ESS blokuje pop-upy Vyřešeno

Sekce věnovaná virům a jiným škodlivým kódům, rovněž ale nástrojům, kterým se lze proti nim bránit…

Moderátoři: Mods_senior, Security team

Příspěvky: 11
Registrován: říjen 15
Pohlaví: Muž

ESS blokuje pop-upy  Vyřešeno

Příspěvekod DekkerDave » 30 pro 2020 23:58


dle pravidla "jednooký mezi slepýma" se mi dostal k řešení počítač, který je napaden nějakou havětí, která vyvolává pop-upy odkazující na stránky Zakoupený ESS s aktivní licencí potom vždy zakáže dvě naráz otevřená okna.

Zkoušel jsem takové to svoje jednoduché know how, které obvykle pomohlo - projet scan ESS (nic), Malwarebytes (nic) a HitmanPro (nic). Proto se obracím na Vás s prosbou o pomoc.

Podezření je ale na přehrávači foobar2000, který je zde nainstalovaný - vysledoval jsem, že při přehrání audiosouboru v jakémkoliv formátu vyvolá 2x tento pop-up. Projevuje se to i když přeskočí playlist na další položku. Zkusil jsem do tohoto PC přetáhnout z flashky vlastní "čisté" audio a také to dělá. Samotný scan složek foobaru jak v Program Files, tak v %APPDATA% nenachází nic.

Logy poskytnu dle instrukcí.

Předem děkuju moc!

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43072
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod jaro3 » 31 pro 2020 17:18

Stáhni si ATF Cleaner ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
pro majitele win7 stáhni zde: ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Příspěvky: 11
Registrován: říjen 15
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod DekkerDave » 02 led 2021 14:42

Ahoj, hotovo a posílám log. To od Samsungu je k WiFi tiskárně:

# -------------------------------
# Malwarebytes AdwCleaner
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support:
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-02-2021
# Duration: 00:00:45
# OS: Windows 10 Pro
# Scanned: 31930
# Detected: 3

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.SamsungEasyDocumentCreator Folder C:\Program Files (x86)\SAMSUNG\EASY DOCUMENT CREATOR
Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Samsung Easy Document Creator
Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}

AdwCleaner[S00].txt - [1808 octets] - [30/12/2020 23:31:13]
AdwCleaner[C00].txt - [1586 octets] - [30/12/2020 23:31:59]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43072
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod jaro3 » 02 led 2021 15:57

Stáhni si Junkware Removal Tool by Thisisu ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu: ... _tool.html ... ool,1.html ... ool,1.html ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Příspěvky: 11
Registrován: říjen 15
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod DekkerDave » 03 led 2021 00:30

JRT něco smazal, posílám log. Sophos nenašel nic ani po pěti hodinovém scanu. RK našel, posílám také log.

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Fofrklacek (Administrator) on so 02.01.2021 at 18:36:46,47

File System: 1

Successfully deleted: C:\Users\Fofrklacek\AppData\Local\vghd (Folder)

Deleted the following from C:\Users\Fofrklacek\AppData\Roaming\Mozilla\Firefox\Profiles\46at8asm.default-1479809188723\prefs.js
user_pref(browser.urlbar.suggest.searches, false);

Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)

Scan was completed on so 02.01.2021 at 18:41:04,78
End of JRT log

RogueKiller Anti-Malware V14.8.2.0 (x64) [Dec 28 2020] (Free) by Adlice Software
mail :
Website :
Operating System : Windows 10 (10.0.19041) 64 bits
Started in : Normal mode
User : Fofrklacek [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20201228_093404, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2021/01/03 00:11:08 (Duration : 00:16:00)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> O87 - Firewall
[PUP.Gen1 (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CD559F1B-DD89-4E4A-897A-DE78DBA21231} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Fofrklacek\AppData\Local\vghd\bin\vghd.exe|Name=Vghd| (C:\Users\Fofrklacek\AppData\Local\vghd\bin\vghd.exe) (missing) -> Found
[PUP.Gen1 (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FCD82287-189D-4961-963F-A6AE59534484} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Fofrklacek\AppData\Local\vghd\bin\vghd.exe|Name=Vghd| (C:\Users\Fofrklacek\AppData\Local\vghd\bin\vghd.exe) (missing) -> Found
>>>>>> XX - System Policies
[PUM.Policies (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43072
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod jaro3 » 03 led 2021 15:23

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware
Stáhni Zoek.exe

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše


klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu: ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.

Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Příspěvky: 11
Registrován: říjen 15
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod DekkerDave » 03 led 2021 17:32

Postupoval jsem v pořadí ve tvém příspěvku - RK ještě něco našel, tak jsem ho nechal smazat vše. ZOEK log posílám níže, Zemana nenašel nic. Posílám také log z HJT, nicméně pop-upy se při puštění foobaru stále objevují. Prošel jsem ještě nastavení toho přehrávače a má v sobě plug-in ke stahování textu. Protože pop-upy vyskakují pár vteřin po spuštění stopy, nemůže to mít spojitost s tím? Ale rozhodně to v minulosti nedělalo...

RogueKiller Anti-Malware V14.8.2.0 (x64) [Dec 28 2020] (Free) by Adlice Software
mail :
Website :
Operating System : Windows 10 (10.0.19041) 64 bits
Started in : Normal mode
User : Fofrklacek [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210103_083432, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2021/01/03 16:23:23 (Duration : 00:13:53)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CD559F1B-DD89-4E4A-897A-DE78DBA21231} -- [%localappdata%\vghd\bin\vghd.exe] -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FCD82287-189D-4961-963F-A6AE59534484} -- [%localappdata%\vghd\bin\vghd.exe] -> Deleted
[PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Replaced (2)
[PUP.Gen1 (Potentially Malicious)] DesktopVideoPlayer.lnk -- %programdata%\Microsoft\Windows\Start Menu\Programs\StartUp\DesktopVideoPlayer.lnk (lnk => C:\Users\Fofrklacek\AppData\Local\vghd\bin\vghd.exe [-fromStartup]) -> Deleted
[PUP.Gen1 (Potentially Malicious)] DesktopVideoPlayer.lnk -- %_Fofrklacek_appdata%\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk (lnk => C:\Users\Fofrklacek\AppData\Local\vghd\bin\vghd.exe [-fromStartup]) -> Deleted
[PUP.Gen1 (Potentially Malicious)] iStripper.lnk -- %_Fofrklacek_appdata%\Microsoft\Windows\Start Menu\Programs\iStripper\iStripper.lnk (lnk => C:\Users\Fofrklacek\AppData\Local\vghd\bin\vghd.exe []) -> Deleted
[PUP.Gen1 (Potentially Malicious)] Uninstall iStripper.lnk -- %_Fofrklacek_appdata%\Microsoft\Windows\Start Menu\Programs\iStripper\Uninstall iStripper.lnk (lnk => C:\Users\Fofrklacek\AppData\Local\vghd\bin\unins000.exe []) -> Deleted

Zde je výsledek ZOEKu:

C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Fofrklacek\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\Fofrklacek\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Fofrklacek\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Fofrklacek\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Fofrklacek\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=336 folders=206 90925779 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Fofrklacek\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\FOFRKL~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted

==== EOF on ne 03.01.2021 at 17:07:29,04 ======================

Zde je log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:07, on 3.1.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe
C:\Program Files (x86)\GIGABYTE\GIGABYTE K85 Tool\XKber.exe
C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [GIGABYTE K85 Tool] C:\Program Files (x86)\GIGABYTE\GIGABYTE K85 Tool\Launcher.exe /auto
O4 - HKLM\..\Run: [GK6XPlus Driver] "C:\Program Files (x86)\GK6XPlus Driver\CMS.exe" /s
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Argus Monitor] "C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: GIGABYTE K85 Tool.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE K85 Tool\XKber.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - ...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - ... /
O17 - HKLM\System\CCS\Services\Tcpip\..\{F542532B-E467-48BB-85E4-F29167D65A55}: NameServer =,
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_fa2ad - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetLimiter 4 Service (nlsvc) - Locktime Software - C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PAExec - Power Admin LLC - C:\Windows\PAExec.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WinTab Service (WinTabService) - Unknown owner - C:\Windows\System32\Drivers\WTSRV.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

End of file - 11540 bytes

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43072
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod jaro3 » 03 led 2021 19:46

Může , zkus odebrat ten plug-in.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - ...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - ... /

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.: ... ool/dl/81/
64bit.: ... ool/dl/82/
další odkaz: ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Příspěvky: 11
Registrován: říjen 15
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod DekkerDave » 03 led 2021 20:41

Plugin odebrán - jeho .dll soubor přesunut jinam a problémy přestaly. Nicméně fixnuto v HJT. Jen nevím, proč FRST u ESS firewallu hlásí, že je aktivní, když jsem ho účelově vypínal. Každopádně tady jsou logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Fofrklacek (administrator) on FOFRKLACEK-PC (MSI MS-7816) (03-01-2021 20:29:15)
Running from C:\Users\Fofrklacek\Desktop
Loaded Profiles: Fofrklacek
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Argotronic UG (haftungsbeschränkt) -> ) C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\GIGABYTE K85 Tool\XKber.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.72.4001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piotr Pawłowski -> Piotr Pawlowski) [File not signed] C:\Program Files (x86)\foobar2000\foobar2000.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\spdsvc.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(UC-Logic Technology Corporation -> Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(UC-Logic Technology Corporation -> UC-Logic Technology Corp.) C:\Windows\System32\drivers\WTSrv.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve -> Valve Corporation) D:\Steam\steam.exe
( Limited -> D:\\GameCenter\dlls\wgc_renderer.exe <3>
( Limited -> D:\\GameCenter\WargamingErrorMonitor.exe
( Limited -> D:\\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [175504 2020-11-05] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [WTClient] => C:\Windows\SysWOW64\WTClient.exe [40832 2012-12-22] (UC-Logic Technology Corporation -> Tablet Driver)
HKLM-x32\...\Run: [GIGABYTE K85 Tool] => C:\Program Files (x86)\GIGABYTE\GIGABYTE K85 Tool\Launcher.exe [35272 2018-08-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\Run: [GK6XPlus Driver] => C:\Program Files (x86)\GK6XPlus Driver\CMS.exe [849880 2020-05-12] (深圳市赛盟特科技有限公司 -> )
HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\Run: [Steam] => D:\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\Run: [Argus Monitor] => C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe [3342272 2019-04-07] (Argotronic UG (haftungsbeschränkt) -> )
HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\MountPoints2: {719fb0fc-9d1a-11ea-9e5a-d43d7eb63140} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [43520 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us00aPC: C:\Windows\System32\spool\prtprocs\x64\us00apc.dll [43520 2015-08-20] (Windows (R) Codename Longhorn DDK provider) [File not signed]
HKLM\...\Print\Monitors\Software602 XPS port monitor: c:\windows\system32\602localmon.dll [54864 2018-05-31] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: c:\windows\system32\ssm4mlm.dll [22528 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us00a Langmon: c:\windows\system32\us00alm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE K85 Tool.lnk [2018-01-15]
ShortcutTarget: GIGABYTE K85 Tool.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE K85 Tool\XKber.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2016-08-10]
ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (SOKNO S.R.L. -> )
Startup: C:\Users\Fofrklacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2016-08-10]
ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (SOKNO S.R.L. -> )
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {000288DE-1114-4F76-B67E-A7C0BB22450C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {038C4422-86A8-4EFE-A57C-5FBBDD2DEACE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {03F9A1D0-47E6-44C2-B90A-41BA0B876751} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {082C7431-11B1-4E2A-B1A6-DE0BD98D19CD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C6A1596-0EF8-4471-94E9-70AD4396E660} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {0C8E93FF-1752-4526-8D5C-21EA04EF922B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {1AAB27A8-E1FE-42C5-BCDB-CBCCF112BC47} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {1E56AE99-E829-488A-9ED5-79F92BA02337} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {219432E6-C03F-4C49-B13E-7FA38CA1C74E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {26008E1C-3FBB-4600-B8DF-345C761B30B4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {273DB04A-2E0D-40ED-A088-69C283F26B1C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34DC924D-9513-4284-A667-BD2C95F9BE5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: {36093976-F013-4A90-B9CC-0903230D759F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {3FC2C6B8-407A-4A49-A991-98CE6AC48C57} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {412CFDA4-D5CC-4B7B-8F17-D0B093AFF91A} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {418561AF-BEB6-4D24-880B-72487D08A3E8} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4BF02E7E-D2FF-482B-B7AA-7397F8592869} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {578AADE4-869C-44FB-A3E6-930537578587} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5FA6AF53-18E1-45CA-AAE0-C5C870EE9E86} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {60E582AD-5259-48B6-AD00-BE994760D631} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {66EFE536-5C2B-4677-A388-82C502179C53} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {69DEC491-A7C3-4E33-98C4-F492FBD15C0E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {71BE6CBE-ED00-46F0-8EFB-FF7D96002F19} - System32\Tasks\AdobeAAMUpdater-1.0-Fofrklacek-PC-Fofrklacek => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {732590F5-BD0C-4CC8-9315-D7CA099B520F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {74F9B7D8-13EA-4DBF-B419-A0B7F8635371} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A6ECDCF-4A1B-4638-9AE6-68B929AACC89} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {7F717ECE-972E-4A9A-A318-BDD5B70FF038} - System32\Tasks\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [8166536 2016-06-29] (SOKNO S.R.L. -> )
Task: {8099A329-BF97-4E9F-BB7C-ABDD7398F5CC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85C5AFB4-5149-480C-AF55-BF3A1571AF52} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {89BB5FC3-6A47-4512-B26B-A5D90CC0A350} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {89F135F3-09E5-442C-9E70-65CAB2D3A45C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C0D8D4D-5803-45DE-BCCB-0DA38615D567} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {9101E202-5F6A-4022-B4ED-8160EBDDCB19} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {93C77CA3-B63C-480A-858A-E28430470611} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {977EDA5F-05A4-4F23-ACD3-8C87FD7FAA58} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9EFD91E9-BB96-486E-983A-8311D0677339} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F893F9B-858F-4757-B82C-3EF8779BC8D9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A5A1AF7D-F322-409D-AD16-1A7845F2031B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ADC5BCB4-EFD1-4F51-AAEF-D372CB05A1BA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B47CD9AD-9BD2-45D4-BCA2-DFF23973281D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7EC0CB7-F3E6-479F-B342-428A1D1EFF5C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C4CCABB7-C829-47E2-9CC6-A239A927711B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D485F2DA-F32D-4015-8CF5-CAC103D39E7F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {D50EF347-B5A0-46A2-B582-3D32DB55AB16} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DA9D02BF-A888-4082-A95B-41645FFEEF18} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DAA3FC48-82FE-42D9-A80E-47199D51DC78} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E65BA48A-C0AB-4E30-B58B-2EAD24F1CF83} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E8BDCFBD-7E0E-4AC9-9D1E-1811B82223FA} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {EAA310C8-E4F8-4E42-8D30-6E106F19BD32} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FBCCBB62-09D2-4752-AAB2-131DA541685C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: {FF6894FD-DF19-4088-A466-EB64E1E11F97} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {FFA5CD38-D91C-431A-BF89-F3E04F10787F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{b4375a86-63da-49c7-a97c-0bab1e36c745}: [DhcpNameServer]
Tcpip\..\Interfaces\{F542532B-E467-48BB-85E4-F29167D65A55}: [NameServer],
Tcpip\..\Interfaces\{F542532B-E467-48BB-85E4-F29167D65A55}: [DhcpNameServer]

FF ProfilePath: C:\Users\Fofrklacek\AppData\Roaming\Mozilla\Firefox\Profiles\46at8asm.default-1479809188723 [2021-01-03]
FF Homepage: Mozilla\Firefox\Profiles\46at8asm.default-1479809188723 -> about:home
FF NewTab: Mozilla\Firefox\Profiles\46at8asm.default-1479809188723 -> about:newtab
FF Extension: (Disconnect) - C:\Users\Fofrklacek\AppData\Roaming\Mozilla\Firefox\Profiles\46at8asm.default-1479809188723\Extensions\ [2017-12-25]
FF Extension: (AdNauseam) - C:\Users\Fofrklacek\AppData\Roaming\Mozilla\Firefox\Profiles\46at8asm.default-1479809188723\Extensions\ [2018-07-22]
FF Extension: (AdBlock) - C:\Users\Fofrklacek\AppData\Roaming\Mozilla\Firefox\Profiles\46at8asm.default-1479809188723\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-07-22]
FF Extension: (uBlock Origin) - C:\Users\Fofrklacek\AppData\Roaming\Mozilla\Firefox\Profiles\46at8asm.default-1479809188723\Extensions\ [2018-07-22]
FF Extension: (Video DownloadHelper) - C:\Users\Fofrklacek\AppData\Roaming\Mozilla\Firefox\Profiles\46at8asm.default-1479809188723\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-07-22]
FF Extension: (Adblock Plus) - C:\Users\Fofrklacek\AppData\Roaming\Mozilla\Firefox\Profiles\46at8asm.default-1479809188723\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-22]
FF Plugin: -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32:,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32:,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

CHR DefaultProfile: Default
CHR Profile: C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default [2021-01-03]
CHR HomePage: Default -> hxxp://
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-03]
CHR Extension: (BetterTTV) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-01-03]
CHR Extension: (Dokumenty) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-03]
CHR Extension: (Disk Google) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-03]
CHR Extension: (YouTube) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-03]
CHR Extension: (Tabulky) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-03]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-03]
CHR Extension: (Gmail) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-03]
CHR Extension: (Chrome Media Router) - C:\Users\Fofrklacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8634928 2020-05-14] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2020-06-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2595360 2020-11-05] (ESET, spol. s r.o. -> ESET)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-24] (Malwarebytes Inc -> Malwarebytes)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [322480 2015-10-10] (Locktime Software s.r.o. -> Locktime Software)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2329904 2019-08-23] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3204912 2019-08-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 PAExec; C:\Windows\PAExec.exe [189112 2017-11-24] (Power Admin LLC -> Power Admin LLC)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2017-10-06] (Even Balance, Inc. -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13684792 2020-12-28] (Adlice -> )
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [499000 2016-08-17] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [78064 2013-04-19] (UC-Logic Technology Corporation -> UC-Logic Technology Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-12-21] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 ArgusMonitor; C:\Windows\SysWow64\drivers\ArgusMonitor.sys [68640 2019-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Argotronic UG (haftungsbeschraenkt))
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [229432 2015-05-24] (DEV47 APPS -> Dev47Apps)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-27] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [190464 2020-10-27] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\System32\DRIVERS\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [70048 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-27] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [181160 2018-09-02] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-24] (Malwarebytes Corporation -> Malwarebytes)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-03] (Malwarebytes Inc -> Malwarebytes)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [120720 2015-10-10] (Locktime Software s.r.o. -> Locktime Software)
R3 PTSimBus; C:\WINDOWS\System32\drivers\PTSimBus.sys [32128 2012-12-22] (UC-Logic Technology Corporation -> PenTablet Driver)
S3 PTSimHid; C:\WINDOWS\System32\drivers\PTSimHid.sys [22912 2012-12-22] (UC-Logic Technology Corporation -> UC-Logic Technology Corp.)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 TClass2k; C:\WINDOWS\system32\DRIVERS\TClass2k.sys [32128 2012-12-22] (UC-Logic Technology Corporation -> Tablet Driver)
S3 UCTblHid; C:\WINDOWS\system32\DRIVERS\UCTblHid.sys [27520 2012-12-22] (UC-Logic Technology Corporation -> Tablet Driver)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-04-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-13] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-03 20:28 - 2021-01-03 20:28 - 000000000 ____D C:\Users\Fofrklacek\Desktop\backups
2021-01-03 17:16 - 2021-01-03 17:16 - 000388608 _____ (Trend Micro Inc.) C:\Users\Fofrklacek\Desktop\HijackThis.exe
2021-01-03 17:08 - 2021-01-03 17:08 - 000024009 _____ C:\Users\Fofrklacek\Desktop\zoek-results.txt
2021-01-03 17:08 - 2021-01-03 17:08 - 000000000 ____D C:\Users\Fofrklacek\AppData\Roaming\GK6XPlus-CMS
2021-01-03 17:06 - 2021-01-03 17:16 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\VirtualStore
2021-01-03 17:06 - 2021-01-03 17:06 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-03 17:06 - 2021-01-03 17:06 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-03 17:06 - 2021-01-03 17:06 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-03 17:05 - 2021-01-03 17:05 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-03 17:03 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-01-03 16:40 - 2021-01-03 17:00 - 000000000 ____D C:\zoek_backup
2021-01-03 16:40 - 2020-09-06 23:04 - 002038755 _____ C:\Users\Fofrklacek\Desktop\zoek (1).exe
2021-01-03 16:39 - 2021-01-03 17:04 - 000227160 _____ C:\WINDOWS\ntbtlog.txt
2021-01-03 16:39 - 2021-01-03 16:39 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-01-03 16:25 - 2021-01-03 16:26 - 000000000 ____D C:\Users\Fofrklacek\Desktop\zoek1
2021-01-03 16:25 - 2021-01-03 16:25 - 001800862 _____ C:\Users\Fofrklacek\Desktop\zoek1.rar
2021-01-03 16:25 - 2021-01-03 16:25 - 000004144 _____ C:\Users\Fofrklacek\Desktop\RK.txt
2021-01-03 00:09 - 2021-01-03 00:09 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-01-03 00:09 - 2021-01-03 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-01-03 00:09 - 2021-01-03 00:09 - 000000000 ____D C:\Program Files\RogueKiller
2021-01-03 00:08 - 2021-01-03 00:08 - 040484848 _____ (Adlice Software ) C:\Users\Fofrklacek\Desktop\setup.exe
2021-01-02 21:56 - 2021-01-02 21:56 - 000174176 _____ C:\ProgramData\DXDiag.xml
2021-01-02 21:19 - 2021-01-02 21:19 - 000000646 _____ C:\Users\Fofrklacek\Desktop\WGCheck_EU.lnk
2021-01-02 18:44 - 2021-01-02 18:44 - 000000000 ____D C:\ProgramData\Sophos
2021-01-02 18:43 - 2021-01-02 18:44 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2021-01-02 18:43 - 2021-01-02 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2021-01-02 18:43 - 2021-01-02 18:43 - 000000000 ____D C:\Program Files (x86)\Sophos
2021-01-02 18:42 - 2021-01-02 18:43 - 206758184 _____ (Sophos Limited) C:\Users\Fofrklacek\Desktop\Sophos Virus Removal Tool.exe
2021-01-02 18:41 - 2021-01-02 18:41 - 000001143 _____ C:\Users\Fofrklacek\Desktop\JRT.txt
2021-01-02 18:35 - 2021-01-02 18:35 - 001790024 _____ (Malwarebytes) C:\Users\Fofrklacek\Desktop\JRT.exe
2021-01-02 14:29 - 2021-01-02 14:29 - 000448512 _____ (OldTimer Tools) C:\Users\Fofrklacek\Desktop\TFC.exe
2020-12-31 00:40 - 2020-12-31 00:45 - 000082382 _____ C:\Users\Fofrklacek\Desktop\Addition.txt
2020-12-31 00:35 - 2021-01-03 20:30 - 000032143 _____ C:\Users\Fofrklacek\Desktop\FRST.txt
2020-12-31 00:34 - 2021-01-03 20:30 - 000000000 ____D C:\FRST
2020-12-31 00:33 - 2020-12-31 00:33 - 002286592 _____ (Farbar) C:\Users\Fofrklacek\Desktop\FRST64.exe
2020-12-31 00:26 - 2020-12-31 00:26 - 000522240 _____ (OldTimer Tools) C:\Users\Fofrklacek\Desktop\OTM.exe
2020-12-30 23:30 - 2020-12-30 23:31 - 000000000 ____D C:\AdwCleaner
2020-12-30 23:30 - 2020-12-30 23:30 - 008447152 _____ (Malwarebytes) C:\Users\Fofrklacek\Desktop\AdwCleaner.exe
2020-12-30 23:14 - 2020-12-30 23:14 - 011431000 _____ (SurfRight B.V.) C:\Users\Fofrklacek\Desktop\HitmanPro_x64.exe
2020-12-24 09:37 - 2021-01-03 17:05 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-24 09:37 - 2020-12-24 09:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-21 16:31 - 2020-12-21 16:31 - 000002692 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2020-12-21 16:30 - 2021-01-03 17:11 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\AMSDK
2020-12-21 16:30 - 2020-12-21 16:30 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-12-21 16:30 - 2020-12-21 16:30 - 000003564 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-12-21 16:30 - 2020-12-21 16:30 - 000001329 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-12-21 16:30 - 2020-12-21 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-12-21 16:30 - 2020-12-21 16:30 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-12-21 16:29 - 2020-12-21 16:29 - 012795472 _____ (Zemana Ltd. ) C:\Users\Fofrklacek\Desktop\AntiMalware_Setup.exe
2020-12-18 17:16 - 2020-12-18 17:20 - 000000000 ____D C:\Users\Fofrklacek\Desktop\Ascari
2020-12-17 22:29 - 2020-12-17 22:29 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\INetHistory
2020-12-11 17:38 - 2020-12-11 17:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-11 17:38 - 2020-12-11 17:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-11 17:38 - 2020-12-11 17:38 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-11 17:38 - 2020-12-11 17:38 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 17:38 - 2020-12-11 17:38 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-11 17:38 - 2020-12-11 17:38 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 17:38 - 2020-12-11 17:38 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 17:38 - 2020-12-11 17:38 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-11 17:38 - 2020-12-11 17:38 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-11 17:38 - 2020-12-11 17:38 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-11 17:37 - 2020-12-11 17:37 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-11 17:37 - 2020-12-11 17:37 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-11 17:37 - 2020-12-11 17:37 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-11 17:37 - 2020-12-11 17:37 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 17:37 - 2020-12-11 17:37 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-11 17:37 - 2020-12-11 17:37 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-11 17:37 - 2020-12-11 17:37 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-11 17:37 - 2020-12-11 17:37 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-11 17:37 - 2020-12-11 17:37 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-11 17:37 - 2020-12-11 17:37 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-11 17:37 - 2020-12-11 17:37 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-11 17:37 - 2020-12-11 17:37 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-08 18:57 - 2020-12-08 18:57 - 003721810 _____ C:\Users\Fofrklacek\Desktop\
2020-12-08 18:57 - 2020-12-08 18:57 - 002521435 _____ C:\Users\Fofrklacek\Desktop\
2020-12-06 20:02 - 2020-11-23 15:40 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-06 20:02 - 2020-11-23 15:40 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-06 20:02 - 2020-11-23 15:40 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-06 20:02 - 2020-11-23 15:40 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-06 20:02 - 2020-11-23 15:40 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-06 20:02 - 2020-11-23 15:40 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-06 20:02 - 2020-11-23 15:40 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-06 20:02 - 2020-11-23 15:40 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-06 20:02 - 2020-11-23 15:40 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-06 20:02 - 2020-11-23 15:40 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 002096880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 001159920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 000656112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-06 20:02 - 2020-11-23 15:38 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-06 20:02 - 2020-11-23 15:37 - 007706352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-06 20:02 - 2020-11-23 15:37 - 006860184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-06 20:02 - 2020-11-23 15:37 - 004175256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-06 20:02 - 2020-11-23 15:37 - 002508528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-06 20:02 - 2020-11-23 15:37 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445751.dll
2020-12-06 20:02 - 2020-11-23 15:37 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445751.dll
2020-12-06 20:02 - 2020-11-22 14:29 - 000038816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-12-06 00:51 - 2020-12-06 00:51 - 001534388 _____ C:\Users\Fofrklacek\Desktop\Acer Nitro VG270bmiix Manual en.pdf
2020-12-05 23:03 - 2020-12-05 23:04 - 000186333 _____ C:\Users\Fofrklacek\Desktop\IMG_20201205_123811-01.jpeg
2020-12-05 23:01 - 2020-12-05 23:06 - 000215217 _____ C:\Users\Fofrklacek\Desktop\IMG_20201204_144202-01.jpeg

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-03 20:30 - 2016-12-23 12:18 - 001309889 _____ C:\WINDOWS\ZAM.krnl.trace
2021-01-03 20:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-01-03 20:23 - 2020-11-17 21:13 - 032782338 _____ C:\Users\Fofrklacek\Desktop\Kiss of Death - 01-06 - Motorhead - God Was Never on Your Side.flac
2021-01-03 20:18 - 2016-02-05 01:18 - 000000000 ____D C:\Users\Fofrklacek\AppData\Roaming\foobar2000
2021-01-03 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\
2021-01-03 17:47 - 2015-12-08 17:54 - 000000000 ____D C:\Users\Fofrklacek\AppData\Roaming\vlc
2021-01-03 17:10 - 2017-11-24 23:32 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-03 17:05 - 2020-10-11 00:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-03 17:05 - 2020-10-11 00:02 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-03 17:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-03 17:05 - 2018-10-13 11:00 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-01-03 17:04 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-03 17:00 - 2009-07-14 04:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-01-03 16:23 - 2016-12-27 16:19 - 000000000 ____D C:\Users\Fofrklacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper
2021-01-03 10:31 - 2019-10-04 18:18 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-03 10:27 - 2015-11-03 23:43 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\Adobe
2021-01-03 00:14 - 2016-11-19 23:14 - 000000000 ____D C:\ProgramData\RogueKiller
2021-01-02 21:19 - 2019-12-28 12:21 - 000000000 ____D C:\Users\Fofrklacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\
2021-01-01 20:41 - 2020-10-11 00:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-01 19:30 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-30 22:57 - 2020-10-28 12:21 - 000019161 _____ C:\Users\Fofrklacek\Desktop\Goliath časy.ods
2020-12-27 01:34 - 2015-11-07 16:58 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\
2020-12-24 22:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-24 21:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-24 09:37 - 2020-11-10 18:52 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-24 09:37 - 2020-08-16 17:51 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-24 09:37 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-24 09:36 - 2019-07-05 22:56 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-24 00:50 - 2020-10-11 00:09 - 000000000 ____D C:\Users\Fofrklacek
2020-12-23 11:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-23 11:37 - 2018-10-07 17:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-21 17:24 - 2016-11-11 14:56 - 000000000 ____D C:\ProgramData\Codemasters
2020-12-21 17:24 - 2015-11-12 20:31 - 000000000 ____D C:\Users\Fofrklacek\Documents\My Games
2020-12-21 17:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-21 16:30 - 2016-12-23 12:18 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\Zemana
2020-12-19 10:25 - 2020-06-05 08:42 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-19 01:30 - 2015-11-05 23:31 - 000000000 ____D C:\Shadowplay
2020-12-18 19:43 - 2015-12-25 19:52 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\CrashDumps
2020-12-18 19:43 - 2015-11-11 16:11 - 000000000 ____D C:\uTorrent
2020-12-18 17:20 - 2015-11-05 12:11 - 000000132 _____ C:\Users\Fofrklacek\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2020-12-18 16:38 - 2015-11-03 12:51 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\NVIDIA
2020-12-17 22:35 - 2016-07-28 14:28 - 000007646 _____ C:\Users\Fofrklacek\AppData\Local\Resmon.ResmonCfg
2020-12-17 22:34 - 2018-10-07 17:56 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\Packages
2020-12-17 22:15 - 2018-10-07 18:01 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\PlaceholderTileLogoFolder
2020-12-16 19:30 - 2020-10-11 00:32 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1304720554-789506846-3919696667-1000
2020-12-16 19:30 - 2020-10-11 00:09 - 000002419 _____ C:\Users\Fofrklacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-16 19:30 - 2018-10-07 18:43 - 000000000 ___RD C:\Users\Fofrklacek\OneDrive
2020-12-12 09:42 - 2020-10-11 00:21 - 001797284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-12 09:42 - 2019-12-07 15:43 - 000750982 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-12 09:42 - 2019-12-07 15:43 - 000162556 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-12 00:30 - 2020-10-11 00:02 - 005051680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-12 00:27 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-12 00:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-12 00:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-12 00:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-12 00:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-12 00:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-12 00:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-12 00:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-12 00:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-11 17:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-09 16:09 - 2018-10-07 18:09 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\Comms
2020-12-08 16:23 - 2018-01-06 11:57 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-06 20:31 - 2018-10-07 18:07 - 000000000 ____D C:\Users\Fofrklacek\AppData\Local\D3DSCache
2020-12-06 20:05 - 2015-11-03 12:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-12-06 20:04 - 2015-11-03 12:02 - 000000000 ____D C:\Program Files\NVIDIA Corporation

==================== Files in the root of some directories ========

2015-11-05 12:11 - 2020-12-18 17:20 - 000000132 _____ () C:\Users\Fofrklacek\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-11-18 23:42 - 2019-07-14 21:23 - 000001480 _____ () C:\Users\Fofrklacek\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-02-04 20:36 - 2016-08-02 11:37 - 002128896 _____ () C:\Users\Fofrklacek\AppData\Local\file__0.localstorage
2018-11-28 22:59 - 2018-11-28 22:59 - 000000218 _____ () C:\Users\Fofrklacek\AppData\Local\recently-used.xbel
2016-07-28 14:28 - 2020-12-17 22:35 - 000007646 _____ () C:\Users\Fofrklacek\AppData\Local\Resmon.ResmonCfg
2015-12-27 20:00 - 2015-12-27 20:00 - 000025222 _____ () C:\Users\Fofrklacek\AppData\Local\sh20120914.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Příspěvky: 11
Registrován: říjen 15
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod DekkerDave » 03 led 2021 20:41

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Fofrklacek (03-01-2021 20:31:48)
Running from C:\Users\Fofrklacek\Desktop
Windows 10 Pro Version 2004 19041.685 (X64) (2020-10-10 23:33:19)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-1304720554-789506846-3919696667-500 - Administrator - Disabled)
dbran (S-1-5-21-1304720554-789506846-3919696667-1004 - Limited - Disabled)
DefaultAccount (S-1-5-21-1304720554-789506846-3919696667-503 - Limited - Disabled)
Fofrklacek (S-1-5-21-1304720554-789506846-3919696667-1000 - Administrator - Enabled) => C:\Users\Fofrklacek
Guest (S-1-5-21-1304720554-789506846-3919696667-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1304720554-789506846-3919696667-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1304720554-789506846-3919696667-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Disabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Disabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Disabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: - emc, uTorrent.CZ)
1D6 XVM ModPack version 1.3.0d (HKLM-x32\...\{7313F684-7847-4D11-A237-1034666BAB86}_is1) (Version: 1.3.0d - panteror)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: - NVIDIA Corporation) Hidden
ArgusMonitor (HKLM-x32\...\ArgusMonitor) (Version: - )
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Balíček ovladače systému Windows - STMicroelectronics (STTub30) USB (07/05/2012 (HKLM\...\4A1A85C6E9813B77863C2401251A5284B1923DA4) (Version: 07/05/2012 - STMicroelectronics) (HKLM-x32\...\ (Version: - Blizzard Entertainment)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 9.5.1 - Andrew Sampson)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: -
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CPUID HWMonitor 1.40 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.40 - CPUID, Inc.)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DaVinci Resolve (HKLM\...\{5D6009B3-E646-463A-805A-D5B95D0E36A2}) (Version: 12.5.5026 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{6FC8261F-6046-4ABB-851B-12FC923D0724}) (Version: - Blackmagic Design)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: - ESET, spol. s r.o.)
FireStorm version V2.0.0.006 (HKLM-x32\...\FireStorm_is1) (Version: V2.0.0.006 - )
foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GIGABYTE K85 Tool (HKLM-x32\...\GIGABYTE K85 Tool_is1) (Version: V1.12 - GIGABYTE Technology Co.,Inc.)
GK6XPlus Driver (HKLM-x32\...\{9E647FFC-B731-44c9-AD7E-332CD4C4D243}_is1) (Version: - SHENZHEN SEMITEK Co., LTD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: - Google LLC) Hidden
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 -
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: - Intel(R) Corporation) Hidden
iStripper version 1.2.276 (HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\iStripper_is1) (Version: 1.2.276 - Totem Entertainment)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: -
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: - )
Microsoft OneDrive (HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 cs) (HKLM\...\Mozilla Firefox 64.0 (x64 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: - Mozilla)
MPC-HC 1.7.10 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: - Electronic Arts)
NetLimiter 4 (HKLM\...\{A92DB91D-4B0D-4B77-A961-CC446220345B}) (Version: - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 (Version: - Locktime Software)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation)
NVIDIA Ovladač HD audia (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.13.2 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: - Electronic Arts, Inc.)
Ovládací panel NVIDIA 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 457.51 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PlanetSide 2 (HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.987 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
Recursion Tracker (HKLM-x32\...\{7764D59B-8E68-49FB-A4D8-4A22FE9700A6}) (Version: - Recursion)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: - Rockstar Games)
RogueKiller version (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: - Adlice Software)
Samsung Diagnostika tiskárny Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.46 (30.10.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.25 (29.9.2016) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: - Samsung Electronics Co., Ltd.)
SIM Dashboard (HKLM-x32\...\{24d83414-dc06-49e2-838b-f8ecc74a6881}) (Version: - stryder-it)
SIMDashboardServer (HKLM-x32\...\{D4E6F12C-FF85-4909-B7B1-1CCC8C6639E5}) (Version: - stryder-it) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Software602 Form Filler (HKLM-x32\...\{9210AEE3-6ECB-4271-A125-1039E94A6A51}) (Version: 4.75 - Software602 a.s.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Tablet Driver V5.02 (HKLM-x32\...\TabletDriver) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Klub 17 (HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\Klub-7) (Version: 7.5.0 - Team WRK17)
TKShellTools (HKLM-x32\...\{32B45B84-74C0-4F13-BE62-A8961E9A78BF}) (Version: 1.0.0 - KlubAdept)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: - Microsoft Corporation)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS)
VL Sound 5.1 (HKLM-x32\...\VL Sound 5.1) (Version: - Valera Lavrov)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) Game Center (HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\ Game Center) (Version: -
WGCheck_EU (HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\WGCHK.EU.PRODUCTION) (Version: -
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter) (Version: - ZJMedia Digital Technology Ltd.)
WinAVI Video Converter v11.6.1 (HKLM-x32\...\WinAVI Video Converter v11.6.1_is1) (Version: - ZJ Computing,Inc)
WinRAR 5.30 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-1304720554-789506846-3919696667-1000\...\WOT.EU.PRODUCTION) (Version: -
XVM verze 7.7.9 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 7.7.9 - XVM team)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)

Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-24] (Dolby Laboratories)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.458.956.2_x64__8wekyb3d8bbwe [2020-12-24] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> C:\Program Files\WindowsApps\Microsoft.Expansion1_1.225.171.2_neutral__8wekyb3d8bbwe [2020-12-17] (Microsoft Studios)
Forza Horizon 4 VIP -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon4VIP_1.0.3.2_neutral__8wekyb3d8bbwe [2020-12-17] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-10-07] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-13] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1304720554-789506846-3919696667-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-11-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-10-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-10-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-11-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-11-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-11-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-10-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-10-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.WVC1] => d3dgeardecoder64.dll
HKLM\...\Drivers32: [VIDC.WMV3] => d3dgeardecoder64.dll
HKLM\...\Drivers32: [VIDC.MJPG] => d3dgeardecoder64.dll
HKLM\...\Drivers32: [VIDC.M4S2] => d3dgeardecoder64.dll
HKLM\...\Drivers32: [VIDC.FVFW] => d3dgeardecoder64.dll
HKLM\...\Drivers32: [VIDC.FFVH] => d3dgeardecoder64.dll
HKLM\...\Drivers32: [VIDC.H264] => d3dgeardecoder64.dll
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2015-04-14] (Electronic Arts ->
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2015-04-14] (Electronic Arts ->
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32-x32: [VIDC.WVC1] => d3dgeardecoder.dll
HKLM\...\Drivers32-x32: [VIDC.WMV3] => d3dgeardecoder.dll
HKLM\...\Drivers32-x32: [VIDC.MJPG] => d3dgeardecoder.dll
HKLM\...\Drivers32-x32: [VIDC.M4S2] => d3dgeardecoder.dll
HKLM\...\Drivers32-x32: [VIDC.FVFW] => d3dgeardecoder.dll
HKLM\...\Drivers32-x32: [VIDC.FFVH] => d3dgeardecoder.dll
HKLM\...\Drivers32-x32: [VIDC.H264] => d3dgeardecoder.dll
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]

Příspěvky: 11
Registrován: říjen 15
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod DekkerDave » 03 led 2021 20:42

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Fofrklacek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2018-01-15 18:37 - 2016-03-11 17:49 - 000225792 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\GIGABYTE K85 Tool\GvFireware.dll
2014-09-08 13:38 - 2014-09-08 13:38 - 000051200 _____ () [File not signed] C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2016-10-27 09:48 - 2016-03-24 04:56 - 002817536 _____ () [File not signed] C:\WINDOWS\system32\DlgSearchEngine.dll
2013-06-17 18:33 - 2013-06-17 18:33 - 000090112 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll
2015-10-10 09:31 - 2015-10-10 16:40 - 001589760 _____ (Locktime Software) [File not signed] [File is in use] C:\Program Files\Locktime Software\NetLimiter 4\NetLimiter.Runtime.dll
2020-10-11 00:12 - 2020-10-11 00:12 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2013-04-03 10:24 - 2013-04-03 10:24 - 000128784 _____ (Piotr Pawlowski -> Peter Pawlowski) [File not signed] C:\Program Files (x86)\foobar2000\ShellExt64.dll
2016-07-26 11:57 - 2016-07-26 11:57 - 000123904 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
2018-01-15 18:37 - 2011-03-23 02:32 - 000025600 _____ (Texas Instruments, Inc.) [File not signed] C:\Program Files (x86)\GIGABYTE\GIGABYTE K85 Tool\BSL430.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp:// [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp:// [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2018-01-15 18:37 - 2016-04-07 09:42 - 000196608 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\GIGABYTE K85 Tool\GvAutoUpdate.dll
2015-12-03 23:03 - 2011-10-12 16:50 - 000270848 _____ (UC-Logic Technology Corp.) [File not signed] C:\WINDOWS\SYSTEM32\MenuWnd.dll
2016-10-27 09:48 - 2015-08-20 02:14 - 000043520 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\us00apc.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-1304720554-789506846-3919696667-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://{searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2021-01-03 20:28 - 000000813 _____ C:\WINDOWS\system32\drivers\etc\hosts localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\programdata\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files (x86)\skype\phone\;c:\program files\d3dgear;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1304720554-789506846-3919696667-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Fofrklacek\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A15C38A7-FB74-447B-B174-38D9B1A7B017}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [File not signed]
FirewallRules: [{3C080D39-F074-48E2-B85A-944C6A722917}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [File not signed]
FirewallRules: [{990295C4-403B-47A5-8FAF-EF8FF2309ACD}] => (Allow) D:\Steam\steamapps\common\Starship EVO\Starship EVO.exe () [File not signed]
FirewallRules: [{2DD872EA-E2F7-4584-A3D8-D9BA401C64FC}] => (Allow) D:\Steam\steamapps\common\Starship EVO\Starship EVO.exe () [File not signed]
FirewallRules: [{6A6A2641-F98D-4229-9DA0-0CE34BF86795}] => (Allow) D:\Steam\steamapps\common\Let Them Come\LetThemCome.exe (Tuatara Games) [File not signed]
FirewallRules: [{2C599DA2-F458-46DE-A5FA-C8DAC7F627C5}] => (Allow) D:\Steam\steamapps\common\Let Them Come\LetThemCome.exe (Tuatara Games) [File not signed]
FirewallRules: [{2AD53B36-707A-42D3-BC7B-40A7663A304C}] => (Allow) D:\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{192FF412-397B-4280-9C1E-8D923A2421F2}] => (Allow) D:\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{A91315CA-8048-4DB0-B090-9AF18F9CA363}] => (Allow) D:\Steam\steamapps\common\Warfare 1944\Warfare1944\Binaries\Win64\Warfare1944-Win64-Shipping.exe (Drakeling Labs) [File not signed]
FirewallRules: [{99A6421F-081D-4060-B155-CC4887586D99}] => (Allow) D:\Steam\steamapps\common\Warfare 1944\Warfare1944\Binaries\Win64\Warfare1944-Win64-Shipping.exe (Drakeling Labs) [File not signed]
FirewallRules: [{BF835A27-E4EE-4106-8B7D-EB02BD58AD4E}] => (Allow) D:\Steam\steamapps\common\Post Scriptum\Launch_PostScriptum.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{099F4688-8DEA-4891-B385-F4BF20B51BCB}] => (Allow) D:\Steam\steamapps\common\Post Scriptum\Launch_PostScriptum.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{786FE68F-7C77-4D20-99D2-42D6E744C22C}] => (Allow) D:\Steam\steamapps\common\Hell Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{72E40621-AEA3-4552-B197-88F6F009C2F7}] => (Allow) D:\Steam\steamapps\common\Hell Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6C5F2449-03AE-496E-A4DB-DBB96A1E99A5}] => (Allow) D:\Steam\steamapps\common\Niffelheim\BloodyMoonDLC\BloodyMoonDLC.exe => No File
FirewallRules: [{3C0D9E84-778F-4D74-9BE2-62076F26680F}] => (Allow) D:\Steam\steamapps\common\Niffelheim\BloodyMoonDLC\BloodyMoonDLC.exe => No File
FirewallRules: [{1B56D5D3-72CD-49AD-99AA-106D3AD24AD7}] => (Allow) D:\Steam\steamapps\common\Niffelheim\OdinBlessDLC\OdinBlessDLC.exe => No File
FirewallRules: [{36F79F0D-35AA-4D09-A4B6-66039719F28D}] => (Allow) D:\Steam\steamapps\common\Niffelheim\OdinBlessDLC\OdinBlessDLC.exe => No File
FirewallRules: [{203EC79C-999F-4804-8ED8-1158826B22DF}] => (Allow) D:\Steam\steamapps\common\House Party\HouseParty.exe () [File not signed]
FirewallRules: [{261D1B20-2BD9-426B-ACE2-EC78CC2CB61D}] => (Allow) D:\Steam\steamapps\common\House Party\HouseParty.exe () [File not signed]
FirewallRules: [{F81524A4-4537-40DF-8885-0A004BCA9D02}] => (Allow) D:\Steam\steamapps\common\TankMechanicSimulator\TankMechanicSimulator.exe () [File not signed]
FirewallRules: [{66385550-6516-4F11-A8FD-6CAEE3CDC6C8}] => (Allow) D:\Steam\steamapps\common\TankMechanicSimulator\TankMechanicSimulator.exe () [File not signed]
FirewallRules: [{EE6B4271-8907-4638-B72D-12D987B561D6}] => (Allow) D:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{64C3D9B6-B514-4DC9-BD55-5388ADC5295E}] => (Allow) D:\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{C7ED3639-AEB7-4C52-BEA1-664A37470431}] => (Allow) D:\Steam\steamapps\common\Kingdoms and Castles\KingdomsAndCastles.exe () [File not signed]
FirewallRules: [{8FD862E9-9B25-429B-8460-538651B3731E}] => (Allow) D:\Steam\steamapps\common\Kingdoms and Castles\KingdomsAndCastles.exe () [File not signed]
FirewallRules: [{2FACA9D7-A12B-409C-8675-042438A8744E}] => (Allow) D:\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [File not signed]
FirewallRules: [{0AA77ACA-70E7-498E-A8A9-7D311E54CC23}] => (Allow) D:\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [File not signed]
FirewallRules: [{61D97D52-ACA5-451C-9F5E-C3DA5FE72AEB}] => (Allow) D:\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{12427E80-FC96-4536-BD8D-5C6BB28B7962}] => (Allow) D:\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE04A0CC-6E19-485F-B41B-CC242CAB4DAE}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{94AFFF2E-1994-4250-A3E6-0940E709CC63}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B5B03B43-F822-42A7-BDDE-534EF7FDA908}] => (Allow) D:\Steam\steamapps\common\Freeman Guerrilla Warfare\StartFGW.exe () [File not signed]
FirewallRules: [{0BAAB0DC-F3C8-4ED5-B14A-5488AA708BFB}] => (Allow) D:\Steam\steamapps\common\Freeman Guerrilla Warfare\StartFGW.exe () [File not signed]
FirewallRules: [{916AA802-754D-455F-A6B1-51BD4F202648}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B00CC680-B012-4E53-A12A-DDD8FF27B213}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{560D337D-D566-452F-9C55-35F49BC19D7A}] => (Allow) D:\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{F4D5FB1C-5FD7-491B-B0D1-4F75CC4D8FB1}] => (Allow) D:\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{54550191-79AF-49AE-9C12-1EAFDDECA01F}] => (Allow) D:\Steam\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{A316346E-2DEB-42D7-9118-7133740F437F}] => (Allow) D:\Steam\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{5526A502-69A6-4A07-A6CB-E6F0168695EC}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{544E88CB-D42E-4360-AEFB-81839D757DE0}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{9AA0FC87-27AB-459C-95B9-1533EDE99450}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{89F9E719-EA2D-47CC-BB0A-4309A4BB302A}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{8F81E54E-9460-4A3F-9FF8-BA685428B67C}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{3BEC4613-23A1-4AF7-A61A-3B2DA825D819}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{89022B7B-77F2-4D7F-876F-D61F5F6C1145}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C938131-C38D-4CDA-8838-AFB37FCAC879}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D05D205-C273-4168-ACA1-C7DD26C46FA4}] => (Allow) D:\Steam\steamapps\common\House Flipper\HouseFlipper.exe () [File not signed]
FirewallRules: [{808B6A71-E348-4057-A87B-2B3E45239795}] => (Allow) D:\Steam\steamapps\common\House Flipper\HouseFlipper.exe () [File not signed]
FirewallRules: [{92D6803D-A859-490D-B0AC-295F7C42EB8B}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{371AAA2C-34E9-4531-A540-B9CAA5BFF68A}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{244A0885-1038-462F-BED8-69035D0D8FEF}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{C6FCD6FB-09F9-4B15-8609-AB6ACE1EA14D}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{F4CE23BE-08D8-4ED7-862A-3C17FC61BEE2}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D400E2D8-9334-423C-8A55-98D27A311B16}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{15F09609-EDB5-43A7-A71B-22184AF668B5}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{DB7D1AF3-05FB-4EB8-920B-7775A568CB12}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{A18ECD54-30C4-49D9-89FE-83981565495B}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{A0FBEF56-412B-43A8-9547-A36AC26E2B83}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{EA22728E-37FA-4B96-BA30-673028EB9F8F}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{2868ED5F-D781-4C62-8264-28B3F2DB024A}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{7A185475-C431-48D4-A9B9-72892601C8BE}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{CD6A0D3C-321D-42BE-9EA5-2EC35B3A9169}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe => No File
FirewallRules: [{A0D2E167-9CE9-4C39-A321-31794B41A79A}] => (Allow) D:\Steam\steamapps\common\Freeman Guerrilla Warfare\Freeman Guerrilla Warfare.exe => No File
FirewallRules: [{5186267B-28B3-4B21-97F0-A06C689556A8}] => (Allow) D:\Steam\steamapps\common\Freeman Guerrilla Warfare\Freeman Guerrilla Warfare.exe => No File
FirewallRules: [{B2A4E8E4-5515-48A6-BAF9-00F97607C3BA}] => (Allow) D:\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{216A1296-8D5F-4734-8B20-22723A2E242F}] => (Allow) D:\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{8EBDE0A0-6C53-46C1-B716-31E206C3AED3}] => (Allow) D:\Steam\steamapps\common\Foxhole\War.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{15693CA3-7649-42AA-B98B-6DBEE1664CC6}] => (Allow) D:\Steam\steamapps\common\Foxhole\War.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6C883B62-BC64-4245-865A-7454C835E3CD}] => (Allow) D:\Steam\steamapps\common\Domina\Domina.exe (Dolphin Barn Incorporated) [File not signed]
FirewallRules: [{49049361-CFBB-4C76-8E12-2D471A1CF089}] => (Allow) D:\Steam\steamapps\common\Domina\Domina.exe (Dolphin Barn Incorporated) [File not signed]
FirewallRules: [{0F2F2C8C-ABF5-4A43-969D-9921698959E4}] => (Allow) D:\Steam\steamapps\common\MedievalEngineers\Bin64\MedievalEngineers.exe (Keen Software House a.s. -> Keen Software House)
FirewallRules: [{3D797F3C-1364-4B33-902E-EA800698F844}] => (Allow) D:\Steam\steamapps\common\MedievalEngineers\Bin64\MedievalEngineers.exe (Keen Software House a.s. -> Keen Software House)
FirewallRules: [{BA8A11D0-BB0A-4862-9637-92635CB7245B}] => (Allow) D:\Steam\steamapps\common\Ylands\Ylands.exe (BOHEMIA INTERACTIVE a.s. -> )
FirewallRules: [{848625B3-09F3-4631-A092-F5E3C790F04A}] => (Allow) D:\Steam\steamapps\common\Ylands\Ylands.exe (BOHEMIA INTERACTIVE a.s. -> )
FirewallRules: [{37EB02B6-E2DC-4248-9201-81D92ABA45D0}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{96EE4A5C-9773-4516-A4AE-50D6859792ED}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{F6C0952E-4B76-4B81-BCA7-D5F921DF5FC4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B4EE65CC-E5CE-43CB-9A46-B571B29DF405}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{0FDA1501-E0D3-47AE-B042-88473AA2F28F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EDD73E3B-45B9-4959-9C41-B0311FE1D807}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D4C8F8A8-C116-458E-8BE2-9A3DAE1AB767}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [{8E8270E8-8BAC-485D-94EE-FE405049C691}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [{74A42FB3-0306-4CB0-BAA3-747CA4D3685D}] => (Allow) D:\Origin Games\Need for Speed The Run\Need For Speed The Run.exe (Electronic Arts -> Electronic Arts, Inc.)
FirewallRules: [{9500EDD0-BE38-46D8-839B-453443B78D4C}] => (Allow) D:\Origin Games\Need for Speed The Run\Need For Speed The Run.exe (Electronic Arts -> Electronic Arts, Inc.)
FirewallRules: [{F421405F-3D0E-4AF6-93DC-D4AFFBFBFF63}] => (Allow) D:\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{75FD2691-ABF5-4354-9EAE-EC1FA43BB5B9}] => (Allow) D:\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{0FBEF49D-CD40-4BC5-8FFF-1608F63F6119}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{752C9068-D4CA-4F7D-80F2-06A05376B0B6}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{975BEF1F-2BE7-41D7-B27C-0AA98B1A0A90}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{E4DF19C0-7C4D-417F-B335-3287C276C30E}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{3AA21653-CC83-4063-B299-7DDA36388BCB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{9EE7CA46-0F76-41A1-A15F-02E8B00D85E0}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe () [File not signed]
FirewallRules: [{45D897D3-5DD6-45EE-9179-E0BFD4489B4A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{098E32B5-6FD2-4A4A-B645-438457E5B644}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{8D54D7C7-C8E8-4267-B0B1-99C968016337}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{12755A49-55F1-44DC-9FD4-91190ED9CAA3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{06AC8ACB-A48D-48D6-B03C-C0E3CFA1843F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{DECBB1A2-AC78-4332-AEAD-E2781F056635}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{2B37E5AC-D723-4E6F-B271-299BD63FE8A5}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{94FE961D-5E21-4927-92D2-5DBF8E9729EC}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe => No File
FirewallRules: [{F032ACC3-03BF-476F-A58D-45064B44D4A4}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe => No File
FirewallRules: [{CA9171CA-8286-4730-BEAF-FE6ECEF13470}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{BD6A6C6F-945A-4DDF-86DC-5F3642895244}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{649D20FB-27B3-4915-8AFC-E6B4A9885272}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{34A92774-92C1-4F18-B7B3-C51597FB337C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{5FE1B5D6-B3F0-4715-A939-6F8F16EE5479}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0F47CB5F-F971-4DBC-A6A7-DEBB5C6BD1BD}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{89B46179-8B8A-49D3-AD53-14816CB26483}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E2680EAB-1B1E-4325-86A1-3B7838D00D16}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{4B0B1CF9-7717-4735-A78C-8D79F30A647D}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{B8208901-BA96-40ED-9818-38B82BB1758A}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{3C557573-4D77-49C2-8F20-05601E14F74A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7261229D-09A9-4567-8BFC-01308607884E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{6BA0905F-EC01-40A5-8425-5E19E55E796C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Scan2PCNotify) [File not signed]
FirewallRules: [{20A6FB4A-8708-4C57-8452-13A342531952}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (ScanProcess) [File not signed]
FirewallRules: [{DCD51709-2EC2-428C-94BE-0C58968E3B76}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{6734CDA9-2013-4E7A-B669-0B1B394600CF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{D6F8DF57-7D0E-4305-A270-558D7389AAEE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{AE26CE2B-365D-47FD-AD4E-407C00C95021}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{3272E050-86BC-476D-BDEE-0D6B9B8526FE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{9060947A-1689-454A-AC31-1CB1F46DE57E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{42B3B943-D5E2-4CFE-B2B6-23AD72DA2EFE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7A335B08-2BDC-4213-A6A2-9CE6AF3E7330}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe => No File
FirewallRules: [{58E7CBCC-BA3C-470F-BC97-3C445EC66912}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe => No File
FirewallRules: [{A172014A-9E0A-481E-9EDD-A7347033018C}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{966EA80C-3738-4D86-88E5-DAE71FEB0F0D}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C4F845EC-90AC-4CA4-B86C-FD7D7064FC71}] => (Allow) D:\Steam\steamapps\common\My Summer Car\mysummercar.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{5E93875F-4072-4587-9903-F21F540BA64D}] => (Allow) D:\Steam\steamapps\common\My Summer Car\mysummercar.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{F43D45F3-D45C-45E1-A2C5-E6EC2C09729A}] => (Allow) D:\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [{0DCE9532-018F-4CC3-9261-EF64B91596A5}] => (Allow) D:\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [{489615FF-F35C-4C59-A7A4-962E31E057A3}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe => No File
FirewallRules: [{6EC9B521-BFF7-4D5D-B250-634D544AF5E2}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe => No File
FirewallRules: [UDP Query User{6B706BC1-983C-486F-BF2B-37FC9CF16AAA}D:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{225F7669-2A87-44F9-BA1F-D3BA6DCBE8E6}D:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{0D7DE946-3B6D-488B-9ECE-13D5D123C6F1}] => (Allow) D:\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [{8E96E7F1-6BCC-40BF-87CD-BCCF2AFAF4A8}] => (Allow) D:\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [{BE9ABB48-2DFA-4770-B224-A33727BBFD18}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{F096D5E6-3828-4A28-BD4E-57364A5ECF30}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E6D523BB-B5AD-4B71-864B-03ED63954D03}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{58073C19-8DBC-41BA-8820-DC60CB0C70F6}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{D186ECE0-82D6-4BAC-B233-E3417178A1AD}] => (Allow) D:\Steam\steamapps\common\SimplePlanes\SimplePlanes.exe () [File not signed]
FirewallRules: [{3E482282-ECF1-4A73-91FB-4243140B46F0}] => (Allow) D:\Steam\steamapps\common\SimplePlanes\SimplePlanes.exe () [File not signed]
FirewallRules: [{BBB10F9C-38BE-4AD8-AB99-241056FB239B}] => (Allow) D:\Steam\steamapps\common\Kingdom\Kingdom.exe () [File not signed]
FirewallRules: [{EEB80083-2153-4ADA-989B-E1BAAE1B94B9}] => (Allow) D:\Steam\steamapps\common\Kingdom\Kingdom.exe () [File not signed]
FirewallRules: [{2AFFB2E6-DF25-4F4A-8966-A157BAC87342}] => (Allow) LPort=8090
FirewallRules: [{9D798A93-DFC6-4545-95C0-1F69043915A3}] => (Allow) LPort=20443
FirewallRules: [{D6142458-A7C9-4369-BC81-776B2650F982}] => (Allow) LPort=33333
FirewallRules: [{B1889FEC-B135-4A2E-8B90-721D1004CF05}] => (Allow) LPort=6881
FirewallRules: [{6DC620C5-9A74-4D47-ADD4-67C22647A5C9}] => (Allow) LPort=27022
FirewallRules: [{C6CF7317-7275-49C6-9D9A-5425C01E2102}] => (Allow) LPort=7853
FirewallRules: [{99B3A198-EC57-4703-A8C1-1B13EC5AC815}] => (Allow) LPort=7852
FirewallRules: [{C0D4702F-D56E-4CFC-A73E-3A4BB3B95FE8}] => (Allow) LPort=7850
FirewallRules: [{BDFBDC8E-7AC5-4BF2-8741-DCF8F32709A0}] => (Allow) LPort=3478
FirewallRules: [{4F5597EE-D54F-4305-B9CD-AB2D57C1C132}] => (Allow) LPort=20010
FirewallRules: [{09250A7B-DD96-42D7-B926-C5B28D360A66}] => (Allow) LPort=443
FirewallRules: [{1DF814B8-6862-4F8B-9522-87F6312C8A27}] => (Allow) LPort=80
FirewallRules: [UDP Query User{20A39B0C-02DD-4AEF-B01B-EDD52BCEB442}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{97569DBD-6E31-4CEB-8D28-14F4EE365BBB}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe => No File
FirewallRules: [{FD2CFB65-56C2-4B13-94B4-D38956D3C10F}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{06C00ECE-4A04-49F4-BB3A-C069EAEA2DD5}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{403D2771-30FA-4DBD-B0BA-B7772D862244}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{EDC1C67C-C208-4120-B737-71302786C84F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{282E76B6-5B1F-4176-A2CB-6F574B70109D}] => (Allow) D:\Steam\steamapps\common\LYNE\LYNE.exe () [File not signed]
FirewallRules: [{EC1D1DC6-3798-4C91-B89F-CCAC7D1CD856}] => (Allow) D:\Steam\steamapps\common\LYNE\LYNE.exe () [File not signed]
FirewallRules: [{7CB64F94-C82B-4916-B48E-C68EDD0B5E13}] => (Allow) D:\Steam\steamapps\common\Punch Club\Punch Club.exe () [File not signed]
FirewallRules: [{9CCA41D3-119F-46A5-94C8-50F81048D720}] => (Allow) D:\Steam\steamapps\common\Punch Club\Punch Club.exe () [File not signed]
FirewallRules: [UDP Query User{B2F1F9B4-071B-4225-9592-709174D6143A}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe => No File
FirewallRules: [TCP Query User{12248550-A2C0-4163-BDE5-B4A05ABADD00}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe => No File
FirewallRules: [{221F54F9-654E-4E05-8BAE-318AE6D1DE81}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{48E5E304-7227-4B3E-9A68-C5F86F0E8410}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{065A77B2-91BE-443C-B856-F0349A04FAF1}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe () [File not signed]
FirewallRules: [{1FA1D4C9-C11C-4D7C-98B0-9DD08BA546E6}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe () [File not signed]
FirewallRules: [{11DD75C7-A700-4ACD-B381-E15EC30D4451}] => (Allow) D:\Steam\steamapps\common\Kingdom Come Deliverance\Bin64\Game.exe => No File
FirewallRules: [{A764B27B-CC92-4012-A4B5-C9147EA80C96}] => (Allow) D:\Steam\steamapps\common\Kingdom Come Deliverance\Bin64\Game.exe => No File
FirewallRules: [{C205A492-3B9E-4C8E-9CF4-71C0A46E7780}] => (Allow) D:\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{1AD4644C-269A-4EF5-8CFB-7C6A216BE26B}] => (Allow) D:\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{CA51FE68-4D36-4064-8263-20585E9B8D15}] => (Allow) D:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{6BA5185A-2FDE-4C11-A797-0E42171ADF30}] => (Allow) D:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [UDP Query User{B8A81119-A880-430F-A668-63D4C5077C41}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe (Daybreak Game Company LLC -> Daybreak Game Company, LLC)
FirewallRules: [TCP Query User{435AE463-7895-48B5-AFCF-E426BD28C017}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe (Daybreak Game Company LLC -> Daybreak Game Company, LLC)
FirewallRules: [{5A9669E7-7409-459F-9A15-19F7801064AA}] => (Allow) C:\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{9A97CF4F-647A-40B8-BDAB-1E38B0E677D5}] => (Allow) C:\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1EEDAA50-D24C-4AFC-B636-47879D0FCC97}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{34536C44-E8E5-4F0E-83EC-D9D223CC20DE}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{13275F96-EC25-4005-9AAE-7C94E4A15575}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB9FD86E-75C4-41F2-9CEB-CFCD04B2B8C6}] => (Allow) D:\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
FirewallRules: [{347DD27D-EE10-4C1C-9617-6E93DE06653E}] => (Allow) D:\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
FirewallRules: [{DF2A7F9C-1FB0-4681-ABE5-62FEC3A3C2E1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{63673552-1B72-401D-A390-EECA11D578C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F4E4FE01-DE8B-4823-8C00-A6550032CDB9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{520A4F23-22A6-4CD6-9546-0F9226ACAC25}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{B623F0DC-6544-4D61-B5CC-9DBEB07F12BB}] => (Allow) D:\World_of_Tanks\worldoftanks.exe ( Limited ->
FirewallRules: [{600D7DA6-C62E-4CE8-B400-193289E454DA}] => (Allow) D:\World_of_Tanks\worldoftanks.exe ( Limited ->
FirewallRules: [{55042CA8-D523-49D7-B339-D6A08B5C45AC}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming PCL ->
FirewallRules: [{DA2522ED-5D6A-43EA-AC5C-F85EE90B4BEA}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming PCL ->
FirewallRules: [{BABCAD24-FE72-4340-AE48-8AFC608A2C3A}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7AC02BFD-1307-4EAF-9D9D-062DF1A4B377}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{03D9032E-BEDD-4D84-9277-8A52C3802217}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1F90F61A-6401-4244-84A1-A054EA9D98E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7AAE0D02-03B2-476C-BFBB-6D7C4D87AA6C}] => (Allow) D:\Steam\steamapps\common\RIDE 3\ride3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{69ECF863-C5FE-42CA-8337-E9035298A4FA}] => (Allow) D:\Steam\steamapps\common\RIDE 3\ride3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7D34A739-AEE3-4FE0-85D7-AB44E5FF90DB}] => (Allow) D:\Steam\steamapps\common\Return 2 Games\r2g_launcher.exe (Thing Trunk) [File not signed]
FirewallRules: [{2205C5FB-385E-4008-AE19-CEF8BEF4960F}] => (Allow) D:\Steam\steamapps\common\Return 2 Games\r2g_launcher.exe (Thing Trunk) [File not signed]
FirewallRules: [{233FE903-69A2-4DE8-AB5C-DDE28EC50E2B}] => (Allow) D:\Steam\steamapps\common\Synthetik\Synthetik.exe (FlowFireGames) [File not signed]
FirewallRules: [{469D4ADC-DB55-42C6-B4D7-09B1019AF48F}] => (Allow) D:\Steam\steamapps\common\Synthetik\Synthetik.exe (FlowFireGames) [File not signed]
FirewallRules: [{0A8D2FDB-ECE7-4D9B-9A1A-58F9BB0D49EA}] => (Allow) C:\Program Files (x86)\SIMDashboardServer\SIMDashboardServer.exe (stryder-it) [File not signed]
FirewallRules: [{4EDA5B1D-6EF2-4382-9034-ED630333AE5F}] => (Allow) D:\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{35C6773F-9490-4C49-819C-ED32E7874E32}] => (Allow) D:\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{6BE078A3-ED11-441C-A4E8-F03B96CD6638}] => (Allow) D:\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{42CD2A5B-6524-4006-B9D7-77169D73719B}] => (Allow) D:\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{0F94BC06-0854-4BE5-8E17-9B77F09574A9}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{D5A0C9B9-1BD6-4DF9-9436-9E7A88C5F3AA}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{8928CF67-2AFF-4952-B99D-6063FEE139A6}] => (Allow) D:\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [{CB9BC25C-8462-4FC5-B05D-50F0DCD6B27D}] => (Allow) D:\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe () [File not signed]
FirewallRules: [{2437C953-F800-4B2D-A2F0-04F717E387F6}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{953AEAC5-3A78-4409-90FF-2A2AED6F40C2}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{7D82EA75-AF53-4727-8B23-DB40E04C18F1}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{AA52F980-3771-4863-9268-D3F7DC191EE1}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{25225E96-E496-4F0B-A460-7C31470B56AD}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{C041C10C-3628-4CBE-AD5B-757FC579A3B1}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{38DE005D-8A9E-4F1F-BD23-6B3494187809}] => (Allow) D:\Steam\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{ECCEACE0-61F2-4BC3-AEA0-DBE462A995A1}] => (Allow) D:\Steam\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{C070DCDA-01A1-4C35-B515-BB70F742186F}] => (Allow) D:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{72084E81-F665-4EEC-8506-230D01F83017}] => (Allow) D:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{F9D07B2F-3950-4304-B8B5-0EC6CBE917C0}] => (Allow) D:\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{799AE26F-EF2D-4D55-9591-3717E3FB6943}] => (Allow) D:\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{EB9C97F0-9B80-4A6E-B09F-A1FFD777947A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC8EECA6-38A0-4917-A4C1-DDF093BA19E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C0C5FC6-FC51-47CF-A9F8-0AF0590FDE27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E6EA222B-7007-4F75-8013-2C4A12C214DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8EA7C8F0-7BA9-4953-84D7-62D94F83AA85}] => (Allow) D:\Steam\steamapps\common\SpaceHaven\spacehaven.exe () [File not signed]
FirewallRules: [{0D5FD5E8-18CC-4AC7-9D99-8A23B5FC285F}] => (Allow) D:\Steam\steamapps\common\SpaceHaven\spacehaven.exe () [File not signed]
FirewallRules: [{09881EB9-9359-4762-9F5B-A519ADD19708}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{83D07A5F-5618-46BF-A607-110D421F1CA3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C1374537-7CF6-475A-879E-C386C4F2A79D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C4E1B36C-5A84-4722-9B14-ADD2966F30BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{33504082-46ED-4211-8B39-10D422415FC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4E9EC3A3-9E6F-4A68-A21E-FF74D34DA67B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EBBDB5EE-16B5-4A03-B045-12DF47CBC9CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6FBB813-9739-4C78-9ABD-D5077861B862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{31945D34-4F4C-4064-ABC1-D7637C4D3EE2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{065B8A5C-A86D-4180-B8B4-42BF4C123982}] => (Allow) D:\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{557B67FF-5B6E-4CAD-8568-6594016C18E2}] => (Allow) D:\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8056FA60-2537-4944-92E1-043BA6CC173A}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{A652CD39-B3F7-4C05-B8C7-E4710A4587E4}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{0211262E-F872-47EF-96F1-5AA4BB3F7978}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [File not signed]
FirewallRules: [{A0495580-6185-45E0-9BAE-BD2B3486633E}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [File not signed]
FirewallRules: [{E7976835-6992-4474-A7C7-4680D2A7675F}] => (Allow) D:\WGCheck EU\WGCheck.exe ( Limited -> )
FirewallRules: [{774664C0-7620-418E-BBB0-3007700EACDF}] => (Allow) D:\WGCheck EU\WGCheck.exe ( Limited -> )

==================== Restore Points =========================

20-12-2020 23:09:27 Naplánovaný kontrolní bod
02-01-2021 18:36:51 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

Class Guid:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
Error: (01/03/2021 04:34:42 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.

Error: (01/03/2021 04:34:42 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.

Error: (01/03/2021 10:23:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NVDisplay.Container.exe, verze: 1.28.2851.9944, časové razítko: 0x5edfa063
Název chybujícího modulu: NVDisplay.Container.exe, verze: 1.28.2851.9944, časové razítko: 0x5edfa063
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000005d975
ID chybujícího procesu: 0x2f9c
Čas spuštění chybující aplikace: 0x01d6e16603d26108
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
ID zprávy: c32eebed-4864-4d29-b274-f6af24e0c942
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/02/2021 04:45:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WorldOfTanks.exe verze přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 88c

Čas spuštění: 01d6e111dc4c822b

Čas ukončení: 142

Cesta k aplikaci: D:\World_of_Tanks\win64\WorldOfTanks.exe

ID hlášení: 08d899d7-3153-4b7b-94b0-f602cdc7bd66

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (01/01/2021 07:48:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/27/2020 10:45:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze:, časové razítko: 0x5fc55b58
Název chybujícího modulu: Qt5Core.dll, verze:, časové razítko: 0x5f84e8d4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000219dc5
ID chybujícího procesu: 0x19d8
Čas spuštění chybující aplikace: 0x01d6dc34589da483
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: c4fc9c91-6509-4896-956e-7168cfd85aea
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/24/2020 09:35:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze:, časové razítko: 0x5fb84dbc
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x27bfa5f0
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff0f9
ID chybujícího procesu: 0x2b8c
Čas spuštění chybující aplikace: 0x01d6d9cfa4ff0981
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 17344494-8345-48b2-a99d-00e19403e4e2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/23/2020 11:38:25 AM) (Source: ESENT) (EventID: 522) (User: )
Description: backgroundTaskHost (9196,P,98) TILEREPOSITORYS-1-5-21-1304720554-789506846-3919696667-1000: Pokus o otevření zařízení s názvem \\.\C:, který obsahuje C:\, se nepodařil a došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace se nepodaří a dojde k chybě -1032 (0xfffffbf8).

System errors:
Error: (01/03/2021 05:05:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/03/2021 05:05:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (45000 ms).

Error: (01/03/2021 05:00:39 PM) (Source: DCOM) (EventID: 10005) (User: Fofrklacek-PC)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:

Error: (01/03/2021 05:00:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/03/2021 05:00:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/03/2021 05:00:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/03/2021 05:00:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/03/2021 05:00:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Date: 2021-01-03 20:29:01.7030000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 20:28:49.3020000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 17:08:35.1730000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 17:08:35.1610000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 17:08:34.9600000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 17:08:34.8910000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 16:33:31.6660000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 16:33:28.1870000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V3.0 04/02/2013
Motherboard: MSI B85-G43 (MS-7816)
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 38%
Total physical RAM: 16296.61 MB
Available physical RAM: 10037.62 MB
Total Virtual: 18856.61 MB
Available Virtual: 9789.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.36 GB) (Free:190.86 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:244.24 GB) NTFS
Drive e: () (Fixed) (Total:482.19 GB) (Free:95.98 GB) NTFS

\\?\Volume{3256a2c6-8219-11e5-a5ad-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{a80f3554-0000-0000-0000-501d70000000}\ () (Fixed) (Total:0.86 GB) (Free:0.43 GB) NTFS

==================== MBR & Partition Table ====================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A80F3554)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=879 MB) - (Type=27)
Partition 4: (Not Active) - (Size=482.2 GB) - (Type=07 NTFS)

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 93D1FECE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43072
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: ESS blokuje pop-upy

Příspěvekod jaro3 » 03 led 2021 22:34

AV: ESET Security (Disabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Firewall (Disabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Disabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

já nevím , ten program ukazuje 3 antiviry Eset ( 2 zapnuté)a 3 firewally Eset ( 1 zapnutý).. :D

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {34DC924D-9513-4284-A667-BD2C95F9BE5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: {578AADE4-869C-44FB-A3E6-930537578587} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {60E582AD-5259-48B6-AD00-BE994760D631} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {85C5AFB4-5149-480C-AF55-BF3A1571AF52} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {89BB5FC3-6A47-4512-B26B-A5D90CC0A350} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {977EDA5F-05A4-4F23-ACD3-8C87FD7FAA58} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {C4CCABB7-C829-47E2-9CC6-A239A927711B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E8BDCFBD-7E0E-4AC9-9D1E-1811B82223FA} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {FBCCBB62-09D2-4752-AAB2-131DA541685C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
U3 idsvc; no ImagePath
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
SearchScopes: HKU\S-1-5-21-1304720554-789506846-3919696667-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://{searchTerms}
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{6C5F2449-03AE-496E-A4DB-DBB96A1E99A5}] => (Allow) D:\Steam\steamapps\common\Niffelheim\BloodyMoonDLC\BloodyMoonDLC.exe => No File
FirewallRules: [{3C0D9E84-778F-4D74-9BE2-62076F26680F}] => (Allow) D:\Steam\steamapps\common\Niffelheim\BloodyMoonDLC\BloodyMoonDLC.exe => No File
FirewallRules: [{1B56D5D3-72CD-49AD-99AA-106D3AD24AD7}] => (Allow) D:\Steam\steamapps\common\Niffelheim\OdinBlessDLC\OdinBlessDLC.exe => No File
FirewallRules: [{36F79F0D-35AA-4D09-A4B6-66039719F28D}] => (Allow) D:\Steam\steamapps\common\Niffelheim\OdinBlessDLC\OdinBlessDLC.exe => No File
FirewallRules: [{37EB02B6-E2DC-4248-9201-81D92ABA45D0}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{96EE4A5C-9773-4516-A4AE-50D6859792ED}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{D4C8F8A8-C116-458E-8BE2-9A3DAE1AB767}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [{8E8270E8-8BAC-485D-94EE-FE405049C691}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [{975BEF1F-2BE7-41D7-B27C-0AA98B1A0A90}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{E4DF19C0-7C4D-417F-B335-3287C276C30E}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [UDP Query User{DECBB1A2-AC78-4332-AEAD-E2781F056635}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{2B37E5AC-D723-4E6F-B271-299BD63FE8A5}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{94FE961D-5E21-4927-92D2-5DBF8E9729EC}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe => No File
FirewallRules: [{F032ACC3-03BF-476F-A58D-45064B44D4A4}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe => No File
FirewallRules: [{7A335B08-2BDC-4213-A6A2-9CE6AF3E7330}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe => No File
FirewallRules: [{58E7CBCC-BA3C-470F-BC97-3C445EC66912}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe => No File
FirewallRules: [{F43D45F3-D45C-45E1-A2C5-E6EC2C09729A}] => (Allow) D:\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [{0DCE9532-018F-4CC3-9261-EF64B91596A5}] => (Allow) D:\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [{489615FF-F35C-4C59-A7A4-962E31E057A3}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe => No File
FirewallRules: [{6EC9B521-BFF7-4D5D-B250-634D544AF5E2}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe => No File
FirewallRules: [{0D7DE946-3B6D-488B-9ECE-13D5D123C6F1}] => (Allow) D:\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [{8E96E7F1-6BCC-40BF-87CD-BCCF2AFAF4A8}] => (Allow) D:\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [UDP Query User{20A39B0C-02DD-4AEF-B01B-EDD52BCEB442}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{97569DBD-6E31-4CEB-8D28-14F4EE365BBB}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe => No File
FirewallRules: [{11DD75C7-A700-4ACD-B381-E15EC30D4451}] => (Allow) D:\Steam\steamapps\common\Kingdom Come Deliverance\Bin64\Game.exe => No File
FirewallRules: [{A764B27B-CC92-4012-A4B5-C9147EA80C96}] => (Allow) D:\Steam\steamapps\common\Kingdom Come Deliverance\Bin64\Game.exe => No File
FirewallRules: [{C070DCDA-01A1-4C35-B515-BB70F742186F}] => (Allow) D:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{72084E81-F665-4EEC-8506-230D01F83017}] => (Allow) D:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
Virustotal: C:\Users\Fofrklacek\AppData\Local\sh20120914.dat


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

FirewallRules: [{2AFFB2E6-DF25-4F4A-8966-A157BAC87342}] => (Allow) LPort=8090
FirewallRules: [{9D798A93-DFC6-4545-95C0-1F69043915A3}] => (Allow) LPort=20443
FirewallRules: [{D6142458-A7C9-4369-BC81-776B2650F982}] => (Allow) LPort=33333
FirewallRules: [{B1889FEC-B135-4A2E-8B90-721D1004CF05}] => (Allow) LPort=6881
FirewallRules: [{6DC620C5-9A74-4D47-ADD4-67C22647A5C9}] => (Allow) LPort=27022
FirewallRules: [{C6CF7317-7275-49C6-9D9A-5425C01E2102}] => (Allow) LPort=7853
FirewallRules: [{99B3A198-EC57-4703-A8C1-1B13EC5AC815}] => (Allow) LPort=7852
FirewallRules: [{C0D4702F-D56E-4CFC-A73E-3A4BB3B95FE8}] => (Allow) LPort=7850
FirewallRules: [{BDFBDC8E-7AC5-4BF2-8741-DCF8F32709A0}] => (Allow) LPort=3478
FirewallRules: [{4F5597EE-D54F-4305-B9CD-AB2D57C1C132}] => (Allow) LPort=20010
FirewallRules: [{09250A7B-DD96-42D7-B926-C5B28D360A66}] => (Allow) LPort=443
FirewallRules: [{1DF814B8-6862-4F8B-9522-87F6312C8A27}] => (Allow) LPort=80
Ty porty jsou povoleny , k čemu slouží?


Date: 2021-01-03 20:29:01.7030000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 20:28:49.3020000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 17:08:35.1730000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 17:08:35.1610000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 17:08:34.9600000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 17:08:34.8910000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 16:33:31.6660000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-03 16:33:28.1870000Z
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

není nějaký problém s esetem? Nesedí hash.

Stáhni si CrystalDiskInfo ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Zpět na “Viry, antiviry, firewally…”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 2 hosti