query User{7F4F698A-E8BF-4E6F-A349-40C232275B4A}C:\program files (x86)\steam\steamapps\common\pine harbor demo\pineharbor\binaries\win64\pineharbor-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pine harbor demo\pineharbor\binaries\win64\pineharbor-win64-shipping.exe => No File
FirewallRules: [UDP Query User{04A9AF66-B41F-45AE-9767-064602C578E4}D:\hry\911.operator.v17.10.2021\911.exe] => (Block) D:\hry\911.operator.v17.10.2021\911.exe () [File not signed]
FirewallRules: [TCP Query User{3B415AEC-6276-415D-A7B7-1F1D32F59B33}D:\hry\911.operator.v17.10.2021\911.exe] => (Block) D:\hry\911.operator.v17.10.2021\911.exe () [File not signed]
FirewallRules: [{BED7D5EC-3F23-407F-9232-46B9C180273A}] => (Allow) D:\SteamLibrary\steamapps\common\Codename Gordon\cg.exe (The Design Assembly GmbH) [File not signed]
FirewallRules: [{7EA218FD-81F8-4A98-B3E6-4320A8859864}] => (Allow) D:\SteamLibrary\steamapps\common\Codename Gordon\cg.exe (The Design Assembly GmbH) [File not signed]
FirewallRules: [UDP Query User{6909062A-2B9E-4BC7-891D-69AA01BA6261}D:\hry\call of duty world at war\codwaw.exe] => (Block) D:\hry\call of duty world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [TCP Query User{8D72BEEB-E5B9-4146-87E3-E19F8F42BAA8}D:\hry\call of duty world at war\codwaw.exe] => (Block) D:\hry\call of duty world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [UDP Query User{8A582100-8AFF-4F41-83C1-430976BAAF8D}D:\hry\nfs mw 2012\nfs13.exe] => (Block) D:\hry\nfs mw 2012\nfs13.exe => No File
FirewallRules: [TCP Query User{78797AFA-3A3B-4277-8B5D-11D6C5819BD4}D:\hry\nfs mw 2012\nfs13.exe] => (Block) D:\hry\nfs mw 2012\nfs13.exe => No File
FirewallRules: [UDP Query User{1BAF91AF-F933-49BD-9448-F6E8D8C4384A}D:\hry\hitman world of assassination\_peacock-v6.5.1-cracked\nodedist\node.exe] => (Allow) D:\hry\hitman world of assassination\_peacock-v6.5.1-cracked\nodedist\node.exe => No File
FirewallRules: [TCP Query User{67631FEA-C9AC-4575-9F0A-B4965B74CF99}D:\hry\hitman world of assassination\_peacock-v6.5.1-cracked\nodedist\node.exe] => (Allow) D:\hry\hitman world of assassination\_peacock-v6.5.1-cracked\nodedist\node.exe => No File
FirewallRules: [UDP Query User{586941B7-9352-4F56-98E0-44198F6A185E}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{BDCCBD37-2AE0-4BD4-AF98-419D631A91DB}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{15E4698B-29A1-4E14-B64A-19EEDFD76BD3}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{B88B019A-F072-45CD-93AB-A95C5C45F570}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{8F887F42-25D4-4B06-B28E-0C69F76BB325}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{A815AABB-2D21-407F-A984-4DBACF5E9D5B}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{5F9FAAC4-26E2-4E86-B013-18C8FFA9A9B1}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{64E22859-8D11-408E-A07F-885BE17E5951}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{AF501804-8E65-4039-A2B0-61748AC5C59E}D:\hry\red dead redemption 2\rdr2.exe] => (Block) D:\hry\red dead redemption 2\rdr2.exe => No File
FirewallRules: [TCP Query User{EE62437C-B83C-4D21-9C63-FA87D001AACA}D:\hry\red dead redemption 2\rdr2.exe] => (Block) D:\hry\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{82B3B08C-6928-488E-B056-C0936CEA8541}C:\program files (x86)\gog galaxy\games\medal of honor - allied assault war chest\mohaa.exe] => (Allow) C:\program files (x86)\gog galaxy\games\medal of honor - allied assault war chest\mohaa.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{F1093D41-8F4A-4B19-8498-F7FF0C78AB6E}C:\program files (x86)\gog galaxy\games\medal of honor - allied assault war chest\mohaa.exe] => (Allow) C:\program files (x86)\gog galaxy\games\medal of honor - allied assault war chest\mohaa.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{627F811E-9D3D-4E90-AA55-11EB2E0379E3}D:\hry\far cry 6\bin\farcry6.exe] => (Block) D:\hry\far cry 6\bin\farcry6.exe => No File
FirewallRules: [TCP Query User{131BDF7F-5322-4970-BCD4-8DC64E8EBBD3}D:\hry\far cry 6\bin\farcry6.exe] => (Block) D:\hry\far cry 6\bin\farcry6.exe => No File
FirewallRules: [{EA262F47-0B5D-4420-A697-BA724C6E7149}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{1AE1477F-D4A8-4B1B-966A-C0A4C2889CFF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{ACCC61B4-3AAA-47D5-A301-38A053B1D3C5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{27949089-8BB0-4FC2-B463-65CD6BB07137}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{F079764C-D2BE-462E-8654-FEDF35E0AA9C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{E2D7CD59-6748-4B0F-AD79-FB4AA02786D8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [UDP Query User{73065757-2A10-4ACC-8251-E3002BA72A38}C:\users\gambo\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\gambo\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{2CD67A39-69FF-4385-8124-F1D2C1F1F115}C:\users\gambo\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\gambo\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [{E5BE70CF-2124-4B93-8DBD-ED3841AC5FDA}] => (Allow) D:\SteamLibrary\steamapps\common\Ravenous devils\Ravenous_Devils.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2B6B8309-A23D-4CC3-A1DC-1DCD349934B8}] => (Allow) D:\SteamLibrary\steamapps\common\Ravenous devils\Ravenous_Devils.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{9C0BAFDC-17E2-48D1-BAD8-F5EB064227CC}D:\hry\diablo iv\diablo iv.exe] => (Allow) D:\hry\diablo iv\diablo iv.exe => No File
FirewallRules: [TCP Query User{8202EFEE-B748-480E-952F-A454D3654A40}D:\hry\diablo iv\diablo iv.exe] => (Allow) D:\hry\diablo iv\diablo iv.exe => No File
FirewallRules: [UDP Query User{7FD8EA98-A6D4-436F-B19A-A48EEF4D80AC}D:\hry\re4remake\re4.exe] => (Block) D:\hry\re4remake\re4.exe => No File
FirewallRules: [TCP Query User{95C8218F-9F89-4D05-8C4A-55237AA18BFD}D:\hry\re4remake\re4.exe] => (Block) D:\hry\re4remake\re4.exe => No File
FirewallRules: [{8E576B9C-6EDC-4FA9-B9BE-ED5E9EBF22A6}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{7370D68A-A795-4192-9107-C9E6A7F46643}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{05338246-4A51-4739-81EE-9C7501925E5A}] => (Allow) D:\SteamLibrary\steamapps\common\Painkiller Black Edition\Bin\Painkiller.exe (People Can Fly) [File not signed]
FirewallRules: [{1AEBBDBE-9437-402E-BCF6-1FF656F50047}] => (Allow) D:\SteamLibrary\steamapps\common\Painkiller Black Edition\Bin\Painkiller.exe (People Can Fly) [File not signed]
FirewallRules: [UDP Query User{A71B0AFB-0766-472B-8C7A-6C6A0AD3ECB8}D:\steamlibrary\steamapps\common\realrtcw\realrtcw.x64.exe] => (Block) D:\steamlibrary\steamapps\common\realrtcw\realrtcw.x64.exe () [File not signed]
FirewallRules: [TCP Query User{12BDF6DC-0A63-448C-9D83-CECDA8C88F34}D:\steamlibrary\steamapps\common\realrtcw\realrtcw.x64.exe] => (Block) D:\steamlibrary\steamapps\common\realrtcw\realrtcw.x64.exe () [File not signed]
FirewallRules: [{D7F44F74-EBD7-4732-83CA-E590C0439B63}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{B40CF756-4EB6-4B8B-B1D7-59AB44C30B5F}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{591AC28B-B66C-48BB-BD06-3659AE4EE70E}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{3AF7C1CC-B68F-4A42-893B-8A60E99E1A04}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{6A3C7452-7610-460D-A99E-E3E83266E8B0}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\mp\ioWolfMP.x86.exe () [File not signed]
FirewallRules: [{3E7850FD-0937-4444-B1B5-A5D7283FC834}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\mp\ioWolfMP.x86.exe () [File not signed]
FirewallRules: [{C679311F-F14B-4DB0-8F92-5D350810F677}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\coop\RTCWCoop.x86.exe () [File not signed]
FirewallRules: [{7B5A8222-6AB2-4D75-9BBD-337CADAEF5A9}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\coop\RTCWCoop.x86.exe () [File not signed]
FirewallRules: [{720A94C1-E500-4269-A67A-B5427532625F}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\launcher.x86.exe => No File
FirewallRules: [{06A410BD-4B80-4BBF-A066-16A9C0A4A8C9}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\launcher.x86.exe => No File
FirewallRules: [{A0485293-31D3-4E55-BBD6-9CC4B6FD9EE3}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\coop\RTCWCoop.x64.exe () [File not signed]
FirewallRules: [{C8737EFB-A1BD-44A9-A50A-54DD6803DAD3}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\coop\RTCWCoop.x64.exe () [File not signed]
FirewallRules: [UDP Query User{E971A9E1-723A-448F-999A-F302255FD7A4}D:\hry\doom 2016\doomx64.exe] => (Block) D:\hry\doom 2016\doomx64.exe => No File
FirewallRules: [TCP Query User{16320DB0-4D90-4DE5-8CFF-342C8DAC531A}D:\hry\doom 2016\doomx64.exe] => (Block) D:\hry\doom 2016\doomx64.exe => No File
FirewallRules: [UDP Query User{35CF105D-2CD1-4A42-8387-3EAEDEBA47B0}D:\hry\diablo iv - beta\diablo iv.exe] => (Allow) D:\hry\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [TCP Query User{CA0A6F9E-CF01-4D6E-AC9D-BDF84474BCFB}D:\hry\diablo iv - beta\diablo iv.exe] => (Allow) D:\hry\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [UDP Query User{C7683798-3118-49B1-A4BA-AAA18432065E}D:\hry\hogwarts.legacy.digital.deluxe.edition\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts.legacy.digital.deluxe.edition\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{61570425-C230-4C6B-BD1B-61F3FD919614}D:\hry\hogwarts.legacy.digital.deluxe.edition\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts.legacy.digital.deluxe.edition\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{E1AAA9A5-0B02-475C-9CB3-F3A76C1AD07A}D:\hry\hogwarts.legacy.digital.deluxe.edition\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts.legacy.digital.deluxe.edition\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{CEE2FF07-5904-4061-A920-22B5D9155579}D:\hry\hogwarts.legacy.digital.deluxe.edition\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts.legacy.digital.deluxe.edition\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{AA7C6A4C-922C-4408-936B-0E49B8B7CC36}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe => No File
FirewallRules: [TCP Query User{D4800AFC-9D3A-433B-B99D-984D77F1F57D}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe => No File
FirewallRules: [UDP Query User{B3BA85D2-80AC-4B7D-9733-875A8B981F75}C:\users\gambo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\gambo\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [TCP Query User{DB370207-7937-4165-B356-BEECA8A7B7A8}C:\users\gambo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\gambo\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{91A5DABE-DA61-48EE-9173-6844FD707E5D}D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe => No File
FirewallRules: [TCP Query User{BE808516-52FC-4425-9F42-7DA64E80FD99}D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe => No File
FirewallRules: [{FB748B3A-ED7A-401F-9F6F-72104961BD4E}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto 3\gta3.exe () [File not signed]
FirewallRules: [{508A81AC-ED99-4F38-9ABF-7AB0447A4D62}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto 3\gta3.exe () [File not signed]
FirewallRules: [{63F956F6-52A7-455D-8ABE-B1DC67F0E794}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{90775279-6662-4313-853A-9952A61EC0B0}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{8698820F-7B98-401F-8AC7-86FCFAAD57EB}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{F3CE88D3-4BA1-4CEC-AC9C-2B928B70346E}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [UDP Query User{E6AE3F31-EDBD-4854-8F48-6919C3ED46AE}D:\ron\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Block) D:\ron\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe => No File
FirewallRules: [TCP Query User{CBC96BF0-03C6-4043-AEDD-7EEFE229458C}D:\ron\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Block) D:\ron\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe => No File
FirewallRules: [{7C8FC9EB-27BD-4AE1-B961-A82286F93A0A}] => (Allow) D:\SteamLibrary\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{8E5C4903-BF0F-485D-B088-19B82C95559D}] => (Allow) D:\SteamLibrary\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [UDP Query User{E15CA2D7-6E72-4C60-A11E-2D2150620039}D:\hry\resident evil village\re8.exe] => (Block) D:\hry\resident evil village\re8.exe => No File
FirewallRules: [TCP Query User{4E39D151-55B5-4784-9C99-EECC703E381E}D:\hry\resident evil village\re8.exe] => (Block) D:\hry\resident evil village\re8.exe => No File
FirewallRules: [UDP Query User{2BFAF312-D17E-4E89-AE51-92EEBF42FBEE}D:\steamlibrary\steamapps\common\the outlast trials playtest\opp\binaries\win64\totclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the outlast trials playtest\opp\binaries\win64\totclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{FF387A71-F994-49E7-A46E-6F5209795B42}D:\steamlibrary\steamapps\common\the outlast trials playtest\opp\binaries\win64\totclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the outlast trials playtest\opp\binaries\win64\totclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2FEE3764-0AE8-4175-8CCE-5DB40188A1CF}D:\hry\call of duty- modern warfare 3\iw5sp.exe] => (Block) D:\hry\call of duty- modern warfare 3\iw5sp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [TCP Query User{5012681D-0561-483E-BB28-0AFBD563041D}D:\hry\call of duty- modern warfare 3\iw5sp.exe] => (Block) D:\hry\call of duty- modern warfare 3\iw5sp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [UDP Query User{4292F593-C5B8-444A-9406-93CD0371462C}D:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) D:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe (Activision Publishing -> Activision)
FirewallRules: [TCP Query User{07735F59-710B-4BA9-BC10-DE323DD5F275}D:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) D:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe (Activision Publishing -> Activision)
FirewallRules: [UDP Query User{1AC7DA5C-3395-4B66-8652-CDAAB31CE6C4}D:\hry\uncharted legacy of thieves collection\u4.exe] => (Block) D:\hry\uncharted legacy of thieves collection\u4.exe => No File
FirewallRules: [TCP Query User{EFEE04A3-E7A3-4ED8-A88A-CCD9A5915BA5}D:\hry\uncharted legacy of thieves collection\u4.exe] => (Block) D:\hry\uncharted legacy of thieves collection\u4.exe => No File
FirewallRules: [{BE8338AE-E0D6-4006-BE83-F9EAFEE86FFB}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22147.303.1400.1220_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CBDC0294-6CA3-4E35-8FC7-63135E7A9773}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22147.303.1400.1220_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F78FD923-6F94-4E81-B4D7-8D3BBC476617}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E9224AF4-BFBF-43CE-8FD6-709BC5B61E33}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1D94D4C4-6786-4633-8307-FE759194F4B7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A36ADEF-B84E-4394-B9EC-4903C5E37747}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0DA59850-7E61-4239-8E9B-A0C18779214A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{39875AD9-8B90-468E-949F-68A44803A24E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{5BC22E40-6186-467A-AA81-9CE1498E2C0F}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{01393469-1608-4526-9250-EBDE5D87F061}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{A1A82760-DEC1-41E6-99BF-8EF17FA296D2}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe => No File
FirewallRules: [{2DBE848A-773D-4EE6-9C77-F30D20230EA7}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe => No File
FirewallRules: [TCP Query User{DD7021C5-F0F9-4DE5-BA11-FDF0ACD67C59}D:\hry\reddeadredemption2\rdr2.exe] => (Allow) D:\hry\reddeadredemption2\rdr2.exe => No File
FirewallRules: [UDP Query User{5AA401BE-7B39-4868-B87B-249A131B0C5C}D:\hry\reddeadredemption2\rdr2.exe] => (Allow) D:\hry\reddeadredemption2\rdr2.exe => No File
FirewallRules: [TCP Query User{5AA95D43-2162-4F95-B6AD-DDF6D66DFB22}D:\hry\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{3C479A54-9805-4FEB-B674-AF762C93F525}D:\hry\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{291B16D0-11D9-4FF3-8983-0C6D29FA9685}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{30E833ED-A5F7-4FEB-A4EA-45794FDEE2F9}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [{AB618B5C-B8A6-4B4C-B579-0FC9FEDCFBDB}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{BEF6102C-3725-4C82-A4EB-23818C865E8D}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{60AB1639-9483-446D-946E-F7E5C7484548}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 2\CoD2MP_s.exe () [File not signed]
FirewallRules: [{0F8F44A5-F148-47D8-A668-6F5842D903F1}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 2\CoD2MP_s.exe () [File not signed]
FirewallRules: [TCP Query User{9360FC4B-638F-4602-8122-F1F6E3C1B117}D:\hry\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) D:\hry\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe (Activision Publishing, Inc.) [File not signed]
FirewallRules: [UDP Query User{E92BEAEC-2117-43B0-BF1C-D5B707AEB637}D:\hry\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) D:\hry\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe (Activision Publishing, Inc.) [File not signed]
FirewallRules: [TCP Query User{589C7777-CCF8-431A-8FBF-823642934EB3}D:\hry\call of duty vanguard\vanguard.exe] => (Allow) D:\hry\call of duty vanguard\vanguard.exe => No File
FirewallRules: [UDP Query User{74A88364-9C98-45BE-8097-206DEA9D6D46}D:\hry\call of duty vanguard\vanguard.exe] => (Allow) D:\hry\call of duty vanguard\vanguard.exe => No File
FirewallRules: [{6AF57F56-E027-4203-8412-10DEEC0CCF53}] => (Allow) D:\SteamLibrary\steamapps\common\Dr. Trolley's Problem\Trolley.exe () [File not signed]
FirewallRules: [{08BA0ED2-14B9-4B44-B7D9-27B23FCEB332}] => (Allow) D:\SteamLibrary\steamapps\common\Dr. Trolley's Problem\Trolley.exe () [File not signed]
FirewallRules: [{5D5ACE79-8730-481A-B2BA-ADE523D22B28}] => (Allow) D:\Hry\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{2BAAC7F3-CB14-473F-AF16-DBB82FAAE056}] => (Allow) D:\Hry\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{3EC7F759-FB0C-4835-8181-54CB41BC2456}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{E7E64276-D2A4-4910-B664-DF28A546E0C1}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{C428EE8B-6483-410E-9ED8-506027E45630}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{26115CDB-5DE8-430F-B2A1-3DE7822731B2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [TCP Query User{E6A0758C-41B7-4E04-9B09-D283C6DAE707}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{50801E68-F958-4ED5-8A9E-AD0AF485AB73}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{00EF33B8-410D-4E91-B4E4-A73EB4699062}D:\hry\green hell vr\ghvr.exe] => (Block) D:\hry\green hell vr\ghvr.exe => No File
FirewallRules: [UDP Query User{E7AB321B-2250-47FE-9B90-7BA0BD4225FD}D:\hry\green hell vr\ghvr.exe] => (Block) D:\hry\green hell vr\ghvr.exe => No File
FirewallRules: [{A989A17E-4BF5-4CB0-A713-AB94D4CD7950}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{A839C341-2F4F-4E4D-8D14-18EEFD780C5E}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{8E841B4E-8148-4BA2-9236-D8592AEEF9E7}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{5719C818-8DF0-4355-AC49-11B8970A67BB}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{2602D3EF-6BA3-4234-BD37-3DB1E48FAE3C}] => (Allow) C:\Program Files (x86)\Sony\PS Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [TCP Query User{538DF512-E41F-4F77-8BBA-EF72F1A6658F}D:\hry\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) D:\hry\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe => No File
FirewallRules: [UDP Query User{785DAF47-8FBF-4559-8285-C53B1DC6C290}D:\hry\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) D:\hry\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe => No File
FirewallRules: [{267ECC4E-6ACF-4681-9497-4013A38EC284}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{15F216E7-1637-498C-AC72-918D5E5C9C7F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{C8580D9D-DF62-4F23-9581-FCA229830F8A}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Generals\Generals.exe (Electronic Arts, Inc. -> ) [File not signed]
FirewallRules: [{12C9B677-15A2-4534-B7F5-8C7A7E1D2492}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Generals\Generals.exe (Electronic Arts, Inc. -> ) [File not signed]
FirewallRules: [{DC6533E7-67E8-45EA-8B42-23F20D07F7A0}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Generals\WorldBuilder.exe (Electronic Arts, Inc. -> Electronic Arts) [File not signed]
FirewallRules: [{8EE49709-9ECD-49F9-BCF1-354027BEF4D9}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Generals\WorldBuilder.exe (Electronic Arts, Inc. -> Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{BB8EC97E-46AC-4FAD-B420-F6143D4A0EB8}D:\hry\re4\resident evil 4 remake\re4.exe] => (Allow) D:\hry\re4\resident evil 4 remake\re4.exe => No File
FirewallRules: [UDP Query User{9EFB739D-C090-4A79-92DC-ECC25C190FAC}D:\hry\re4\resident evil 4 remake\re4.exe] => (Allow) D:\hry\re4\resident evil 4 remake\re4.exe => No File
FirewallRules: [TCP Query User{F7C2671F-A144-4B7F-AD26-403CE6AE6B22}D:\hry\resident evil 4 remake\re4.exe] => (Block) D:\hry\resident evil 4 remake\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [UDP Query User{C1FAAE02-4B9A-4276-94BC-E901981C3E69}D:\hry\resident evil 4 remake\re4.exe] => (Block) D:\hry\resident evil 4 remake\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{DA72444E-AE4D-4FB3-B919-0F3992F15AD8}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{8E6AAEB6-CF91-4A35-AFB3-7F203E787FE1}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{0D8EE908-C25C-4073-89A4-3E7A80DB1B48}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{A876D348-44AC-428B-B4D4-817F588B784C}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2C3CECE6-6720-45F8-9FC8-B8274EEC8B49}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DA8DA454-0888-4365-BB1C-7AF41F41DD78}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{08564B8E-9892-4E09-B659-F02B1D07DEEA}C:\users\gambo\downloads\resident.evil.requiem.deluxe.edition.build.22277314-insaneramzes\re9.exe] => (Block) C:\users\gambo\downloads\resident.evil.requiem.deluxe.edition.build.22277314-insaneramzes\re9.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [UDP Query User{2E6BBBD0-E900-49B6-B15F-65E7420C2207}C:\users\gambo\downloads\resident.evil.requiem.deluxe.edition.build.22277314-insaneramzes\re9.exe] => (Block) C:\users\gambo\downloads\resident.evil.requiem.deluxe.edition.build.22277314-insaneramzes\re9.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [TCP Query User{7C0E277B-44BA-4E40-A522-ADACD99C269F}D:\hry\cleared.hot.v0.2.5.17788\game\clearedhot.exe] => (Block) D:\hry\cleared.hot.v0.2.5.17788\game\clearedhot.exe () [File not signed]
FirewallRules: [UDP Query User{3799C280-93FB-4125-AE4B-B5B3060ED8EF}D:\hry\cleared.hot.v0.2.5.17788\game\clearedhot.exe] => (Block) D:\hry\cleared.hot.v0.2.5.17788\game\clearedhot.exe () [File not signed]
FirewallRules: [{065E14E7-DD19-4EC2-823B-C2EB4A0210D4}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.2\OverwolfBrowser.exe => No File
FirewallRules: [{E045E8BD-2FEB-4455-9CB4-A3E76D322FBC}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.2\OverwolfBrowser.exe => No File
FirewallRules: [{CB797184-37D1-469C-BAB6-305FA004DFD4}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.2\OverwolfBrowser.exe => No File
FirewallRules: [{6E157A6B-6FEB-40CE-B3A0-BBFBA2224EE6}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.2\OverwolfBrowser.exe => No File
FirewallRules: [{FACB8B74-81C8-433D-9B93-0AD81C827577}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.2.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{515603FF-9639-4F86-B57B-93E5BC1CEAE1}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.2.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6668A7FE-0099-4968-96A3-82C6B854C18B}] => (Block) C:\Program Files (x86)\Overwolf\0.296.2.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3E74E481-D932-403E-85F3-85301C01C2D2}] => (Block) C:\Program Files (x86)\Overwolf\0.296.2.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E4F8D66D-56FA-4320-B620-51FB05B73603}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{637CB394-32A4-4F4E-B3F0-EE3DA7A4D489}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{20F2B360-6C55-4D0E-A4B0-5EA5433B61B7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A4424AD1-7DA1-4F94-B1C0-06114F5B2B07}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Restore Points =========================
03-05-2026 12:08:55 Windows Update
03-05-2026 12:08:55 Windows Update
03-05-2026 12:08:55 Windows Update
06-05-2026 18:23:24 Windows Update
06-05-2026 18:23:29 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/10/2026 07:36:34 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 28.4.2026.0 programu FRST64.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
System errors:
=============
Error: (05/10/2026 07:43:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Game Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Synapse Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Spustit nakonfigurovaný program pro obnovení.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Central Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GameInput Redist Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management Engine WMI Provider Registration byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2026-05-09 14:52:22
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Kepavll!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Gambo\AppData\Local\Temp\Rar$EXa50644.27823\vsdbg.dll
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: GG\Gambo
Název procesu: C:\Users\Gambo\AppData\Local\Temp\Rar$EXa50644.27823\poweriso-software-github-io-1.98.2.exe
Verze bezpečnostních informací: AV: 1.449.523.0, AS: 1.449.523.0, NIS: 1.449.523.0
Verze modulu: AM: 1.1.26030.3008, NIS: 1.1.26030.3008
Date: 2026-05-09 13:17:29
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{8C2599CD-82CD-4BF5-BD27-785EE7BF24E7}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
Date: 2026-05-07 14:42:26
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{6F73C106-7EC2-4984-81E2-8A78352C16C5}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
Date: 2026-05-06 18:23:19
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{25C31394-451F-44FD-95C3-FABF2BE744DC}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
Date: 2026-05-05 17:02:58
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{5299EEC6-9DFC-405C-A1A2-E1559D5E3B59}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
CodeIntegrity:
===============
Date: 2026-05-10 07:51:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Chrome\Application\148.0.7778.97\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2026-05-10 07:51:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Chrome\Application\148.0.7778.97\vk_swiftshader.dll that did not meet the Microsoft signing level requirements.
Date: 2026-05-10 07:37:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2026-05-09 23:41:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Gambo\AppData\Local\Discord\app-1.0.9234\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.296.3.3\OWClient.dll that did not meet the Microsoft signing level requirements.
Date: 2026-05-09 23:41:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Gambo\AppData\Local\Discord\app-1.0.9234\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.296.3.3\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. 2.30 09/09/2021
Motherboard: Micro-Star International Co., Ltd. MAG B560 TOMAHAWK WIFI (MS-7D15)
Processor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Percentage of memory in use: 26%
Total physical RAM: 32649.62 MB
Available physical RAM: 23985.73 MB
Total Virtual: 34697.62 MB
Available Virtual: 25234.83 MB
==================== Drives ================================
Drive c: (Sw+Steam+GoG+Epic) (Fixed) (Total:930.02 GB) (Free:421.99 GB) (Model: WD Blue SN570 1TB) NTFS
Drive d: (Games) (Fixed) (Total:953.85 GB) (Free:218.24 GB) (Model: ADATA SX8200PNP) NTFS
\\?\Volume{288264bc-81ff-430c-a0c6-36b087755420}\ () (Fixed) (Total:0.82 GB) (Free:0.1 GB) NTFS
\\?\Volume{271db3a4-7ebf-4199-90d0-6ce5711324b5}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS
\\?\Volume{289d127b-18be-4841-8dc4-67a47a968274}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
)Prosím o kontrolu logu, podezření konkrétní nemám, jen klasicky "ukradnutý" účet z IG na pár minut i přes 2fazove overovaní, jediny misto odkud by to mohlo jit je tento PC.
Díky moc a at se dari.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2026
Ran by Gambo (administrator) on GG (Micro-Star International Co., Ltd. MS-7D15) (10-05-2026 07:49:01)
Running from C:\Users\Gambo\Desktop\FRST64 (1).exe
Loaded Profiles: Gambo
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe <2>
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\Total Commander\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MidiSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f4c7a2fd13e0f763\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.264.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\124.0.3.0\GoogleDriveFS.exe [77810328 2026-04-30] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\124.0.3.0\GoogleDriveFS.exe [77810328 2026-04-30] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1987904 2026-05-01] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [39520672 2025-11-13] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13872608 2023-06-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\124.0.3.0\GoogleDriveFS.exe [77810328 2026-04-30] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [42087896 2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [electron.app.CurseForge] => C:\Users\Gambo\AppData\Local\Programs\CurseForge Windows\CurseForge.exe [211986448 2026-04-26] (Overwolf Ltd -> Overwolf)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Run: [MicrosoftEdgeAutoLaunch_FCBCAC5CBE4B3C071C4385DC999D9513] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5216584 2026-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\MountPoints2: {ff336b00-14de-11ed-9013-d8bbc14ca168} - "F:\setup.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\124.0.3.0\GoogleDriveFS.exe [77810328 2026-04-30] (Google LLC -> Google LLC.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\HP be2a Status Monitor: C:\Windows\system32\hpinkstsbe2aLM.dll [468576 2018-06-15] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3971224 2026-04-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\148.0.7778.97\Installer\chrmstp.exe [7614616 2026-05-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\148.1.90.121\Installer\chrmstp.exe [6168144 2026-05-07] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TurboTop.lnk [2022-07-29]
ShortcutTarget: TurboTop.lnk -> C:\Program Files (x86)\TurboTop\TurboTop.exe (Savard Software -> Savard Software)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {D1D59D46-021A-4B28-A6FA-30E32B3D08E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {04DB1BFF-58A1-4A85-A84A-4983BADDD126} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{F7F6B3D9-B89F-4FAD-A681-F24066316110} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2026-05-06] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {A6A2D267-410D-45DA-957F-A86F81AF6645} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{2F9E7761-7944-4808-841A-F9FB297FC5A9} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2026-05-06] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {00B2D801-7253-4901-915D-C1C8D7099EFD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem149.0.7814.0{B185B800-AB9B-4704-8905-F00D24EFBB4E} => C:\Program Files (x86)\Google\GoogleUpdater\149.0.7814.0\updater.exe [8770200 2026-04-28] (Google LLC -> Google LLC)
Task: {741A1213-4CDE-45D1-9D40-6A206C9CDE5B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [95240 2026-04-12] (HP Inc. -> HP Inc.)
Task: {F129A21B-5503-492D-BB4B-30B05A74F0CF} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [95240 2026-04-12] (HP Inc. -> HP Inc.)
Task: {47DFF2D8-75A7-4183-BE70-3C736AD64678} - System32\Tasks\Intel\Intel Telemetry 3 => C:\Program Files\Intel\Telemetry 3.0\lrio.exe [6045240 2024-02-14] (Intel Corporation -> Intel Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {D54C8FA2-1932-47FB-9F91-F1B2E506D621} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B8EC246-F4AD-4805-9199-AFF8AB984D7F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE4E9AD3-E908-4477-93A8-5D5F43D996EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8B1091A-3B23-4DAE-87E7-D1064D634FF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D9FC952-DBD0-4C49-B444-E910836C428E} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-09-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FEC84663-A901-43FF-9DF6-77DAAE3B1915} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2399560 2026-05-01] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {CF203CAF-20D7-477C-833F-C8560A6D1CE9} - System32\Tasks\TempClean1 => C:\Windows\system32\wevtutil.exe [299008 2025-11-13] (Microsoft Windows -> Microsoft Corporation) -> cl Application <==== ATTENTION
Task: {499BCDC6-3941-44BE-98FC-74E06C5AF762} - System32\Tasks\TempClean2 => C:\Windows\system32\wevtutil.exe [299008 2025-11-13] (Microsoft Windows -> Microsoft Corporation) -> cl System <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0dabefed-6c96-4ba2-9e5f-70331d309246}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b2b41660-b851-4ac6-9eb0-b94568299a0e}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Inc.)
Edge:
=======
Edge Profile: C:\Users\Gambo\AppData\Local\Microsoft\Edge\User Data\Default [2026-05-09]
Edge Extension: (Dokumenty Google offline) - C:\Users\Gambo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\Gambo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-10]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default [2026-05-10]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2026-05-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-19]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-21]
CHR Profile: C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-10]
CHR Profile: C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-08-11]
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.cz/"
CHR Extension: (Just Black) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2022-06-21]
CHR Extension: (BetterTTV) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2025-08-11]
CHR Extension: (PotPlayer YouTube Shortcut, Open Links) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfdpeaefecdlkdlgdpjjllmhlnckcodp [2025-08-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-08-11]
CHR Extension: (FrankerFaceZ) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2025-08-11]
CHR Extension: (Return YouTube Dislike) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gebbhagfogifgggkldgodflihgfeippi [2025-05-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-08-11]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-05-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2025-05-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-21]
CHR Profile: C:\Users\Gambo\AppData\Local\Google\Chrome\User Data\System Profile [2026-05-10]
CHR HKU\S-1-5-21-4011095094-138222901-1307975021-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR DefaultProfile: Default
Brave:
=======
BRA Profile: C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2026-05-09]
BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2026-05-08]
BRA Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2026-05-06]
BRA Extension: (Brave Ad Block Updater (Brave First Party Adblock Filters (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2026-05-08]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2026-05-08]
BRA Extension: (Brave NTP background images) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2026-05-06]
BRA Extension: (Brave Ad Block Updater (Mobile app promo blocker (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2026-05-08]
BRA Extension: (Brave Ad Block Updater (Cookie notice blocker (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2026-05-09]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2026-05-09]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2026-05-06]
BRA Extension: (Brave Ads Resources) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2026-05-06]
BRA Extension: (Brave Ad Block Updater (Brave Default Adblock Filters (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2026-05-09]
BRA Extension: (Brave Ad Block Updater (Brave Default Privacy Filters (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\kihnoaefogbkmblfimmibknnmkllbhlf [2026-05-09]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2026-05-06]
BRA Extension: (Brave User Agent) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\nlpaeekllejnmhoonlpcefpfnpbajbpe [2026-05-08]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\Gambo\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2026-05-06]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2026-05-06] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\148.1.90.121\elevation_service.exe [4675664 2026-05-07] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2026-05-06] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3071904 2025-11-13] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-06-22] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2346464 2023-06-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-06-07] (GOG sp. z o.o -> GOG.com)
S2 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [401792 2026-04-10] (Microsoft Corporation -> Windows (R) Win 7 DDK provider)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [244232 2026-04-12] (HP Inc. -> HP Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11483256 2026-05-10] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-05-10] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f4c7a2fd13e0f763\Display.NvContainer\NVDisplay.Container.exe [1275624 2026-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2399560 2026-05-01] (Overwolf Ltd -> Overwolf LTD)
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300232 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1576056 2025-12-05] (Rockstar Games, Inc. -> Rockstar Games)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513672 2025-04-28] (Razer USA Ltd. -> Razer Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [569344 2024-12-08] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [200704 2024-12-08] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2024-12-08] (Microsoft Corporation) [File not signed]
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-03-09] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2026-05-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245864 2026-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [647560 2026-04-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-17] (Microsoft Windows -> Microsoft Corporation)
S3 usbscan; \SystemRoot\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys (No File)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2026-05-10 07:49 - 2026-05-10 07:49 - 000025024 _____ C:\Users\Gambo\Desktop\FRST.txt
2026-05-10 07:46 - 2026-05-10 07:48 - 002447360 _____ (Farbar) C:\Users\Gambo\Desktop\FRST64 (1).exe
2026-05-10 07:42 - 2026-05-10 07:43 - 000000000 ____D C:\AdwCleaner
2026-05-10 07:42 - 2026-05-10 07:42 - 009633776 _____ (Malwarebytes) C:\Users\Gambo\Downloads\adwcleaner_8.7.1.exe
2026-05-10 07:42 - 2026-05-10 07:42 - 009633072 _____ (Malwarebytes) C:\Users\Gambo\Downloads\adwcleaner.exe
2026-05-10 07:36 - 2026-05-10 07:38 - 000000000 ____D C:\Users\Gambo\AppData\Local\Malwarebytes
2026-05-10 07:36 - 2026-05-10 07:36 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2026-05-10 07:36 - 2026-05-10 07:36 - 000002098 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2026-05-10 07:36 - 2026-05-10 07:36 - 000000000 ____D C:\Users\Gambo\AppData\Local\Sentry
2026-05-10 07:35 - 2026-05-10 07:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2026-05-10 07:35 - 2026-05-10 07:35 - 000000000 ____D C:\Program Files\Malwarebytes
2026-05-10 07:34 - 2026-05-10 07:49 - 000000000 ____D C:\FRST
2026-05-10 07:34 - 2026-05-10 07:35 - 002851456 _____ (Malwarebytes) C:\Users\Gambo\Downloads\MBSetup.exe
2026-05-10 07:34 - 2026-05-10 07:35 - 000027076 _____ C:\Users\Gambo\Downloads\FRST.txt
2026-05-10 07:33 - 2026-05-10 07:33 - 002447360 _____ (Farbar) C:\Users\Gambo\Downloads\FRST64.exe
2026-05-09 14:55 - 2026-05-09 14:55 - 000000000 ____D C:\Users\Public\Documents\MicrosoftStore
2026-05-09 14:55 - 2026-05-09 14:55 - 000000000 ____D C:\Users\Gambo\AppData\Local\NewMoon
2026-05-09 14:53 - 2026-05-09 14:53 - 005784976 _____ (Power Software Ltd) C:\Users\Gambo\Downloads\PowerISO9-x64.exe
2026-05-09 14:53 - 2026-05-09 14:53 - 000000870 _____ C:\Users\Public\Desktop\PowerISO.lnk
2026-05-09 14:53 - 2026-05-09 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2026-05-09 14:53 - 2026-05-09 14:53 - 000000000 ____D C:\Program Files\PowerISO
2026-05-09 14:53 - 2017-06-07 02:36 - 000138296 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2026-05-09 14:49 - 2026-05-09 14:49 - 001576544 _____ (Sysprogs OU) C:\Users\Gambo\Downloads\WinCDEmu-4.1 (1).exe
2026-05-09 14:49 - 2026-05-09 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2026-05-09 14:48 - 2026-05-09 14:48 - 002002280 _____ (Akeo Consulting) C:\Users\Gambo\Downloads\rufus-4.14.exe
2026-05-09 14:48 - 2026-05-09 14:48 - 000000270 __RSH C:\ProgramData\ntuser.pol
2026-05-07 14:35 - 2026-05-07 14:35 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2026-05-07 14:35 - 2026-05-07 14:35 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2026-05-06 15:53 - 2026-05-07 19:59 - 000002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2026-05-06 15:53 - 2026-05-07 19:59 - 000002340 _____ C:\Users\Public\Desktop\Brave.lnk
2026-05-06 15:53 - 2026-05-06 15:53 - 001276768 _____ (BraveSoftware Inc.) C:\Users\Gambo\Downloads\BraveBrowserSetup-BRV010.exe
2026-05-06 15:53 - 2026-05-06 15:53 - 000003866 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{2F9E7761-7944-4808-841A-F9FB297FC5A9}
2026-05-06 15:53 - 2026-05-06 15:53 - 000003742 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{F7F6B3D9-B89F-4FAD-A681-F24066316110}
2026-05-06 15:53 - 2026-05-06 15:53 - 000000000 ____D C:\Users\Gambo\AppData\Local\BraveSoftware
2026-05-06 15:53 - 2026-05-06 15:53 - 000000000 ____D C:\Program Files\BraveSoftware
2026-05-06 15:53 - 2026-05-06 15:53 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2026-05-05 17:05 - 2026-05-09 08:53 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-05-04 19:41 - 2026-05-04 19:42 - 000000000 ____D C:\Users\Gambo\Downloads\REPLACED-RUNE
2026-05-04 14:51 - 2026-05-04 14:51 - 000000000 ____D C:\Users\Gambo\CrossDevice
2026-05-04 14:51 - 2026-05-04 14:51 - 000000000 ____D C:\ProgramData\CrossDevice
2026-05-03 10:09 - 2026-05-03 10:09 - 000482612 _____ C:\Users\Gambo\Downloads\4002493421.pdf
2026-05-01 14:22 - 2026-05-01 14:23 - 000000000 ____D C:\Users\Gambo\Desktop\Kolo
2026-05-01 14:11 - 2026-05-01 14:11 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\msihmdt
2026-05-01 14:06 - 2026-05-01 14:07 - 3580476785 _____ C:\Users\Gambo\Downloads\SimtSimulator_1-8-101.zip
2026-05-01 14:06 - 2026-05-01 14:06 - 001212933 _____ C:\Users\Gambo\Downloads\SimtSimulator_patch1131.zip
2026-04-30 17:33 - 2026-04-30 17:42 - 000000000 ____D C:\common_attachment
2026-04-30 17:32 - 2026-04-30 17:32 - 000000000 ____D C:\Users\Gambo\AppData\Local\Bytedance
2026-04-30 17:31 - 2026-04-30 17:31 - 000001390 _____ C:\Users\Gambo\Desktop\CapCut.lnk
2026-04-30 17:31 - 2026-04-30 17:31 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut
2026-04-30 17:31 - 2026-04-30 17:31 - 000000000 ____D C:\Users\Gambo\AppData\Local\VEDetector
2026-04-30 17:31 - 2026-04-30 17:31 - 000000000 ____D C:\Users\Gambo\AppData\Local\CapCut
2026-04-30 17:30 - 2026-04-30 17:30 - 002879000 _____ C:\Users\Gambo\Downloads\CapCut_7634575114851336209_installer.exe
2026-04-30 15:44 - 2026-04-30 15:44 - 000000585 _____ C:\Users\Public\Desktop\Burning Crusade Anniversary.lnk
2026-04-30 15:44 - 2026-04-30 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burning Crusade Anniversary
2026-04-28 19:13 - 2026-04-28 19:13 - 000000000 ____D C:\Users\Gambo\AppData\LocalLow\Not Knowing Corporation
2026-04-28 19:07 - 2026-04-28 19:10 - 1330359536 _____ C:\Users\Gambo\Downloads\Cleared.Hot.v0.2.4.17671.rar
2026-04-28 19:07 - 2026-04-28 19:10 - 1326038977 _____ C:\Users\Gambo\Downloads\Cleared.Hot.v0.2.5.17788.rar
2026-04-28 15:25 - 2026-04-28 15:25 - 000031110 _____ C:\Users\Gambo\Downloads\okolo-brnenske-prehrady-k-hradu-veveri-a-na-stezku-zouvalka (1).pdf
2026-04-28 15:22 - 2026-04-28 15:22 - 000031110 _____ C:\Users\Gambo\Downloads\okolo-brnenske-prehrady-k-hradu-veveri-a-na-stezku-zouvalka.pdf
2026-04-23 16:42 - 2026-04-23 16:42 - 000000000 ____D C:\Program Files\Microsoft GameInput
2026-04-23 16:41 - 2026-04-23 16:41 - 000477640 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_e.dll.0
2026-04-23 14:44 - 2026-05-10 07:38 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\CurseForge
2026-04-23 14:44 - 2026-04-27 15:31 - 000000000 ____D C:\Users\Gambo\AppData\Local\curseforge-updater
2026-04-23 14:44 - 2026-04-23 14:44 - 000002446 _____ C:\Users\Gambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CurseForge.lnk
2026-04-23 14:44 - 2026-04-23 14:44 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\ow-electron
2026-04-23 14:43 - 2026-04-23 14:43 - 002787552 _____ (Overwolf Ltd.) C:\Users\Gambo\Downloads\CurseForge Windows - Installer.exe
2026-04-21 15:40 - 2026-04-21 15:40 - 000285820 _____ C:\Users\Gambo\Downloads\ok-7-2026-rozhodnuti.pdf
2026-04-17 14:05 - 2026-04-17 14:05 - 008115230 _____ C:\Users\Gambo\Downloads\VIRTUAL ZOOM s.r.o. - Datart0426_cz.pdf
2026-04-17 13:25 - 2026-04-17 13:25 - 000629834 _____ C:\Users\Gambo\Downloads\Mafia-Manual-cz.pdf
2026-04-17 13:09 - 2026-04-17 13:09 - 000036843 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-17 13:09 - 2026-04-17 13:09 - 000036843 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2026-04-17 13:09 - 2026-04-17 13:09 - 000004575 _____ C:\WINDOWS\system32\ResPriUHMImageList
2026-04-17 13:09 - 2026-04-17 13:09 - 000004575 _____ C:\WINDOWS\system32\ResPriLMImageList
2026-04-17 13:09 - 2026-04-17 13:09 - 000004575 _____ C:\WINDOWS\system32\ResPriImageList
2026-04-17 13:09 - 2026-04-17 13:09 - 000004575 _____ C:\WINDOWS\system32\ResPriHMImageList
2026-04-12 14:55 - 2026-04-12 14:55 - 008605696 _____ C:\Users\Gambo\Downloads\czmanager-agent-windows-1.4.0.exe
2026-04-12 14:53 - 2026-04-12 14:53 - 020849103 _____ C:\Users\Gambo\Downloads\Resident_Evil_Requiem_1.5.0_25032026_1521.zip
2026-04-12 14:50 - 2026-04-28 20:24 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\GSE Saves
2026-04-12 14:16 - 2026-04-12 14:29 - 3401717149 _____ C:\Users\Gambo\Downloads\PowerWash.Simulator.2.rar
2026-04-12 12:57 - 2026-04-12 14:59 - 000000000 ____D C:\Users\Gambo\Downloads\Resident.Evil.Requiem.Deluxe.Edition.Build.22277314-InsaneRamZes
2026-04-12 12:55 - 2026-04-12 12:55 - 000104469 _____ C:\Users\Gambo\Downloads\Resident.Evil.Requiem-VOICES38.torrent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2026-05-10 07:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-05-10 07:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-05-10 07:43 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-05-10 07:43 - 2022-06-21 19:35 - 000000000 ____D C:\ProgramData\NVIDIA
2026-05-10 07:36 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2026-05-10 07:36 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-05-10 07:36 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2026-05-10 07:36 - 2022-06-21 19:38 - 000000000 ____D C:\Users\Gambo\AppData\Local\Packages
2026-05-10 07:36 - 2022-06-21 19:35 - 000000000 ____D C:\ProgramData\Packages
2026-05-10 07:32 - 2022-06-21 19:38 - 000000000 ___SD C:\Users\Gambo\AppData\Roaming\Microsoft\Credentials
2026-05-09 23:47 - 2022-06-21 19:56 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\discord
2026-05-09 23:41 - 2022-06-21 19:56 - 000000000 ____D C:\Users\Gambo\AppData\Local\Discord
2026-05-09 23:13 - 2023-01-17 11:57 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2026-05-09 23:13 - 2022-06-21 19:30 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-05-09 15:23 - 2022-06-21 20:54 - 000000000 ____D C:\Program Files (x86)\Steam
2026-05-09 15:20 - 2022-06-21 20:00 - 000000000 ____D C:\Users\Gambo\AppData\Local\Battle.net
2026-05-09 14:55 - 2022-06-21 20:04 - 000000000 ____D C:\Users\Gambo\AppData\Local\UnrealEngine
2026-05-09 14:55 - 2022-06-21 19:38 - 000000000 ____D C:\Users\Gambo\AppData\Local\D3DSCache
2026-05-09 14:49 - 2022-06-21 20:09 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\qBittorrent
2026-05-07 14:35 - 2024-12-08 14:00 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-05-06 15:55 - 2022-06-21 19:55 - 000000000 ____D C:\Program Files (x86)\Overwolf
2026-05-06 15:55 - 2022-06-21 19:41 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-05-06 15:55 - 2022-06-21 19:41 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-05-04 14:51 - 2024-12-08 13:47 - 000000000 ____D C:\Users\Gambo
2026-05-03 10:10 - 2023-01-11 13:28 - 000002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-05-03 10:10 - 2023-01-11 13:28 - 000002078 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2026-04-30 17:41 - 2022-06-28 21:05 - 000000000 ____D C:\Users\Gambo\AppData\Local\CrashDumps
2026-04-30 15:41 - 2022-06-21 19:55 - 000002334 _____ C:\Users\Gambo\Desktop\CurseForge.lnk
2026-04-30 15:41 - 2022-06-21 19:54 - 000000000 ____D C:\Users\Gambo\AppData\Local\Overwolf
2026-04-30 15:34 - 2024-11-17 19:05 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2026-04-30 15:34 - 2024-11-17 19:05 - 000002061 _____ C:\Users\Gambo\Desktop\Google Drive.lnk
2026-04-30 15:07 - 2024-12-08 13:57 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-04-30 15:07 - 2024-12-08 13:57 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-04-24 18:46 - 2022-06-21 19:56 - 000002260 _____ C:\Users\Gambo\Desktop\Discord.lnk
2026-04-24 16:52 - 2025-04-22 19:32 - 004590024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000911816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000289224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000260552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000166344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2026-04-24 16:52 - 2025-04-22 19:32 - 000154056 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2026-04-24 16:52 - 2025-04-22 19:32 - 000084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2026-04-24 16:50 - 2022-06-21 20:00 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 16:41 - 2025-04-22 19:32 - 001141192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll.1
2026-04-23 16:41 - 2025-04-22 19:32 - 001141192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll.0
2026-04-20 14:40 - 2024-12-08 13:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-04-20 14:40 - 2024-12-08 13:55 - 000007300 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-20 14:40 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2026-04-20 14:40 - 2022-06-21 19:30 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-19 20:17 - 2024-12-08 13:55 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2026-04-19 20:17 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2026-04-19 20:16 - 2024-12-08 13:55 - 000505064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-04-19 20:15 - 2025-07-25 17:51 - 000000000 ____D C:\WINDOWS\system32\ruxim
2026-04-19 20:15 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-04-19 20:15 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2026-04-19 20:15 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\system32\cs
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-04-19 20:15 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-19 20:15 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2026-04-19 15:18 - 2022-06-21 20:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-04-19 15:15 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2026-04-19 15:15 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2026-04-19 15:15 - 2022-06-21 20:32 - 218249592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-04-17 13:09 - 2024-12-08 13:57 - 003268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-04-17 12:58 - 2022-06-21 19:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2026-04-12 14:49 - 2022-06-21 20:59 - 000000000 ____D C:\Users\Gambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2026-04-12 14:47 - 2022-06-21 20:54 - 000000000 ____D C:\Users\Gambo\AppData\Local\Steam
2026-04-12 12:12 - 2025-05-03 08:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2026-04-12 12:12 - 2025-03-06 20:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2026-04-12 12:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2026-04-11 01:24 - 2025-09-24 14:57 - 000013696 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2026-04-11 01:23 - 2025-09-24 14:57 - 001155496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\GameInputRedist.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000182696 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\XInput1_3.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000182144 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\XInput1_2.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000182144 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\XInput1_1.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000145320 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\XInput1_3.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000143784 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\XInput1_2.dll
2026-04-11 01:23 - 2022-10-31 17:25 - 000143744 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\XInput1_1.dll
==================== Files in the root of some directories ========
2023-10-29 13:39 - 2023-10-29 13:39 - 000000020 _____ () C:\Users\Gambo\AppData\Roaming\edge.dxt
2024-12-15 10:29 - 2025-10-18 14:14 - 003354624 _____ () C:\Users\Gambo\AppData\Roaming\emp.bin
2022-10-28 22:02 - 2022-10-28 22:02 - 000332800 _____ () C:\Users\Gambo\AppData\Roaming\patcher.dll
2023-01-31 12:51 - 2023-01-31 12:54 - 001065984 _____ () C:\Users\Gambo\AppData\Local\file__0.localstorage
2022-06-21 23:09 - 2023-11-22 19:45 - 000007597 _____ () C:\Users\Gambo\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2026
Ran by Gambo (10-05-2026 07:50:56)
Running from C:\Users\Gambo\Desktop
Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) (2024-12-08 11:57:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4011095094-138222901-1307975021-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-4011095094-138222901-1307975021-503 - Limited - Disabled)
Gambo (S-1-5-21-4011095094-138222901-1307975021-1001 - Administrators - Enabled) => C:\Users\Gambo
Guest (S-1-5-21-4011095094-138222901-1307975021-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4011095094-138222901-1307975021-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Disabled - Up to date) {A537353A-1D6A-F6B5-9153-CE1CF80FBE66}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 26.001.21529 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 148.1.90.121 - Autoři prohlížeče Brave)
Burning Crusade Anniversary (HKLM-x32\...\World of Warcraft Classic Anniversary) (Version: - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version: - Blizzard Entertainment)
Call of Duty Black Ops 2 (HKLM-x32\...\{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1) (Version: 1.0 - Treyarch)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Call of Duty Modern Warfare Remastered v.1.0 (HKLM-x32\...\Call of Duty Modern Warfare Remastered_is1) (Version: - )
Call of Duty verze 1.0 (HKLM-x32\...\{49C3E7C6-82F3-459F-A0B4-74454BA2FA43}_is1) (Version: 1.0 - Activision)
Call of Duty World at War verze 1.7 (HKLM-x32\...\{40F898EE-104A-445C-8C6C-5F37D35B37C2}_is1) (Version: 1.7 - Activision)
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - )
CapCut (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\CapCut) (Version: 8.5.0.3590 - Bytedance Pte. Ltd.)
Cataclysm Classic (HKLM-x32\...\Cataclysm Classic) (Version: - Blizzard Entertainment)
CoD 2 čeština 1.1 (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S[al!er!)
Crack_Files version final (HKLM-x32\...\Crack_Files_is1) (Version: final - The)
CurseForge (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 1.302.1.3108 - Overwolf app)
CurseForge 1.302.1-33108 (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 1.302.1-33108 - Overwolf)
Desperados 3 (HKLM-x32\...\1914500649_is1) (Version: 1.7 - GOG.com)
Desperados III DLC1 (HKLM-x32\...\1314240626_is1) (Version: 1.7 - GOG.com)
Desperados III DLC2 (HKLM-x32\...\1231933524_is1) (Version: 1.7 - GOG.com)
Desperados III DLC3 (HKLM-x32\...\1984454669_is1) (Version: 1.7 - GOG.com)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Discord) (Version: 1.0.9236 - Discord Inc.)
DOOM - Čeština (HKLM\...\{0F82DB67-2B5E-4378-96C3-55714357703E}}_is1) (Version: 1.1 - Necronos)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.67.2 - GOG.com)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 124.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 148.0.7778.97 - Google LLC)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HxD Hex Editor 2.5 (HKLM\...\HxD_is1) (Version: 2.5 - Maël Hörz)
Chameleon version 1.0 (HKLM-x32\...\{4494C122-3B15-4952-928F-D2446959E12D}_is1) (Version: 1.0 - Take-Two Interactive, Cenega Czech)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{fdc445a5-0180-47a6-a653-ab97fa2d4723}) (Version: 7.14.2.14 - Intel Corporation)
Kodi (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Kodi) (Version: 19.4.0.0 - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.3.4.2 (HKLM\...\{C9090ED0-F3EE-4FF2-A3E1-0F2598FC7107}) (Version: 7.3.4.2 - The Document Foundation)
Lies of P (HKLM-x32\...\Lies of P_is1) (Version: - )
Lies of P CZ verze 1.3 (HKLM-x32\...\{6562EA58-1DF6-4F30-984D-407C7ECCE0D1}}_is1) (Version: 1.3 - Luc2as)
Malwarebytes version 5.5.5.253 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.5.5.253 - Malwarebytes)
Medal of Honor - Allied Assault War Chest (HKLM-x32\...\1207659126_is1) (Version: 2.1.0.22 - GOG.com)
Metal Gear (HKLM-x32\...\2022393863_is1) (Version: 1.0 - GOG.com)
Metal Gear Solid (HKLM-x32\...\1771973390_is1) (Version: 1.0 - GOG.com)
Metal Gear Solid 2: Substance (HKLM-x32\...\2069117974_is1) (Version: 1.0 - GOG.com)
Microsoft .NET Host - 6.0.26 (x64) (HKLM\...\{87EBA554-A002-4EF4-A612-4FFD06092B5B}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.6 (x64) (HKLM\...\{EAEDD1FB-8876-4FD8-98A6-3AF439887414}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.6 (x64) (HKLM\...\{59C4A6C5-E254-4819-B254-0B4FF17747EB}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.6 (x64) (HKLM\...\{F69305BE-6EFA-45D0-9635-752373304A1A}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 148.0.3967.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 147.0.3912.98 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM\...\{45B61AD4-7D73-48B9-B9B4-724C9F0828E6}) (Version: 3.3.195.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM-x32\...\{b2476903-b8da-4dcc-903f-378730bb4c48}) (Version: 6.0.26.33205 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM\...\{0EF5DD4D-EC49-4AE7-8C9A-F64FF8B3EA58}) (Version: 64.24.15241 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM-x32\...\{942f6911-1a02-4186-8c4c-b27eb2b9733d}) (Version: 8.0.6.33720 - Microsoft Corporation)
NVIDIA App 11.0.5.266 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.266 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 591.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 591.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Outlast (CZ Dabing) (HKLM-x32\...\FPD_OUTLAST_is1) (Version: 1.0 - Fénix ProDabing)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.296.3.3 - Overwolf Ltd.)
PC Building Simulator (HKLM-x32\...\2147483071_is1) (Version: v1.15.3.0 - GOG.com)
PDFgear 2.1.14 (HKLM\...\{7DACF63A-4EE4-4837-9AF9-C65D4509FFB4}_is1) (Version: 2.1.14 - PDFgear)
POTION CRAFT ALCHEMIST SIMULATOR (HKLM-x32\...\POTION CRAFT ALCHEMIST SIMULATOR_) (Version: - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 231220 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 9.3 - Power Software Ltd)
PS Remote Play (HKLM-x32\...\{3A3A09F0-36EC-4CDD-BAA5-98BC05815E3C}) (Version: 5.5.0.08250 - Sony Interactive Entertainment Inc.)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.2 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.10.0730.071519 - Razer Inc.)
REDlauncher (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Resident Evil 4 Remake (HKLM-x32\...\Resident Evil 4 Remake_is1) (Version: 0.0.0 - DODI-Repacks)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.105.2720 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.146 - Rockstar Games)
Řež (HKLM-x32\...\Rez) (Version: - )
SIFU.REPACK-KaOs (HKLM\...\SIFU.REPACK-KaOs_is1) (Version: - ReMiX)
Silent Hill 2 Remake (HKLM-x32\...\Silent Hill 2 Remake_is1) (Version: - )
Slovenská lokalizácia hry Call of Duty: World War II (HKLM-x32\...\Lokalizacia CoDWW2) (Version: 1.0 - )
Spyro Reignited Trilogy (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\Spyro Reignited Trilogy) (Version: - HOODLUM)
Starfield CZ v1.0 (HKLM-x32\...\Starfield CZ) (Version: 1.0 - Squiee)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Still Wakes the Deep (HKLM-x32\...\FLT_Still_Wakes_the_Deep) (Version: - )
Summer & Winter: Olympic Challenge (HKLM-x32\...\1820973446_is1) (Version: 1.0 - GOG.com)
Tetris Effect (HKLM-x32\...\Tetris Effect_is1) (Version: - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
TurboTop 2.8 (HKLM-x32\...\TurboTop_is1) (Version: 2.8.0.21 - Savard Software)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 140.0.10857 - Ubisoft)
Unreal Mod Unlocker Basic 0.35.8 (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\4e2d47ec-b6e7-5c43-9049-ebb0eaf9f354) (Version: 0.35.8 - Illusory)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.11.7 - Black Tree Gaming Ltd.)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WeMod (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\WeMod) (Version: 8.3.1 - WeMod)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
World of Warcraft Classic Era (HKLM-x32\...\World of Warcraft Classic Era) (Version: - Blizzard Entertainment)
Wrath of the Lich King Classic (HKLM-x32\...\Wrath of the Lich King Classic) (Version: - Blizzard Entertainment)
Zygor Client Uninstaller (HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\902d341c-51df-594b-a26c-ea7ab5a2af33) (Version: 4.5.7 - Zygor Guides)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-14] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2026-05-03] ()
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_164.1.1128.0_x64__v10z8vjag6ke6 [2026-04-12] (HP Inc.)
LG Monitor App Installer -> C:\Program Files\WindowsApps\LGElectronics.LGMonitorApp_1.2602.502.0_x86__cfnzzhwkr8z5w [2026-03-09] (LG Electronics Inc.)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2026-05-10] ()
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft.Photos.MediaEngineDLC -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-11-24] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-09] (NVIDIA Corp.)
Sniptool -> C:\Program Files\WindowsApps\53483DanStromi.Sniptool_2.1.0.0_neutral__1wr99jw2hr0ag [2026-01-21] (DanStromi)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-31] (Microsoft Corp.)
WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.836.2153.0_x64__8wekyb3d8bbwe [2026-04-29] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8002.0.1.0_x64__8wekyb3d8bbwe [2026-04-29] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2022-06-21] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4011095094-138222901-1307975021-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4011095094-138222901-1307975021-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4011095094-138222901-1307975021-1001_Classes\CLSID\{9C1FB437-1219-4D0E-84FB-36F93444C8D6} -> [Xiaomi 15T Pro] => C:\Users\Gambo\CrossDevice\Xiaomi 15T Pro [2026-05-04 14:51]
CustomCLSID: HKU\S-1-5-21-4011095094-138222901-1307975021-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2026-04-20] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-05-10] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2026-04-20] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\124.0.3.0\drivefsext.dll [2026-04-30] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f4c7a2fd13e0f763\nvshext.dll [2026-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-05-10] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2026-04-20] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 1
HKLM\...\Drivers32: [midi1] => C:\Windows\system32\wdmaud2.drv [143360 2026-04-17] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [94720 2026-04-17] (Microsoft Windows -> Microsoft Corporation)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Gambo\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
==================== Loaded Modules (Whitelisted) =============
2024-11-16 16:06 - 2025-10-18 13:05 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.1.1
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe 2.5GbE Family Controller -> rt640x64.sys
Wi-Fi: Intel(R) Wi-Fi 6E AX210 160MHz -> Netwtw14.sys
steamxboxndi: Steam Xbox Controller Enhanced Features Driver
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gambo\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\496300837_1223697185793761_3587453401012997104_n.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Users\Gambo\AppData\Roaming\IntegrityCheck
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "TurboTop.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_FCBCAC5CBE4B3C071C4385DC999D9513"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "electron.app.CurseForge"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-4011095094-138222901-1307975021-1001\...\StartupApproved\Run: => "GoogleDriveFS"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{53FE8E8E-7480-41D8-85C4-B8F0C6B78036}D:\hry\warcraft.iii.reforged.v1.36.1.21015\game\_retail_\x86_64\warcraft iii.exe] => (Block) D:\hry\warcraft.iii.reforged.v1.36.1.21015\game\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
FirewallRules: [TCP Query User{E2068BE6-CCE9-4165-85C8-6ABCCEBE9F80}D:\hry\warcraft.iii.reforged.v1.36.1.21015\game\_retail_\x86_64\warcraft iii.exe] => (Block) D:\hry\warcraft.iii.reforged.v1.36.1.21015\game\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
FirewallRules: [UDP Query User{12C1F8D5-03D9-481C-839E-37A41FD2F67F}D:\hry\assassins.creed.mirage.v1.0.6\game\scimitar_engine_win64_vs2019_dx12_qx.exe] => (Allow) D:\hry\assassins.creed.mirage.v1.0.6\game\scimitar_engine_win64_vs2019_dx12_qx.exe () [File not signed]
FirewallRules: [TCP Query User{451FEC1B-11E0-4A40-8F2C-9F476C5BA53E}D:\hry\assassins.creed.mirage.v1.0.6\game\scimitar_engine_win64_vs2019_dx12_qx.exe] => (Allow) D:\hry\assassins.creed.mirage.v1.0.6\game\scimitar_engine_win64_vs2019_dx12_qx.exe () [File not signed]
FirewallRules: [{58F7CE53-A9A4-4D92-9EAC-0B122ED54749}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Update\hl2.exe (Valve -> )
FirewallRules: [{8FA233D4-1713-44F0-9B42-E6294CDBFFB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Update\hl2.exe (Valve -> )
FirewallRules: [{64092CFE-B4DA-4F05-83B4-0DEB60BB7C21}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\Data\ra3_1.12.game (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{33688914-E4FF-4DF9-8C77-6BD26D953741}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\Data\ra3_1.12.game (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{03E1A480-0D5C-495A-AB72-73DF033549EE}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\RA3.exe (Electronic Arts, Inc. -> Electronic Arts, Inc.) [File not signed]
FirewallRules: [{BA513F4F-F93D-43FC-9295-7863062F5BE6}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\RA3.exe (Electronic Arts, Inc. -> Electronic Arts, Inc.) [File not signed]
FirewallRules: [{FA817050-5BD5-42FC-9EDC-1A0D59503405}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\Data\WorldBuilder.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{A13D3D04-2101-424A-BB86-B2F10DAB3299}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\Data\WorldBuilder.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{DCCCC23F-2B88-433E-91CA-489D19DD26F2}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\runme.exe (Electronic Arts, Inc. -> ) [File not signed]
FirewallRules: [{AB92AEF3-875A-4F79-B24E-E43F0E7FAE11}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Red Alert 3\runme.exe (Electronic Arts, Inc. -> ) [File not signed]
FirewallRules: [UDP Query User{020403F8-28BA-4011-AAE1-A982E9877B8E}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [TCP Query User{B84A6887-1EB1-46D4-9308-3FF936C03579}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [UDP Query User{D6C75B23-8292-4BE4-9D5C-152AD053EDD9}D:\hry\call of duty ghosts\iw6sp64_ship.exe] => (Block) D:\hry\call of duty ghosts\iw6sp64_ship.exe => No File
FirewallRules: [TCP Query User{7AE4D61E-13EF-47F5-9BFD-6334E63EFBFE}D:\hry\call of duty ghosts\iw6sp64_ship.exe] => (Block) D:\hry\call of duty ghosts\iw6sp64_ship.exe => No File
FirewallRules: [UDP Query User{4309F14B-3703-4EE9-8591-86A9231CE031}D:\hry\call of duty black ops cold war\blackopscoldwar.exe] => (Block) D:\hry\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [TCP Query User{E07BE3F6-355B-469B-955F-99E7CA31084A}D:\hry\call of duty black ops cold war\blackopscoldwar.exe] => (Block) D:\hry\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{F5C391E3-A941-4C0E-9BA7-4228A587865B}D:\hry\call of duty black ops 2\t6mp.exe] => (Block) D:\hry\call of duty black ops 2\t6mp.exe (Activision Publishing Inc.) [File not signed]
FirewallRules: [TCP Query User{8A3F71A3-FBE8-4E6A-B44D-C74EE5BD4FC1}D:\hry\call of duty black ops 2\t6mp.exe] => (Block) D:\hry\call of duty black ops 2\t6mp.exe (Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{427F048C-95FC-4F82-91F4-1B9DB677B5D0}D:\hry\call of duty black ops 2\t6sp.exe] => (Block) D:\hry\call of duty black ops 2\t6sp.exe (Activision Publishing Inc.) [File not signed]
FirewallRules: [TCP Query User{BA4FE0A2-B827-43D4-BDE2-9AD5E7F7E319}D:\hry\call of duty black ops 2\t6sp.exe] => (Block) D:\hry\call of duty black ops 2\t6sp.exe (Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{3EAAD793-2550-4161-B606-C22E2F37C0DF}D:\hry\call of duty - black ops\blackops.exe] => (Block) D:\hry\call of duty - black ops\blackops.exe () [File not signed]
FirewallRules: [TCP Query User{8C7FEA20-1CE2-4B5D-9AB3-B7F99BF452B9}D:\hry\call of duty - black ops\blackops.exe] => (Block) D:\hry\call of duty - black ops\blackops.exe () [File not signed]
FirewallRules: [UDP Query User{BE51D356-08E8-4FFE-943D-7EC04E88350A}D:\hry\call of duty- modern warfare 3\iw5mp_server.exe] => (Allow) D:\hry\call of duty- modern warfare 3\iw5mp_server.exe () [File not signed]
FirewallRules: [TCP Query User{22BA52FE-52D4-4F98-9689-BEB1D12A9552}D:\hry\call of duty- modern warfare 3\iw5mp_server.exe] => (Allow) D:\hry\call of duty- modern warfare 3\iw5mp_server.exe () [File not signed]
FirewallRules: [UDP Query User{22D6361F-EF07-453D-8E95-F19EBB82EFE0}C:\users\gambo\downloads\anydesk.exe] => (Allow) C:\users\gambo\downloads\anydesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{C18D7D8B-5B51-47F7-9989-9F5C4B154FDB}C:\users\gambo\downloads\anydesk.exe] => (Allow) C:\users\gambo\downloads\anydesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{4B33ACA7-89BA-4253-A336-BF26BBD00B38}D:\steamlibrary\steamapps\common\black myth wukong benchmark tool\b1\binaries\win64\b1-win64-shipping.exe] => (Block) D:\steamlibrary\steamapps\common\black myth wukong benchmark tool\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [TCP Query User{AF237428-FC51-4AFC-BB16-7EF58452A07C}D:\steamlibrary\steamapps\common\black myth wukong benchmark tool\b1\binaries\win64\b1-win64-shipping.exe] => (Block) D:\steamlibrary\steamapps\common\black myth wukong benchmark tool\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [{827A8EE4-A0ED-4A11-BFCB-61B3753F2B89}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\launcher.x64.exe () [File not signed]
FirewallRules: [{5A9F5162-46AC-431A-92D0-BA9AB503F53F}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\launcher.x64.exe () [File not signed]
FirewallRules: [{05FF3FAD-102E-4504-92F5-C5D40CD299C0}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe (Robot Entertainment, Inc.) [File not signed]
FirewallRules: [{B1AFAB0D-ED7F-42B9-8917-3C6650816C24}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe (Robot Entertainment, Inc.) [File not signed]
FirewallRules: [{E48415FF-F9B4-40A8-BA0E-FA2D9A8FE5FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast 2\Binaries\Win64\Outlast2.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{7CBF65DC-BB96-4405-9924-62A30F01E1D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast 2\Binaries\Win64\Outlast2.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{A9D91C6F-D330-4D7C-927D-7CBAC2F05187}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [TCP Query User{C83160BB-4FA5-4E41-B9D5-3B1674262E05}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{C92E3B78-4589-486B-993B-EA64FA0A3B9E}] => (Allow) D:\SteamLibrary\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{F360539A-739C-47FD-B796-7CA05FF21F99}] => (Allow) D:\SteamLibrary\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{3B4219EF-56A1-4AA3-A5EC-AE53E98BC7F7}C:\program files (x86)\steam\steamapps\common\pine harbor demo\pineharbor\binaries\win64\pineharbor-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pine harbor demo\pineharbor\binaries\win64\pineharbor-win64-shipping.exe => No File
FirewallRules: [TCP Query User{7F4F698A-E8BF-4E6F-A349-40C232275B4A}C:\program files (x86)\steam\steamapps\common\pine harbor demo\pineharbor\binaries\win64\pineharbor-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pine harbor demo\pineharbor\binaries\win64\pineharbor-win64-shipping.exe => No File
FirewallRules: [UDP Query User{04A9AF66-B41F-45AE-9767-064602C578E4}D:\hry\911.operator.v17.10.2021\911.exe] => (Block) D:\hry\911.operator.v17.10.2021\911.exe () [File not signed]
FirewallRules: [TCP Query User{3B415AEC-6276-415D-A7B7-1F1D32F59B33}D:\hry\911.operator.v17.10.2021\911.exe] => (Block) D:\hry\911.operator.v17.10.2021\911.exe () [File not signed]
FirewallRules: [{BED7D5EC-3F23-407F-9232-46B9C180273A}] => (Allow) D:\SteamLibrary\steamapps\common\Codename Gordon\cg.exe (The Design Assembly GmbH) [File not signed]
FirewallRules: [{7EA218FD-81F8-4A98-B3E6-4320A8859864}] => (Allow) D:\SteamLibrary\steamapps\common\Codename Gordon\cg.exe (The Design Assembly GmbH) [File not signed]
FirewallRules: [UDP Query User{6909062A-2B9E-4BC7-891D-69AA01BA6261}D:\hry\call of duty world at war\codwaw.exe] => (Block) D:\hry\call of duty world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [TCP Query User{8D72BEEB-E5B9-4146-87E3-E19F8F42BAA8}D:\hry\call of duty world at war\codwaw.exe] => (Block) D:\hry\call of duty world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [UDP Query User{8A582100-8AFF-4F41-83C1-430976BAAF8D}D:\hry\nfs mw 2012\nfs13.exe] => (Block) D:\hry\nfs mw 2012\nfs13.exe => No File
FirewallRules: [TCP Query User{78797AFA-3A3B-4277-8B5D-11D6C5819BD4}D:\hry\nfs mw 2012\nfs13.exe] => (Block) D:\hry\nfs mw 2012\nfs13.exe => No File
FirewallRules: [UDP Query User{1BAF91AF-F933-49BD-9448-F6E8D8C4384A}D:\hry\hitman world of assassination\_peacock-v6.5.1-cracked\nodedist\node.exe] => (Allow) D:\hry\hitman world of assassination\_peacock-v6.5.1-cracked\nodedist\node.exe => No File
FirewallRules: [TCP Query User{67631FEA-C9AC-4575-9F0A-B4965B74CF99}D:\hry\hitman world of assassination\_peacock-v6.5.1-cracked\nodedist\node.exe] => (Allow) D:\hry\hitman world of assassination\_peacock-v6.5.1-cracked\nodedist\node.exe => No File
FirewallRules: [UDP Query User{586941B7-9352-4F56-98E0-44198F6A185E}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{BDCCBD37-2AE0-4BD4-AF98-419D631A91DB}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{15E4698B-29A1-4E14-B64A-19EEDFD76BD3}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{B88B019A-F072-45CD-93AB-A95C5C45F570}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{8F887F42-25D4-4B06-B28E-0C69F76BB325}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{A815AABB-2D21-407F-A984-4DBACF5E9D5B}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{5F9FAAC4-26E2-4E86-B013-18C8FFA9A9B1}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{64E22859-8D11-408E-A07F-885BE17E5951}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{AF501804-8E65-4039-A2B0-61748AC5C59E}D:\hry\red dead redemption 2\rdr2.exe] => (Block) D:\hry\red dead redemption 2\rdr2.exe => No File
FirewallRules: [TCP Query User{EE62437C-B83C-4D21-9C63-FA87D001AACA}D:\hry\red dead redemption 2\rdr2.exe] => (Block) D:\hry\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{82B3B08C-6928-488E-B056-C0936CEA8541}C:\program files (x86)\gog galaxy\games\medal of honor - allied assault war chest\mohaa.exe] => (Allow) C:\program files (x86)\gog galaxy\games\medal of honor - allied assault war chest\mohaa.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{F1093D41-8F4A-4B19-8498-F7FF0C78AB6E}C:\program files (x86)\gog galaxy\games\medal of honor - allied assault war chest\mohaa.exe] => (Allow) C:\program files (x86)\gog galaxy\games\medal of honor - allied assault war chest\mohaa.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{627F811E-9D3D-4E90-AA55-11EB2E0379E3}D:\hry\far cry 6\bin\farcry6.exe] => (Block) D:\hry\far cry 6\bin\farcry6.exe => No File
FirewallRules: [TCP Query User{131BDF7F-5322-4970-BCD4-8DC64E8EBBD3}D:\hry\far cry 6\bin\farcry6.exe] => (Block) D:\hry\far cry 6\bin\farcry6.exe => No File
FirewallRules: [{EA262F47-0B5D-4420-A697-BA724C6E7149}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{1AE1477F-D4A8-4B1B-966A-C0A4C2889CFF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{ACCC61B4-3AAA-47D5-A301-38A053B1D3C5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{27949089-8BB0-4FC2-B463-65CD6BB07137}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{F079764C-D2BE-462E-8654-FEDF35E0AA9C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{E2D7CD59-6748-4B0F-AD79-FB4AA02786D8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [UDP Query User{73065757-2A10-4ACC-8251-E3002BA72A38}C:\users\gambo\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\gambo\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{2CD67A39-69FF-4385-8124-F1D2C1F1F115}C:\users\gambo\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\gambo\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [{E5BE70CF-2124-4B93-8DBD-ED3841AC5FDA}] => (Allow) D:\SteamLibrary\steamapps\common\Ravenous devils\Ravenous_Devils.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2B6B8309-A23D-4CC3-A1DC-1DCD349934B8}] => (Allow) D:\SteamLibrary\steamapps\common\Ravenous devils\Ravenous_Devils.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{9C0BAFDC-17E2-48D1-BAD8-F5EB064227CC}D:\hry\diablo iv\diablo iv.exe] => (Allow) D:\hry\diablo iv\diablo iv.exe => No File
FirewallRules: [TCP Query User{8202EFEE-B748-480E-952F-A454D3654A40}D:\hry\diablo iv\diablo iv.exe] => (Allow) D:\hry\diablo iv\diablo iv.exe => No File
FirewallRules: [UDP Query User{7FD8EA98-A6D4-436F-B19A-A48EEF4D80AC}D:\hry\re4remake\re4.exe] => (Block) D:\hry\re4remake\re4.exe => No File
FirewallRules: [TCP Query User{95C8218F-9F89-4D05-8C4A-55237AA18BFD}D:\hry\re4remake\re4.exe] => (Block) D:\hry\re4remake\re4.exe => No File
FirewallRules: [{8E576B9C-6EDC-4FA9-B9BE-ED5E9EBF22A6}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{7370D68A-A795-4192-9107-C9E6A7F46643}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{05338246-4A51-4739-81EE-9C7501925E5A}] => (Allow) D:\SteamLibrary\steamapps\common\Painkiller Black Edition\Bin\Painkiller.exe (People Can Fly) [File not signed]
FirewallRules: [{1AEBBDBE-9437-402E-BCF6-1FF656F50047}] => (Allow) D:\SteamLibrary\steamapps\common\Painkiller Black Edition\Bin\Painkiller.exe (People Can Fly) [File not signed]
FirewallRules: [UDP Query User{A71B0AFB-0766-472B-8C7A-6C6A0AD3ECB8}D:\steamlibrary\steamapps\common\realrtcw\realrtcw.x64.exe] => (Block) D:\steamlibrary\steamapps\common\realrtcw\realrtcw.x64.exe () [File not signed]
FirewallRules: [TCP Query User{12BDF6DC-0A63-448C-9D83-CECDA8C88F34}D:\steamlibrary\steamapps\common\realrtcw\realrtcw.x64.exe] => (Block) D:\steamlibrary\steamapps\common\realrtcw\realrtcw.x64.exe () [File not signed]
FirewallRules: [{D7F44F74-EBD7-4732-83CA-E590C0439B63}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{B40CF756-4EB6-4B8B-B1D7-59AB44C30B5F}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{591AC28B-B66C-48BB-BD06-3659AE4EE70E}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{3AF7C1CC-B68F-4A42-893B-8A60E99E1A04}] => (Allow) D:\SteamLibrary\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{6A3C7452-7610-460D-A99E-E3E83266E8B0}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\mp\ioWolfMP.x86.exe () [File not signed]
FirewallRules: [{3E7850FD-0937-4444-B1B5-A5D7283FC834}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\mp\ioWolfMP.x86.exe () [File not signed]
FirewallRules: [{C679311F-F14B-4DB0-8F92-5D350810F677}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\coop\RTCWCoop.x86.exe () [File not signed]
FirewallRules: [{7B5A8222-6AB2-4D75-9BBD-337CADAEF5A9}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\coop\RTCWCoop.x86.exe () [File not signed]
FirewallRules: [{720A94C1-E500-4269-A67A-B5427532625F}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\launcher.x86.exe => No File
FirewallRules: [{06A410BD-4B80-4BBF-A066-16A9C0A4A8C9}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\launcher.x86.exe => No File
FirewallRules: [{A0485293-31D3-4E55-BBD6-9CC4B6FD9EE3}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\coop\RTCWCoop.x64.exe () [File not signed]
FirewallRules: [{C8737EFB-A1BD-44A9-A50A-54DD6803DAD3}] => (Allow) D:\SteamLibrary\steamapps\common\RealRTCW\coop\RTCWCoop.x64.exe () [File not signed]
FirewallRules: [UDP Query User{E971A9E1-723A-448F-999A-F302255FD7A4}D:\hry\doom 2016\doomx64.exe] => (Block) D:\hry\doom 2016\doomx64.exe => No File
FirewallRules: [TCP Query User{16320DB0-4D90-4DE5-8CFF-342C8DAC531A}D:\hry\doom 2016\doomx64.exe] => (Block) D:\hry\doom 2016\doomx64.exe => No File
FirewallRules: [UDP Query User{35CF105D-2CD1-4A42-8387-3EAEDEBA47B0}D:\hry\diablo iv - beta\diablo iv.exe] => (Allow) D:\hry\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [TCP Query User{CA0A6F9E-CF01-4D6E-AC9D-BDF84474BCFB}D:\hry\diablo iv - beta\diablo iv.exe] => (Allow) D:\hry\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [UDP Query User{C7683798-3118-49B1-A4BA-AAA18432065E}D:\hry\hogwarts.legacy.digital.deluxe.edition\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts.legacy.digital.deluxe.edition\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{61570425-C230-4C6B-BD1B-61F3FD919614}D:\hry\hogwarts.legacy.digital.deluxe.edition\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts.legacy.digital.deluxe.edition\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{E1AAA9A5-0B02-475C-9CB3-F3A76C1AD07A}D:\hry\hogwarts.legacy.digital.deluxe.edition\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts.legacy.digital.deluxe.edition\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{CEE2FF07-5904-4061-A920-22B5D9155579}D:\hry\hogwarts.legacy.digital.deluxe.edition\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts.legacy.digital.deluxe.edition\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{AA7C6A4C-922C-4408-936B-0E49B8B7CC36}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe => No File
FirewallRules: [TCP Query User{D4800AFC-9D3A-433B-B99D-984D77F1F57D}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe => No File
FirewallRules: [UDP Query User{B3BA85D2-80AC-4B7D-9733-875A8B981F75}C:\users\gambo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\gambo\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [TCP Query User{DB370207-7937-4165-B356-BEECA8A7B7A8}C:\users\gambo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\gambo\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{91A5DABE-DA61-48EE-9173-6844FD707E5D}D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe => No File
FirewallRules: [TCP Query User{BE808516-52FC-4425-9F42-7DA64E80FD99}D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe => No File
FirewallRules: [{FB748B3A-ED7A-401F-9F6F-72104961BD4E}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto 3\gta3.exe () [File not signed]
FirewallRules: [{508A81AC-ED99-4F38-9ABF-7AB0447A4D62}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto 3\gta3.exe () [File not signed]
FirewallRules: [{63F956F6-52A7-455D-8ABE-B1DC67F0E794}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{90775279-6662-4313-853A-9952A61EC0B0}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{8698820F-7B98-401F-8AC7-86FCFAAD57EB}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{F3CE88D3-4BA1-4CEC-AC9C-2B928B70346E}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [UDP Query User{E6AE3F31-EDBD-4854-8F48-6919C3ED46AE}D:\ron\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Block) D:\ron\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe => No File
FirewallRules: [TCP Query User{CBC96BF0-03C6-4043-AEDD-7EEFE229458C}D:\ron\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Block) D:\ron\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe => No File
FirewallRules: [{7C8FC9EB-27BD-4AE1-B961-A82286F93A0A}] => (Allow) D:\SteamLibrary\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{8E5C4903-BF0F-485D-B088-19B82C95559D}] => (Allow) D:\SteamLibrary\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [UDP Query User{E15CA2D7-6E72-4C60-A11E-2D2150620039}D:\hry\resident evil village\re8.exe] => (Block) D:\hry\resident evil village\re8.exe => No File
FirewallRules: [TCP Query User{4E39D151-55B5-4784-9C99-EECC703E381E}D:\hry\resident evil village\re8.exe] => (Block) D:\hry\resident evil village\re8.exe => No File
FirewallRules: [UDP Query User{2BFAF312-D17E-4E89-AE51-92EEBF42FBEE}D:\steamlibrary\steamapps\common\the outlast trials playtest\opp\binaries\win64\totclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the outlast trials playtest\opp\binaries\win64\totclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{FF387A71-F994-49E7-A46E-6F5209795B42}D:\steamlibrary\steamapps\common\the outlast trials playtest\opp\binaries\win64\totclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the outlast trials playtest\opp\binaries\win64\totclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2FEE3764-0AE8-4175-8CCE-5DB40188A1CF}D:\hry\call of duty- modern warfare 3\iw5sp.exe] => (Block) D:\hry\call of duty- modern warfare 3\iw5sp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [TCP Query User{5012681D-0561-483E-BB28-0AFBD563041D}D:\hry\call of duty- modern warfare 3\iw5sp.exe] => (Block) D:\hry\call of duty- modern warfare 3\iw5sp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [UDP Query User{4292F593-C5B8-444A-9406-93CD0371462C}D:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) D:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe (Activision Publishing -> Activision)
FirewallRules: [TCP Query User{07735F59-710B-4BA9-BC10-DE323DD5F275}D:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) D:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe (Activision Publishing -> Activision)
FirewallRules: [UDP Query User{1AC7DA5C-3395-4B66-8652-CDAAB31CE6C4}D:\hry\uncharted legacy of thieves collection\u4.exe] => (Block) D:\hry\uncharted legacy of thieves collection\u4.exe => No File
FirewallRules: [TCP Query User{EFEE04A3-E7A3-4ED8-A88A-CCD9A5915BA5}D:\hry\uncharted legacy of thieves collection\u4.exe] => (Block) D:\hry\uncharted legacy of thieves collection\u4.exe => No File
FirewallRules: [{BE8338AE-E0D6-4006-BE83-F9EAFEE86FFB}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22147.303.1400.1220_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CBDC0294-6CA3-4E35-8FC7-63135E7A9773}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22147.303.1400.1220_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F78FD923-6F94-4E81-B4D7-8D3BBC476617}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E9224AF4-BFBF-43CE-8FD6-709BC5B61E33}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1D94D4C4-6786-4633-8307-FE759194F4B7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A36ADEF-B84E-4394-B9EC-4903C5E37747}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0DA59850-7E61-4239-8E9B-A0C18779214A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{39875AD9-8B90-468E-949F-68A44803A24E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{5BC22E40-6186-467A-AA81-9CE1498E2C0F}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{01393469-1608-4526-9250-EBDE5D87F061}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{A1A82760-DEC1-41E6-99BF-8EF17FA296D2}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe => No File
FirewallRules: [{2DBE848A-773D-4EE6-9C77-F30D20230EA7}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe => No File
FirewallRules: [TCP Query User{DD7021C5-F0F9-4DE5-BA11-FDF0ACD67C59}D:\hry\reddeadredemption2\rdr2.exe] => (Allow) D:\hry\reddeadredemption2\rdr2.exe => No File
FirewallRules: [UDP Query User{5AA401BE-7B39-4868-B87B-249A131B0C5C}D:\hry\reddeadredemption2\rdr2.exe] => (Allow) D:\hry\reddeadredemption2\rdr2.exe => No File
FirewallRules: [TCP Query User{5AA95D43-2162-4F95-B6AD-DDF6D66DFB22}D:\hry\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{3C479A54-9805-4FEB-B674-AF762C93F525}D:\hry\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{291B16D0-11D9-4FF3-8983-0C6D29FA9685}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{30E833ED-A5F7-4FEB-A4EA-45794FDEE2F9}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [{AB618B5C-B8A6-4B4C-B579-0FC9FEDCFBDB}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{BEF6102C-3725-4C82-A4EB-23818C865E8D}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{60AB1639-9483-446D-946E-F7E5C7484548}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 2\CoD2MP_s.exe () [File not signed]
FirewallRules: [{0F8F44A5-F148-47D8-A668-6F5842D903F1}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 2\CoD2MP_s.exe () [File not signed]
FirewallRules: [TCP Query User{9360FC4B-638F-4602-8122-F1F6E3C1B117}D:\hry\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) D:\hry\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe (Activision Publishing, Inc.) [File not signed]
FirewallRules: [UDP Query User{E92BEAEC-2117-43B0-BF1C-D5B707AEB637}D:\hry\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) D:\hry\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe (Activision Publishing, Inc.) [File not signed]
FirewallRules: [TCP Query User{589C7777-CCF8-431A-8FBF-823642934EB3}D:\hry\call of duty vanguard\vanguard.exe] => (Allow) D:\hry\call of duty vanguard\vanguard.exe => No File
FirewallRules: [UDP Query User{74A88364-9C98-45BE-8097-206DEA9D6D46}D:\hry\call of duty vanguard\vanguard.exe] => (Allow) D:\hry\call of duty vanguard\vanguard.exe => No File
FirewallRules: [{6AF57F56-E027-4203-8412-10DEEC0CCF53}] => (Allow) D:\SteamLibrary\steamapps\common\Dr. Trolley's Problem\Trolley.exe () [File not signed]
FirewallRules: [{08BA0ED2-14B9-4B44-B7D9-27B23FCEB332}] => (Allow) D:\SteamLibrary\steamapps\common\Dr. Trolley's Problem\Trolley.exe () [File not signed]
FirewallRules: [{5D5ACE79-8730-481A-B2BA-ADE523D22B28}] => (Allow) D:\Hry\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{2BAAC7F3-CB14-473F-AF16-DBB82FAAE056}] => (Allow) D:\Hry\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{3EC7F759-FB0C-4835-8181-54CB41BC2456}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{E7E64276-D2A4-4910-B664-DF28A546E0C1}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{C428EE8B-6483-410E-9ED8-506027E45630}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{26115CDB-5DE8-430F-B2A1-3DE7822731B2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [TCP Query User{E6A0758C-41B7-4E04-9B09-D283C6DAE707}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{50801E68-F958-4ED5-8A9E-AD0AF485AB73}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{00EF33B8-410D-4E91-B4E4-A73EB4699062}D:\hry\green hell vr\ghvr.exe] => (Block) D:\hry\green hell vr\ghvr.exe => No File
FirewallRules: [UDP Query User{E7AB321B-2250-47FE-9B90-7BA0BD4225FD}D:\hry\green hell vr\ghvr.exe] => (Block) D:\hry\green hell vr\ghvr.exe => No File
FirewallRules: [{A989A17E-4BF5-4CB0-A713-AB94D4CD7950}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{A839C341-2F4F-4E4D-8D14-18EEFD780C5E}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{8E841B4E-8148-4BA2-9236-D8592AEEF9E7}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{5719C818-8DF0-4355-AC49-11B8970A67BB}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{2602D3EF-6BA3-4234-BD37-3DB1E48FAE3C}] => (Allow) C:\Program Files (x86)\Sony\PS Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [TCP Query User{538DF512-E41F-4F77-8BBA-EF72F1A6658F}D:\hry\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) D:\hry\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe => No File
FirewallRules: [UDP Query User{785DAF47-8FBF-4559-8285-C53B1DC6C290}D:\hry\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) D:\hry\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe => No File
FirewallRules: [{267ECC4E-6ACF-4681-9497-4013A38EC284}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{15F216E7-1637-498C-AC72-918D5E5C9C7F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{C8580D9D-DF62-4F23-9581-FCA229830F8A}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Generals\Generals.exe (Electronic Arts, Inc. -> ) [File not signed]
FirewallRules: [{12C9B677-15A2-4534-B7F5-8C7A7E1D2492}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Generals\Generals.exe (Electronic Arts, Inc. -> ) [File not signed]
FirewallRules: [{DC6533E7-67E8-45EA-8B42-23F20D07F7A0}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Generals\WorldBuilder.exe (Electronic Arts, Inc. -> Electronic Arts) [File not signed]
FirewallRules: [{8EE49709-9ECD-49F9-BCF1-354027BEF4D9}] => (Allow) D:\SteamLibrary\steamapps\common\Command and Conquer Generals\WorldBuilder.exe (Electronic Arts, Inc. -> Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{BB8EC97E-46AC-4FAD-B420-F6143D4A0EB8}D:\hry\re4\resident evil 4 remake\re4.exe] => (Allow) D:\hry\re4\resident evil 4 remake\re4.exe => No File
FirewallRules: [UDP Query User{9EFB739D-C090-4A79-92DC-ECC25C190FAC}D:\hry\re4\resident evil 4 remake\re4.exe] => (Allow) D:\hry\re4\resident evil 4 remake\re4.exe => No File
FirewallRules: [TCP Query User{F7C2671F-A144-4B7F-AD26-403CE6AE6B22}D:\hry\resident evil 4 remake\re4.exe] => (Block) D:\hry\resident evil 4 remake\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [UDP Query User{C1FAAE02-4B9A-4276-94BC-E901981C3E69}D:\hry\resident evil 4 remake\re4.exe] => (Block) D:\hry\resident evil 4 remake\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{DA72444E-AE4D-4FB3-B919-0F3992F15AD8}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{8E6AAEB6-CF91-4A35-AFB3-7F203E787FE1}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{0D8EE908-C25C-4073-89A4-3E7A80DB1B48}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{A876D348-44AC-428B-B4D4-817F588B784C}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2C3CECE6-6720-45F8-9FC8-B8274EEC8B49}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DA8DA454-0888-4365-BB1C-7AF41F41DD78}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{08564B8E-9892-4E09-B659-F02B1D07DEEA}C:\users\gambo\downloads\resident.evil.requiem.deluxe.edition.build.22277314-insaneramzes\re9.exe] => (Block) C:\users\gambo\downloads\resident.evil.requiem.deluxe.edition.build.22277314-insaneramzes\re9.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [UDP Query User{2E6BBBD0-E900-49B6-B15F-65E7420C2207}C:\users\gambo\downloads\resident.evil.requiem.deluxe.edition.build.22277314-insaneramzes\re9.exe] => (Block) C:\users\gambo\downloads\resident.evil.requiem.deluxe.edition.build.22277314-insaneramzes\re9.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [TCP Query User{7C0E277B-44BA-4E40-A522-ADACD99C269F}D:\hry\cleared.hot.v0.2.5.17788\game\clearedhot.exe] => (Block) D:\hry\cleared.hot.v0.2.5.17788\game\clearedhot.exe () [File not signed]
FirewallRules: [UDP Query User{3799C280-93FB-4125-AE4B-B5B3060ED8EF}D:\hry\cleared.hot.v0.2.5.17788\game\clearedhot.exe] => (Block) D:\hry\cleared.hot.v0.2.5.17788\game\clearedhot.exe () [File not signed]
FirewallRules: [{065E14E7-DD19-4EC2-823B-C2EB4A0210D4}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.2\OverwolfBrowser.exe => No File
FirewallRules: [{E045E8BD-2FEB-4455-9CB4-A3E76D322FBC}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.2\OverwolfBrowser.exe => No File
FirewallRules: [{CB797184-37D1-469C-BAB6-305FA004DFD4}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.2\OverwolfBrowser.exe => No File
FirewallRules: [{6E157A6B-6FEB-40CE-B3A0-BBFBA2224EE6}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.2\OverwolfBrowser.exe => No File
FirewallRules: [{FACB8B74-81C8-433D-9B93-0AD81C827577}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.2.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{515603FF-9639-4F86-B57B-93E5BC1CEAE1}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.2.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6668A7FE-0099-4968-96A3-82C6B854C18B}] => (Block) C:\Program Files (x86)\Overwolf\0.296.2.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3E74E481-D932-403E-85F3-85301C01C2D2}] => (Block) C:\Program Files (x86)\Overwolf\0.296.2.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E4F8D66D-56FA-4320-B620-51FB05B73603}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{637CB394-32A4-4F4E-B3F0-EE3DA7A4D489}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{20F2B360-6C55-4D0E-A4B0-5EA5433B61B7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A4424AD1-7DA1-4F94-B1C0-06114F5B2B07}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Restore Points =========================
03-05-2026 12:08:55 Windows Update
03-05-2026 12:08:55 Windows Update
03-05-2026 12:08:55 Windows Update
06-05-2026 18:23:24 Windows Update
06-05-2026 18:23:29 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/10/2026 07:36:34 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 28.4.2026.0 programu FRST64.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
System errors:
=============
Error: (05/10/2026 07:43:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Game Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Synapse Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Spustit nakonfigurovaný program pro obnovení.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Central Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GameInput Redist Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/10/2026 07:43:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management Engine WMI Provider Registration byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2026-05-09 14:52:22
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Kepavll!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Gambo\AppData\Local\Temp\Rar$EXa50644.27823\vsdbg.dll
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: GG\Gambo
Název procesu: C:\Users\Gambo\AppData\Local\Temp\Rar$EXa50644.27823\poweriso-software-github-io-1.98.2.exe
Verze bezpečnostních informací: AV: 1.449.523.0, AS: 1.449.523.0, NIS: 1.449.523.0
Verze modulu: AM: 1.1.26030.3008, NIS: 1.1.26030.3008
Date: 2026-05-09 13:17:29
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{8C2599CD-82CD-4BF5-BD27-785EE7BF24E7}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
Date: 2026-05-07 14:42:26
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{6F73C106-7EC2-4984-81E2-8A78352C16C5}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
Date: 2026-05-06 18:23:19
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{25C31394-451F-44FD-95C3-FABF2BE744DC}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
Date: 2026-05-05 17:02:58
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{5299EEC6-9DFC-405C-A1A2-E1559D5E3B59}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
CodeIntegrity:
===============
Date: 2026-05-10 07:51:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Chrome\Application\148.0.7778.97\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2026-05-10 07:51:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Chrome\Application\148.0.7778.97\vk_swiftshader.dll that did not meet the Microsoft signing level requirements.
Date: 2026-05-10 07:37:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2026-05-09 23:41:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Gambo\AppData\Local\Discord\app-1.0.9234\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.296.3.3\OWClient.dll that did not meet the Microsoft signing level requirements.
Date: 2026-05-09 23:41:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Gambo\AppData\Local\Discord\app-1.0.9234\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.296.3.3\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. 2.30 09/09/2021
Motherboard: Micro-Star International Co., Ltd. MAG B560 TOMAHAWK WIFI (MS-7D15)
Processor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Percentage of memory in use: 26%
Total physical RAM: 32649.62 MB
Available physical RAM: 23985.73 MB
Total Virtual: 34697.62 MB
Available Virtual: 25234.83 MB
==================== Drives ================================
Drive c: (Sw+Steam+GoG+Epic) (Fixed) (Total:930.02 GB) (Free:421.99 GB) (Model: WD Blue SN570 1TB) NTFS
Drive d: (Games) (Fixed) (Total:953.85 GB) (Free:218.24 GB) (Model: ADATA SX8200PNP) NTFS
\\?\Volume{288264bc-81ff-430c-a0c6-36b087755420}\ () (Fixed) (Total:0.82 GB) (Free:0.1 GB) NTFS
\\?\Volume{271db3a4-7ebf-4199-90d0-6ce5711324b5}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS
\\?\Volume{289d127b-18be-4841-8dc4-67a47a968274}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Otevřte poznámkový blok a zkopírujte do něj: