Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Divně chování PC (Zpomalené) prosím o pomoc

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:

Divně chování PC (Zpomalené) prosím o pomoc

#1 Příspěvek od Andyfuk »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.04.2024
Ran by jdvor (administrator) on SM1LEY (ASUS System Product Name) (13-04-2024 07:37:59)
Running from C:\Users\jdvor\Downloads\FRST64.exe
Loaded Profiles: jdvor
Platform: Microsoft Windows 11 Pro Version 23H2 22631.3447 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <34>
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.35\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_268e85175aa9e991\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <13>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\Run: [MicrosoftEdgeAutoLaunch_8087349144A598EE5C15A22767F1D84A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063784 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.107\Installer\chrmstp.exe [2024-04-12] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2CA6C312-4FAB-4FD9-8D24-8EDB880D71A2} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [361320 2024-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {C84171E6-A2D7-497D-8619-A615E58CEE2B} - System32\Tasks\ASUS\Armoury Crate Service Task_CountDown => C:\ProgramData\ASUS\FestsEffect\data\CountDown\CountDown.exe [108504 2023-10-31] (ASUSTeK COMPUTER INC. -> )
Task: {D2CDFE05-F46D-4261-B02B-6B59EED34E82} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1809256 2024-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {3FAE712D-B217-46B3-ACC3-FCCD59185CB8} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1da5f74cbad1d5a => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [165224 2024-02-14] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {2E42E18D-5F2D-4D0D-ACEA-F6206859D0EA} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [165224 2024-02-14] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {DD636FE2-741D-4AF4-AEC5-351B7F386E58} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-01-18] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {2BDF6A70-CEEF-4748-BD4E-BE5EA6F9EA2B} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2023-12-07] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {C44CB5B7-357F-4348-9936-06E928C688C1} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {DDF06D2A-EA28-43F6-8CC8-5D3512221CDC} - System32\Tasks\C__Program Files_HeidiSQL_heidisql.exe => C:\Program Files\HeidiSQL\heidisql.exe [23740920 2023-11-05] (Ansgar Becker -> )
Task: {9DAFCB3A-66E0-49E0-8877-CD7836C732FB} - System32\Tasks\Cloud => "C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe" (No File)
Task: {42DDCA1D-B9F8-4D89-B2A7-296B578096E1} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{628FD316-95B2-4A3D-BD10-0FAA1CD3D99F} => C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {CF53FE04-A60A-485F-A940-E47E316FEFFB} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3867176 2024-03-05] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7338e958-de6d-4ecb-bd44-aa8f4122ce62}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7338e958-de6d-4ecb-bd44-aa8f4122ce62}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7338e958-de6d-4ecb-bd44-aa8f4122ce62}: [DhcpDomain] telekom.ip

Edge:
=======
Edge Profile: C:\Users\jdvor\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\jdvor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-31]
Edge Extension: (Edge relevant text changes) - C:\Users\jdvor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-14]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default [2024-04-13]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (7TV) - C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2024-02-14]
CHR Extension: (Watch2Gether) - C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2024-02-14]
CHR Extension: (Steam Inventory Helper) - C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2024-04-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-18]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-04-10]
CHR Extension: (When the Night Falls 1:00 AM (1; rnbw; 1080p)) - C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpmmeefjafijboofpccfngkpckkjpadm [2024-03-13]
CHR Extension: (MetaMask) - C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-03-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-14]
CHR Profile: C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-04-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArmouryCrateDownloadTool; C:\Windows\System32\DriverStore\FileRepository\rogms.inf_amd64_04dd06a3238b80bd\ArmouryLiveUpdate.exe [577304 2024-03-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [401880 2024-04-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe [907112 2024-02-14] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [165224 2024-02-14] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [502120 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.35\AsusFanControlService.exe [1762664 2023-11-16] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [165224 2024-02-14] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1157088 2024-04-10] (ASUSTeK COMPUTER INC. -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2567304 2024-04-13] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15737128 2024-04-06] (BattlEye Innovations e.K. -> )
S2 DtsHPXV2Apo4Service; C:\Windows\System32\DTS\HP\APO4x\DtsHPXV2Apo4Service.exe [367496 2024-02-14] (HP Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12182632 2024-03-22] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943016 2024-03-02] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
S2 GoogleUpdaterInternalService125.0.6386.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC)
S2 GoogleUpdaterService125.0.6386.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_9783a0a827c7c2a2\lib\PlatformLicenseManagerService.exe [741488 2023-09-04] (Intel Corporation -> Intel(R) Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10994432 2024-03-08] (Logitech Inc -> Logitech, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4882792 2024-03-01] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-13] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-13] (Malwarebytes Inc. -> Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [12917888 2024-01-10] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_268e85175aa9e991\Display.NvContainer\NVDisplay.Container.exe [1275424 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6101488 2024-03-27] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2022872 2024-04-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522080 2024-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-04-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12458336 2024-04-06] (KRAFTON, Inc. -> KRAFTON, Inc)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [59344 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R3 cpuz157; C:\Windows\temp\cpuz157\cpuz157_x64.sys [43568 2024-04-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44576 2024-04-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [34520 2024-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 e2f68; C:\Windows\System32\drivers\e2f68.sys [523120 2021-03-12] (INTELEPGSW2022 -> Intel Corporation)
R3 e2fnexpress; C:\Windows\System32\DriverStore\FileRepository\e2fn.inf_amd64_d9445744f52b5b9b\e2fn.sys [1410688 2024-03-22] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\Windows\System32\drivers\fse.sys [218592 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [54752 2023-01-19] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 logi_generic_hid_filter; C:\Windows\system32\drivers\logi_generic_hid_filter.sys [62288 2024-02-18] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2024-02-18] (Logitech Inc -> Logitech)
S3 logi_joy_hid_filter; C:\Windows\system32\drivers\logi_joy_hid_filter.sys [63824 2024-02-18] (Logitech Inc -> Logitech)
S3 logi_joy_hid_lo; C:\Windows\system32\drivers\logi_joy_hid_lo.sys [51536 2024-02-18] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2024-02-18] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2024-02-18] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [234312 2024-04-13] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-04-13] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-11] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 ROGMS; C:\Windows\System32\DriverStore\FileRepository\rogms.inf_amd64_04dd06a3238b80bd\ROGMS.sys [41384 2024-03-11] (ASUSTeK COMPUTER INC. -> Windows (R) Win 7 DDK provider)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2024-04-01] (Microsoft Windows -> )
R3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [215864 2024-04-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X] <==== ATTENTION
S3 NEProtect; \??\D:\ONCE_HUMAN\NEProtect.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-13 07:37 - 2024-04-13 07:38 - 000020358 _____ C:\Users\jdvor\Downloads\FRST.txt
2024-04-13 07:37 - 2024-04-13 07:38 - 000000000 ____D C:\FRST
2024-04-13 07:37 - 2024-04-13 07:37 - 002394112 _____ (Farbar) C:\Users\jdvor\Downloads\FRST64.exe
2024-04-13 07:34 - 2024-04-13 07:35 - 008790880 _____ (Malwarebytes) C:\Users\jdvor\Downloads\adwcleaner.exe
2024-04-13 07:31 - 2024-04-13 07:31 - 000234312 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2024-04-13 07:31 - 2024-04-13 07:31 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-04-13 07:31 - 2024-04-13 07:31 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-04-13 07:31 - 2024-04-13 07:31 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-04-13 07:31 - 2024-04-13 07:31 - 000000000 ____D C:\Users\jdvor\AppData\Local\Malwarebytes
2024-04-13 07:30 - 2024-04-13 07:30 - 002589624 _____ (Malwarebytes) C:\Users\jdvor\Downloads\MBSetup.exe
2024-04-13 07:30 - 2024-04-13 07:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-04-13 07:30 - 2024-04-13 07:30 - 000000000 ____D C:\Program Files\Malwarebytes
2024-04-13 06:28 - 2024-04-13 06:28 - 000011142 _____ C:\Users\jdvor\Downloads\ncGPT.zip
2024-04-11 03:59 - 2024-04-11 03:59 - 000000000 ____D C:\Users\jdvor\AppData\Local\Vivox
2024-04-10 20:58 - 2024-04-10 20:58 - 000000000 ____D C:\Users\jdvor\AppData\LocalLow\Northwood
2024-04-10 20:57 - 2024-04-10 21:00 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\SCP Secret Laboratory
2024-04-10 20:57 - 2024-04-10 20:57 - 002179072 _____ C:\mono.msi
2024-04-10 20:57 - 2024-04-10 20:57 - 000000000 __SHD C:\Users\jdvor\AppData\Roaming\u-data
2024-04-10 20:57 - 2024-04-10 20:57 - 000000000 __SHD C:\Users\jdvor\AppData\Roaming\a-resources
2024-04-10 20:57 - 2024-04-10 20:57 - 000000000 ___HD C:\Users\jdvor\AppData\Roaming\s-configs
2024-04-10 20:57 - 2024-04-10 20:57 - 000000000 ___HD C:\Users\jdvor\AppData\Roaming\c-data
2024-04-10 20:57 - 2024-04-10 20:57 - 000000000 ____D C:\System64
2024-04-10 20:57 - 2024-04-10 20:57 - 000000000 ____D C:\System
2024-04-10 20:57 - 2024-04-10 20:57 - 000000000 ____D C:\Mono
2024-04-10 20:37 - 2024-04-10 20:37 - 000000000 ____D C:\Users\jdvor\AppData\LocalLow\ZeekerssRBLX
2024-04-10 20:28 - 2024-04-10 20:28 - 000000000 ____D C:\Users\jdvor\AppData\LocalLow\Biotech Gameworks
2024-04-10 16:36 - 2024-04-10 16:36 - 000000000 ____D C:\Users\jdvor\Documents\TL
2024-04-10 16:36 - 2024-04-10 16:36 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\AmazonGameStudios
2024-04-10 16:36 - 2024-04-10 16:36 - 000000000 ____D C:\Users\jdvor\AppData\Local\TL
2024-04-10 16:36 - 2024-04-10 16:36 - 000000000 ____D C:\Users\jdvor\AppData\Local\NCSOFT
2024-04-10 16:27 - 2024-04-10 16:27 - 000725012 _____ C:\Windows\system32\perfh005.dat
2024-04-10 16:27 - 2024-04-10 16:27 - 000150224 _____ C:\Windows\system32\perfc005.dat
2024-04-10 13:31 - 2024-04-10 13:32 - 000000000 ___HD C:\$WinREAgent
2024-04-10 03:09 - 2024-04-10 03:09 - 000000000 ____D C:\Users\jdvor\AppData\Local\FactoryGame
2024-04-09 19:57 - 2024-04-09 19:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2024-04-09 19:56 - 2024-04-11 23:01 - 000000000 ____D C:\Program Files\obs-studio
2024-04-09 03:10 - 2024-04-10 08:13 - 000000297 _____ C:\Users\jdvor\Desktop\Codes ONCE HUMAN - .txt
2024-04-07 16:02 - 2024-04-07 16:02 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\slobs-plugins
2024-04-07 16:02 - 2024-04-07 16:02 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\obs-studio-node-server
2024-04-07 16:02 - 2024-04-07 16:02 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-04-07 16:00 - 2024-04-07 21:52 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\slobs-client
2024-04-07 16:00 - 2024-04-07 16:00 - 000000000 ____D C:\Users\jdvor\AppData\Local\slobs-client-updater
2024-04-07 15:07 - 2024-04-10 08:31 - 000000431 _____ C:\Users\jdvor\Desktop\ONCE HUMAN.lnk
2024-04-07 13:30 - 2024-04-07 13:30 - 000003306 _____ C:\Windows\system32\Tasks\C__Program Files_HeidiSQL_heidisql.exe
2024-04-07 13:30 - 2024-04-07 13:30 - 000000000 ____D C:\Users\jdvor\Documents\HeidiSQL
2024-04-07 13:30 - 2024-04-07 13:30 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\HeidiSQL
2024-04-07 01:08 - 2024-04-07 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeidiSQL
2024-04-07 01:08 - 2024-04-07 01:08 - 000000000 ____D C:\Program Files\HeidiSQL
2024-04-06 23:23 - 2024-04-09 17:00 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\U.GG
2024-04-06 23:23 - 2024-04-06 23:23 - 000002221 _____ C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\U.GG.lnk
2024-04-06 23:23 - 2024-04-06 23:23 - 000000000 ____D C:\Users\jdvor\AppData\Local\u.gg-updater
2024-04-06 19:50 - 2024-04-06 19:50 - 000000000 ____D C:\Users\jdvor\AppData\Local\dexyfex_software
2024-04-06 01:46 - 2024-04-07 00:15 - 000215864 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys
2024-04-06 01:46 - 2024-04-06 01:46 - 000000000 ____D C:\Users\jdvor\AppData\Local\TslGame
2024-04-06 01:46 - 2024-04-06 01:46 - 000000000 ____D C:\Program Files\Common Files\Wellbia.com
2024-04-06 01:44 - 2024-04-07 01:03 - 000000000 ____D C:\Program Files\Common Files\PUBG
2024-04-06 01:44 - 2024-04-06 01:46 - 000000000 ____D C:\Users\jdvor\AppData\Local\WELLBIA
2024-04-06 01:44 - 2024-04-06 01:44 - 000000000 ____D C:\Users\jdvor\AppData\Local\BattlEye
2024-04-05 16:48 - 2024-04-05 16:48 - 000000000 ____D C:\Users\jdvor\AppData\Local\UniCompactView
2024-04-05 15:58 - 2024-04-05 15:58 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\CC
2024-04-04 20:13 - 2024-03-26 23:29 - 000000000 ____D C:\Users\jdvor\Desktop\bryan_snaily
2024-04-04 17:14 - 2024-04-04 17:14 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\Netease
2024-04-04 17:13 - 2024-04-09 01:31 - 000000000 ____D C:\Users\jdvor\AppData\Local\NVIDIA
2024-04-04 17:13 - 2024-04-05 00:12 - 000000000 ____D C:\Users\jdvor\AppData\Local\LoadingBay
2024-04-04 17:13 - 2024-04-04 17:13 - 000000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loading Bay.lnk
2024-04-04 17:13 - 2024-04-04 17:13 - 000000917 _____ C:\Users\Public\Desktop\Loading Bay.lnk
2024-04-04 17:12 - 2024-04-08 00:13 - 000000000 ____D C:\Program Files\LoadingBay
2024-04-04 17:12 - 2024-04-04 17:12 - 000000000 ____D C:\Users\jdvor\AppData\Local\UniSDK
2024-04-04 16:29 - 2024-04-03 15:53 - 002031464 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-04-04 16:29 - 2024-04-03 15:53 - 002031464 _____ C:\Windows\system32\vulkaninfo.exe
2024-04-04 16:29 - 2024-04-03 15:53 - 001578752 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-04-04 16:29 - 2024-04-03 15:53 - 001578752 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-04-04 16:29 - 2024-04-03 15:53 - 001487904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-04-04 16:29 - 2024-04-03 15:53 - 001445224 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-04-04 16:29 - 2024-04-03 15:53 - 001445224 _____ C:\Windows\system32\vulkan-1.dll
2024-04-04 16:29 - 2024-04-03 15:53 - 001295104 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-04-04 16:29 - 2024-04-03 15:53 - 001295104 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-04-04 16:29 - 2024-04-03 15:53 - 001226864 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-04-04 16:29 - 2024-04-03 15:50 - 001543712 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-04-04 16:29 - 2024-04-03 15:50 - 001199624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-04-04 16:29 - 2024-04-03 15:50 - 001046040 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-04-04 16:29 - 2024-04-03 15:50 - 000841736 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-04-04 16:29 - 2024-04-03 15:50 - 000670240 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-04-04 16:29 - 2024-04-03 15:50 - 000505352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-04-04 16:29 - 2024-04-03 15:49 - 012929568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-04-04 16:29 - 2024-04-03 15:49 - 002174496 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-04-04 16:29 - 2024-04-03 15:49 - 001626120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-04-04 16:29 - 2024-04-03 15:49 - 001024544 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-04-04 16:29 - 2024-04-03 15:49 - 000787464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-04-04 16:29 - 2024-04-03 15:49 - 000459272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-04-04 16:29 - 2024-04-03 15:48 - 016034848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-04-04 16:29 - 2024-04-03 15:48 - 006780960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-04-04 16:29 - 2024-04-03 15:48 - 005913200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-04-04 16:29 - 2024-04-03 15:48 - 005773344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-04-04 16:29 - 2024-04-03 15:48 - 003721224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-04-04 16:29 - 2024-04-03 15:48 - 000853008 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-04-04 16:29 - 2024-04-03 03:54 - 000119466 _____ C:\Windows\system32\nvinfo.pb
2024-04-02 19:03 - 2024-04-02 19:03 - 000001298 _____ C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Games.lnk
2024-04-02 19:03 - 2024-04-02 19:03 - 000001290 _____ C:\Users\jdvor\Desktop\Amazon Games.lnk
2024-04-02 19:03 - 2024-04-02 19:03 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\electron-platform
2024-04-02 19:03 - 2024-04-02 19:03 - 000000000 ____D C:\Users\jdvor\AppData\Local\Amazon Games
2024-04-01 19:53 - 2024-04-01 19:53 - 000000422 _____ C:\Users\jdvor\fxmanifest.lua
2024-04-01 12:54 - 2024-04-09 19:44 - 000000000 ____D C:\Users\jdvor\.ssh
2024-04-01 12:52 - 2024-04-01 12:52 - 000002599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL.lnk
2024-04-01 12:52 - 2024-04-01 12:52 - 000000000 ____D C:\Program Files\WSL
2024-03-31 22:40 - 2024-03-31 22:40 - 000000000 ____D C:\Users\jdvor\Documents\OpenIV
2024-03-31 22:39 - 2024-03-31 22:39 - 000001302 _____ C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\OpenIV.lnk
2024-03-31 22:39 - 2024-03-31 22:39 - 000001300 _____ C:\Users\jdvor\Desktop\OpenIV.lnk
2024-03-31 03:15 - 2024-03-31 03:15 - 000000000 ____D C:\Windows\SysWOW64\DDFs
2024-03-31 03:10 - 2024-03-31 03:10 - 000024320 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-31 03:10 - 2024-03-31 03:10 - 000024320 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-31 03:03 - 2024-03-31 03:03 - 000000000 ____D C:\AdwCleaner
2024-03-31 01:10 - 2024-03-31 01:10 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\Microsoft\HTML Help
2024-03-28 23:56 - 2024-03-28 23:56 - 000002132 _____ C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2024-03-28 23:56 - 2024-03-28 23:56 - 000002124 _____ C:\Users\jdvor\Desktop\FiveM.lnk
2024-03-28 23:56 - 2024-03-28 23:56 - 000002124 _____ C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM - Cfx.re Development Kit (FxDK).lnk
2024-03-28 23:56 - 2024-03-28 23:56 - 000000000 ____D C:\Users\jdvor\AppData\Local\FiveM
2024-03-27 23:10 - 2024-03-27 23:10 - 000001924 _____ C:\Users\jdvor\Desktop\Rockstar Games Launcher.lnk
2024-03-27 23:10 - 2024-03-27 23:10 - 000000000 ____D C:\Program Files\Rockstar Games
2024-03-27 22:23 - 2024-03-28 00:17 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\SQLyog
2024-03-27 22:20 - 2024-03-27 22:22 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\JetBrains
2024-03-27 22:20 - 2024-03-27 22:22 - 000000000 ____D C:\Program Files\JetBrains
2024-03-26 18:12 - 2024-04-13 07:03 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\Termius
2024-03-26 18:12 - 2024-03-27 17:59 - 000000000 ____D C:\Users\jdvor\AppData\Local\termius-updater
2024-03-26 18:12 - 2024-03-26 18:12 - 000002271 _____ C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Termius.lnk
2024-03-26 18:12 - 2024-03-26 18:12 - 000002263 _____ C:\Users\jdvor\Desktop\Termius.lnk
2024-03-26 18:10 - 2024-03-26 18:11 - 000000128 _____ C:\Users\jdvor\AppData\Local\PUTTY.RND
2024-03-25 16:52 - 2024-03-25 16:52 - 000000000 ____D C:\Users\jdvor\AppData\Local\ArmouryLiveUpdate
2024-03-25 16:52 - 2024-03-25 16:52 - 000000000 ____D C:\Users\jdvor\AppData\Local\AcLoader
2024-03-25 13:30 - 2024-03-25 13:32 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\NVE
2024-03-23 14:14 - 2024-03-31 22:39 - 000000000 ____D C:\Users\jdvor\AppData\Local\New Technology Studio
2024-03-22 17:59 - 2024-03-22 17:59 - 000000000 ____D C:\ProgramData\Intel Package Cache {d8170687-85fa-4716-bafd-087205d0db72}
2024-03-22 17:59 - 2024-03-22 17:59 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2024-03-22 17:59 - 2024-03-22 17:59 - 000000000 ____D C:\ProgramData\Intel Package Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5}
2024-03-22 17:59 - 2024-03-22 17:59 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2024-03-22 17:59 - 2024-03-22 17:59 - 000000000 ____D C:\Program Files\Intel
2024-03-22 17:59 - 2024-03-22 17:59 - 000000000 ____D C:\Program Files (x86)\Intel
2024-03-22 17:59 - 2024-03-22 17:57 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\devcon.exe
2024-03-22 17:45 - 2024-03-22 17:45 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2024-03-16 16:44 - 2024-04-09 07:24 - 000003394 _____ C:\Windows\system32\Tasks\Cloud
2024-03-16 16:43 - 2024-03-16 16:43 - 000000000 ____D C:\Users\jdvor\Documents\temp
2024-03-16 16:42 - 2024-03-16 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2024-03-14 22:33 - 2024-03-14 22:33 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-14 22:33 - 2024-03-14 22:33 - 000001430 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2024-03-14 22:33 - 2024-03-14 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-03-14 22:32 - 2024-03-05 10:52 - 003132456 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2024-03-14 22:32 - 2024-03-05 10:52 - 002418216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-13 07:36 - 2024-02-14 20:36 - 000000000 ____D C:\Program Files\ASUS
2024-04-13 07:35 - 2024-02-14 20:49 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\asus_framework
2024-04-13 07:35 - 2024-02-14 20:47 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\discord
2024-04-13 07:35 - 2024-02-14 20:34 - 000000000 ____D C:\ProgramData\NVIDIA
2024-04-13 07:31 - 2024-02-15 16:14 - 000000128 _____ C:\Users\jdvor\AppData\Roaming\winscp.rnd
2024-04-13 07:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-04-13 07:30 - 2024-02-14 20:48 - 000000000 ____D C:\Users\jdvor\AppData\Local\Battle.net
2024-04-13 07:30 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-04-13 07:30 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-04-13 07:27 - 2024-02-14 20:47 - 000000000 ____D C:\Users\jdvor\AppData\Local\Discord
2024-04-13 07:25 - 2024-02-14 20:36 - 000000000 ____D C:\Users\jdvor\AppData\Local\D3DSCache
2024-04-13 07:23 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-13 06:59 - 2024-02-15 15:16 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\Code
2024-04-13 06:24 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-13 06:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-04-13 06:10 - 2024-02-14 20:36 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2024-04-12 00:22 - 2024-02-14 20:39 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-11 23:03 - 2024-02-14 21:36 - 000000000 ____D C:\Users\jdvor\AppData\Local\CrashDumps
2024-04-11 21:21 - 2024-02-15 15:16 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2024-04-11 15:06 - 2024-02-18 06:05 - 000263784 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-04-11 15:06 - 2024-02-18 01:34 - 002708984 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-04-11 15:06 - 2024-02-18 01:34 - 000710248 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-04-11 15:06 - 2024-02-18 01:34 - 000218616 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-04-11 15:06 - 2024-02-18 01:34 - 000206440 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-04-11 15:06 - 2024-02-18 01:34 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-04-11 15:06 - 2024-02-18 01:34 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-04-11 15:06 - 2024-02-18 01:34 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-04-11 13:59 - 2024-02-14 20:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-04-11 03:59 - 2024-02-14 20:47 - 000000000 ____D C:\Program Files (x86)\Steam
2024-04-11 00:01 - 2024-02-14 20:47 - 000002227 _____ C:\Users\jdvor\Desktop\Discord.lnk
2024-04-10 16:34 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-04-10 16:27 - 2024-02-14 20:31 - 001714676 _____ C:\Windows\system32\PerfStringBackup.INI
2024-04-10 16:19 - 2024-02-14 20:27 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-04-10 16:19 - 2024-02-14 20:26 - 001205104 _____ () C:\Windows\system32\wpbbin.exe
2024-04-10 16:19 - 2024-02-14 20:26 - 001157088 _____ C:\Windows\system32\AsusUpdateCheck.exe
2024-04-10 16:19 - 2024-02-14 20:26 - 000303992 _____ C:\Windows\system32\FNTCACHE.DAT
2024-04-10 16:19 - 2024-02-14 20:26 - 000012288 ___SH C:\DumpStack.log.tmp
2024-04-10 16:19 - 2024-02-14 20:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-04-10 16:19 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-04-10 16:19 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-04-10 16:18 - 2024-02-14 20:30 - 000000000 ____D C:\Users\jdvor
2024-04-10 16:18 - 2023-12-04 08:26 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-04-10 16:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-04-10 16:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-04-10 16:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-04-10 16:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-04-10 13:36 - 2024-02-15 03:14 - 000000000 ____D C:\Windows\system32\MRT
2024-04-10 13:35 - 2024-02-15 03:14 - 192651728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-04-10 13:34 - 2024-02-14 20:28 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-04-10 13:34 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-04-10 11:05 - 2024-02-14 20:57 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\CurseForge
2024-04-10 11:04 - 2024-02-14 20:57 - 000000000 ____D C:\Users\jdvor\AppData\Local\curseforge-updater
2024-04-10 03:09 - 2024-02-15 04:03 - 000000000 ____D C:\Users\jdvor\AppData\Local\UnrealEngine
2024-04-10 03:09 - 2024-02-15 04:03 - 000000000 ____D C:\Users\jdvor\AppData\Local\Epic Games
2024-04-10 01:59 - 2024-02-14 20:26 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-04-09 19:44 - 2024-02-17 04:06 - 000000000 ____D C:\Windows\Minidump
2024-04-09 19:43 - 2024-02-14 20:33 - 000000000 ____D C:\Users\jdvor\AppData\Local\Packages
2024-04-09 19:43 - 2024-02-14 20:28 - 000000000 ____D C:\ProgramData\Packages
2024-04-09 07:25 - 2024-02-14 20:47 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\NVIDIA
2024-04-07 02:06 - 2024-02-14 20:36 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-07 01:05 - 2024-02-14 20:50 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-04-06 23:21 - 2024-03-03 18:00 - 000000000 ____D C:\ProgramData\Riot Games
2024-04-06 23:20 - 2024-03-10 12:53 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\riot-client-ux
2024-04-06 15:54 - 2024-02-14 20:26 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-06 01:46 - 2024-02-14 20:58 - 000000000 ____D C:\Users\jdvor\AppData\Local\NVIDIA Corporation
2024-04-04 16:08 - 2024-02-14 20:26 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 16:08 - 2024-02-14 20:26 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-03 15:47 - 2024-02-14 21:01 - 006948672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-04-03 15:47 - 2024-02-14 21:00 - 006034736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-04-02 19:18 - 2024-02-14 20:37 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-04-02 19:17 - 2024-02-14 20:48 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-04-01 12:52 - 2024-02-14 20:34 - 000000000 ____D C:\Users\jdvor\AppData\Local\PlaceholderTileLogoFolder
2024-04-01 12:51 - 2023-12-04 08:21 - 000706032 _____ (Microsoft Corporation) C:\Windows\system32\vmusrv.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000628200 _____ (Microsoft Corporation) C:\Windows\system32\vmuidevices.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000628192 _____ (Microsoft Corporation) C:\Windows\system32\vmserial.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000544768 _____ (Microsoft Corporation) C:\Windows\system32\vfpctrl.exe
2024-04-01 12:51 - 2023-12-04 08:21 - 000517504 _____ (Microsoft Corporation) C:\Windows\system32\NetMgmtIF.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\vmvpci.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000439768 _____ (Microsoft Corporation) C:\Windows\system32\vmprox.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000435584 _____ (Microsoft Corporation) C:\Windows\system32\vmsmb.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000407024 _____ (Microsoft Corporation) C:\Windows\system32\vmdynmem.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000406912 _____ (Microsoft Corporation) C:\Windows\system32\nmscrub.exe
2024-04-01 12:51 - 2023-12-04 08:21 - 000378224 _____ (Microsoft Corporation) C:\Windows\system32\vmflexio.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000366056 _____ (Microsoft Corporation) C:\Windows\system32\hcsdiag.exe
2024-04-01 12:51 - 2023-12-04 08:21 - 000366048 _____ (Microsoft Corporation) C:\Windows\system32\vmiccore.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000324992 _____ (Microsoft Corporation) C:\Windows\system32\vmsif.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000316904 _____ (Microsoft Corporation) C:\Windows\system32\VmCrashDump.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000271728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2024-04-01 12:51 - 2023-12-04 08:21 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\hnsdiag.exe
2024-04-01 12:51 - 2023-12-04 08:21 - 000255464 _____ (Microsoft Corporation) C:\Windows\system32\vmbusvdev.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000218592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fse.sys
2024-04-01 12:51 - 2023-12-04 08:21 - 000185728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2024-04-01 12:51 - 2023-12-04 08:21 - 000169456 _____ (Microsoft Corporation) C:\Windows\system32\vmvirtio.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\vfpapi.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000144864 _____ (Microsoft Corporation) C:\Windows\system32\vmsifcore.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\vmhbmgmt.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000128368 _____ (Microsoft Corporation) C:\Windows\system32\nmbind.exe
2024-04-01 12:51 - 2023-12-04 08:21 - 000094208 _____ C:\Windows\system32\Drivers\vmbusproxy.sys
2024-04-01 12:51 - 2023-12-04 08:21 - 000087520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\l2bridge.sys
2024-04-01 12:51 - 2023-12-04 08:21 - 000066928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocketcontrol.sys
2024-04-01 12:51 - 2023-12-04 08:21 - 000050656 _____ (Microsoft Corporation) C:\Windows\system32\VrdUmed.dll
2024-04-01 12:51 - 2023-12-04 08:21 - 000046552 _____ (Microsoft Corporation) C:\Windows\system32\vmsifproxystub.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 006436208 _____ (Microsoft Corporation) C:\Windows\system32\vmfirmware.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000509288 _____ (Microsoft Corporation) C:\Windows\system32\vmsynthstor.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000398696 _____ (Microsoft Corporation) C:\Windows\system32\VmSynthNic.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000361832 _____ (Microsoft Corporation) C:\Windows\system32\gpupvdev.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000144736 _____ (Microsoft Corporation) C:\Windows\system32\rdp4vs.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000132456 _____ C:\Windows\system32\secfw_AuthenticAMD.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000124240 _____ (Microsoft Corporation) C:\Windows\system32\vmwpevents.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000120160 _____ (Microsoft Corporation) C:\Windows\system32\vmwpctrl.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000095584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pvhdparser.sys
2024-04-01 12:51 - 2022-05-07 07:20 - 000075104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\passthruparser.sys
2024-04-01 12:51 - 2022-05-07 07:20 - 000066912 _____ (Microsoft Corporation) C:\Windows\system32\NvAgent.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000058704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hnswfpdriver.sys
2024-04-01 12:51 - 2022-05-07 07:20 - 000046888 _____ (Microsoft Corporation) C:\Windows\system32\sbresources.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000042344 _____ (Microsoft Corporation) C:\Windows\system32\vmcomputeeventlog.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000025960 _____ (Microsoft Corporation) C:\Windows\system32\f989b52d-f928-44a3-9bf1-bf0c1da6a0d6_HyperV-DeviceVirtualization.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000025960 _____ (Microsoft Corporation) C:\Windows\system32\07409496-a423-4a3e-b620-2cfb01a9318d_HyperV-ComputeNetwork.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000025952 _____ (Microsoft Corporation) C:\Windows\system32\f1db7d81-95be-4911-935a-8ab71629112a_HyperV-IsolatedVM.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000025952 _____ (Microsoft Corporation) C:\Windows\system32\d4d78066-e6db-44b7-b5cd-2eb82dce620c_HyperV-ComputeLegacy.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000025952 _____ (Microsoft Corporation) C:\Windows\system32\c4d66f00-b6f0-4439-ac9b-c5ea13fe54d7_HyperV-ComputeCore.dll
2024-04-01 12:51 - 2022-05-07 07:20 - 000006658 _____ C:\Windows\system32\VmFirmwareHcl Third-Party Notices.txt
2024-04-01 12:51 - 2022-05-07 07:20 - 000006658 _____ C:\Windows\system32\VmFirmware Third-Party Notices.txt
2024-03-31 03:15 - 2022-05-07 12:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\DDFs
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning
2024-03-31 03:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-03-31 01:06 - 2024-02-14 20:30 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\Microsoft\Spelling
2024-03-30 19:07 - 2022-05-07 12:14 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-03-30 19:07 - 2022-05-07 12:14 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-03-30 19:07 - 2022-05-07 12:05 - 000000000 ____D C:\Windows\SysWOW64\winrm
2024-03-30 19:07 - 2022-05-07 12:05 - 000000000 ____D C:\Windows\SysWOW64\WCN
2024-03-30 19:07 - 2022-05-07 12:05 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2024-03-30 19:07 - 2022-05-07 12:05 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2024-03-30 19:07 - 2022-05-07 12:05 - 000000000 ____D C:\Windows\system32\winrm
2024-03-30 19:07 - 2022-05-07 12:05 - 000000000 ____D C:\Windows\system32\WCN
2024-03-30 19:07 - 2022-05-07 12:05 - 000000000 ____D C:\Windows\system32\slmgr
2024-03-30 19:07 - 2022-05-07 12:05 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\F12
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-30 19:07 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-03-30 19:07 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-03-30 19:06 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\OCR
2024-03-30 19:06 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Globalization
2024-03-28 21:51 - 2024-03-08 22:07 - 000000000 ____D C:\Users\jdvor\Documents\Rockstar Games
2024-03-28 21:51 - 2024-03-08 22:07 - 000000000 ____D C:\Users\jdvor\AppData\Local\Rockstar Games
2024-03-28 01:57 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2024-03-27 23:10 - 2024-03-08 22:05 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2024-03-27 23:10 - 2024-03-08 22:05 - 000000000 ____D C:\ProgramData\Rockstar Games
2024-03-26 21:27 - 2024-02-15 15:11 - 000001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2024-03-26 21:27 - 2024-02-15 15:11 - 000001110 _____ C:\Users\Public\Desktop\WinSCP.lnk
2024-03-26 21:27 - 2024-02-15 15:11 - 000000000 ____D C:\Program Files (x86)\WinSCP
2024-03-26 18:12 - 2024-02-14 20:30 - 000000000 ___SD C:\Users\jdvor\AppData\Roaming\Microsoft\Credentials
2024-03-25 17:43 - 2024-03-08 22:05 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2024-03-22 18:01 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2024-03-22 17:59 - 2024-02-14 20:26 - 000000000 ____D C:\ProgramData\ASUS
2024-03-22 17:57 - 2024-02-14 21:36 - 000000000 ____D C:\ProgramData\EA Desktop
2024-03-22 17:49 - 2024-02-14 20:38 - 000000000 ____D C:\Program Files (x86)\LightingService
2024-03-22 17:49 - 2024-02-14 20:35 - 000000000 ____D C:\Program Files (x86)\ASUS
2024-03-22 17:34 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-03-20 20:30 - 2024-02-14 20:57 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-03-20 20:30 - 2024-02-14 20:34 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-03-16 16:45 - 2024-02-18 01:23 - 000000000 ____D C:\Users\jdvor\AppData\Roaming\G HUB
2024-03-16 16:45 - 2024-02-18 01:23 - 000000000 ____D C:\Users\jdvor\AppData\Local\LGHUB
2024-03-15 18:24 - 2024-02-18 06:05 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll.0
2024-03-14 23:25 - 2024-02-14 20:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

==================== Files in the root of some directories ========

2024-02-15 16:14 - 2024-04-13 07:31 - 000000128 _____ () C:\Users\jdvor\AppData\Roaming\winscp.rnd
2024-04-04 17:13 - 2024-04-04 17:13 - 000000473 _____ () C:\Users\jdvor\AppData\Local\log.txt
2024-03-26 18:10 - 2024-03-26 18:11 - 000000128 _____ () C:\Users\jdvor\AppData\Local\PUTTY.RND

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.04.2024
Ran by jdvor (13-04-2024 07:38:27)
Running from C:\Users\jdvor\Downloads
Microsoft Windows 11 Pro Version 23H2 22631.3447 (X64) (2024-02-14 18:28:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2539162158-1135396449-686832590-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2539162158-1135396449-686832590-503 - Limited - Disabled)
Guest (S-1-5-21-2539162158-1135396449-686832590-501 - Limited - Disabled)
jdvor (S-1-5-21-2539162158-1135396449-686832590-1001 - Administrator - Enabled) => C:\Users\jdvor
WDAGUtilityAccount (S-1-5-21-2539162158-1135396449-686832590-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Amazon Games (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.3.9106.6 - Amazon.com Services, Inc.)
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
Aplikace NVIDIA 10.0.0.505 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 10.0.0.505 - NVIDIA Corporation)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.8.9 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.2.17.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{4a4582c0-36fb-493f-b356-77e1c271fc51}) (Version: 1.2.17.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{2D7710B3-1561-486D-901F-458770B079D1}) (Version: 2.7.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{4ca6df8f-d753-49f6-a5da-ebee19a56f2f}) (Version: 2.7.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.6 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{4edc3c3e-2ec4-43d0-a184-ad61bc7dda53}) (Version: 1.3.9.6 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.42 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.1.1.1 - ASUSTeK Computer Inc.)
ASUS Keyboard HAL (HKLM\...\{4B87B6AA-8906-45DC-B65A-E346B4C74197}) (Version: 1.2.65.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{9bde267a-2c93-47f5-b09d-fe27a49aba7a}) (Version: 1.2.65.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.01.38 - ASUSTek Computer Inc.)
ASUS Mouse HAL (HKLM\...\{FBA21DBC-ADD2-4827-B6CF-AAE7D01B169B}) (Version: 1.2.0.94 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{98297fe4-a0fb-4f03-9a58-236f9afedd1c}) (Version: 1.2.0.94 - ASUSTek COMPUTER INC.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.111 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{F2E3BF81-9CB7-4093-8A2B-FF7DFF631E7F}) (Version: 1.1.25 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{9e3269a6-bacd-4c90-98cc-28b15874bf74}) (Version: 1.1.25 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.43 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.43 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.43 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{5bf96be1-0089-49f7-a574-1ed6dc7dc1b0}) (Version: 3.07.43 - ASUSTeK Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlestate Games Launcher 14.0.1.2319 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 14.0.1.2319 - Battlestate Games)
CrystalDiskInfo 9.2.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.2.2 - Crystal Dew World)
CurseForge 0.249.3-17472 (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 0.249.3-17472 - Overwolf)
Discord (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\Discord) (Version: 1.0.9033 - Discord Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{12EF5653-F4C0-4B29-A4EE-E2C7A527E668}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.152.0.5665 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{d3fbf100-541d-468f-97f1-e90477fec398}) (Version: 13.152.0.5665 - Electronic Arts)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.48.6 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{2f11e68d-297d-4e28-80e0-b98178606bea}) (Version: 1.1.48.6 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.3 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{79e8502b-eaf7-4831-b53d-2da128540d16}) (Version: 1.0.10.3 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
FiveM (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.107 - Google LLC)
HeidiSQL 12.6.0.6765 (HKLM\...\HeidiSQL_is1) (Version: 12.6 - Ansgar Becker)
Intel(R) Chipset Device Software (HKLM\...\{22987D97-5A46-4BD9-B1A5-2FFE44201081}) (Version: 10.1.19199.8340 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e6ecf35a-b1bb-4e59-9d90-4c98fde2ffa8}) (Version: 10.1.19199.8340 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{39C50D87-BFD1-43DD-8A18-676086E328C9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2340.5.36.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{BA97A47F-9B59-4B07-BC82-FF3F6CE6E597}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{C8EEBC98-5759-4B1D-9834-E5F897161475}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{8105FECC-2670-4EA1-A98B-FA803A30AEEB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.33 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{6fcd931b-eac3-4850-9d72-8e2124e32754}) (Version: 1.1.33 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
LoadingBay (HKLM\...\{E54C5B98-637D-4ADA-AB95-909F72A9D401}_is1) (Version: 1.0.8.3 - Netease Interactive Entertainment Pte.Ltd.)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.2.534136 - Logitech)
Malwarebytes version 5.1.2.109 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.2.109 - Malwarebytes)
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.81 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.81 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.88.1 - Microsoft Corporation)
NVIDIA FrameView SDK 1.4.9615.33661400 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.9615.33661400 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 552.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 552.12 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.2 - OBS Project)
OpenIV (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\OpenIV) (Version: 4.1.1502 - .black/OpenIV Team)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
Riot Client (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Roblox Player for jdvor (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.86.1893 - Rockstar Games)
ROG CLAYMORE II (2.4GHz) (HKLM-x32\...\{fd9dd7f8-b372-4a0c-b865-c656aaa38b85}) (Version: 4.01.08 - ASUSTek Computer Inc.)
ROG CLAYMORE II (HKLM-x32\...\{30501689-df52-4f9a-990a-15706824c571}) (Version: 4.01.08 - ASUSTek Computer Inc.)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.01.16 - ASUSTek Computer Inc.)
ROG CHAKRAM (2.4GHz) (HKLM-x32\...\{ad70ebbb-8dc8-4208-ab08-7db2ebbaaae3}) (Version: 4.02.04 - ASUSTek Computer Inc.)
ROG CHAKRAM (HKLM-x32\...\{d68c9f4f-c226-4682-aefb-f183b5c7b446}) (Version: 4.02.04 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.3.16.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Termius 8.11.0 (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\4f53adaa-a4b2-50c1-b605-e304e4d14011) (Version: 8.11.0 - Termius Corporation)
U.GG 1.9.19 (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\aca90cad-9059-53b1-8dc9-f846273ebdf3) (Version: 1.9.19 - Outplayed, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 149.3.11030 - Ubisoft)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69}) (Version: 1.0.0.7 - PD) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
Windows Subsystem for Linux (HKLM\...\{877F46EF-614F-4B05-A09D-E15E5B424710}) (Version: 2.1.5.0 - Microsoft Corporation) Hidden
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
WinSCP 6.3.2 (HKLM-x32\...\winscp3_is1) (Version: 6.3.2 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Chrome apps:
============
YouTube Music (HKU\S-1-5-21-2539162158-1135396449-686832590-1001\...\73eb9c7859220dbb385a1c8f27f0a4fe) (Version: 1.0 - Google\Chrome)

Packages:
=========

Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2024-02-14] (Sparse Package)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.8.9.0_x64__qmba6cd70vzyy [2024-04-02] (ASUSTeK COMPUTER INC.)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation)
HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.NGENUITY_2.22.1.0_x64__922sw8z9z7n5w [2024-02-14] (HP Inc.) [Startup Task]
Microsoft Jenny (Natural) - English (United States) -> C:\Program Files\WindowsApps\MicrosoftWindows.Voice.en-US.Jenny.1_1.0.8.0_x64__cw5n1h2txyewy [2024-03-30] (Microsoft Windows)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-03-02] (Microsoft Corporation)
Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-30] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24031.69.0_x64__cw5n1h2txyewy [2024-04-10] (Microsoft Windows) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-04-04] (NVIDIA Corp.)
Speech Pack - English (United States) -> C:\Program Files\WindowsApps\MicrosoftWindows.Speech.en-US.1_1.0.16.0_x64__cw5n1h2txyewy [2024-03-30] (Microsoft Windows)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0 [2024-04-11] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-29] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2024-02-15] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_268e85175aa9e991\nvshext.dll [2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-13] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\jdvor\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cinhimbnkkaeohfgghhklpknlkffjgod\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\jdvor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod

==================== Loaded Modules (Whitelisted) =============

2024-02-14 20:37 - 2024-01-17 10:25 - 000416768 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2024-02-14 20:37 - 2023-09-15 18:21 - 000175104 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2024-02-14 20:37 - 2023-04-14 15:18 - 000159744 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node
2024-02-14 20:37 - 2023-04-14 15:18 - 000319488 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node
2024-03-14 22:32 - 2024-03-14 22:32 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\jdvor\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\jdvor\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [141]
AlternateDataStreams: C:\Users\jdvor\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\jdvor\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2539162158-1135396449-686832590-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jdvor\Pictures\ROG_ZEPHYRUS_M16_product_wallpaper_2560x1600.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A2577581-77A2-4D9A-80BB-0A87A20389CC}] => (Allow) C:\Users\jdvor\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{6C0DD3E9-303E-4FE1-820D-8BCECC702147}] => (Allow) C:\Users\jdvor\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{6FF5B5B9-9870-4479-90DD-72F12178BA53}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{8457250A-B686-49AA-AE6D-78D1F0932A3C}] => (Allow) C:\program files\asus\aacambienthal\aacambientlighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{98809E05-2F7C-48F0-9A85-099621516CAA}] => (Allow) C:\Users\jdvor\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{170F2727-EEE6-4DA0-AC73-D63DE4D91096}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E9B617A9-36A6-4456-9A9A-6993144FA1EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D0945A64-EBB7-41CF-A291-7600FC5865BC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FA414514-E74C-4D45-9A03-BC03BB78BA10}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F6B9C653-3EA7-4508-B7F3-99591A9AD98A}] => (Allow) D:\SteamLibrary\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed]
FirewallRules: [{B1902B41-038F-47AD-BC2B-6B504CEAB3FC}] => (Allow) D:\SteamLibrary\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed]
FirewallRules: [{576C2A52-BDCA-4AC2-AAE0-1F9A20F1E032}] => (Allow) D:\SteamLibrary\steamapps\common\Kebab Chefs!\Kebab Chefs! - Restaurant Simulator.exe () [File not signed]
FirewallRules: [{E30CD86C-6793-4F3C-8099-90DF2DCB99B0}] => (Allow) D:\SteamLibrary\steamapps\common\Kebab Chefs!\Kebab Chefs! - Restaurant Simulator.exe () [File not signed]
FirewallRules: [{C3DB112E-D14D-4621-A26B-FB4511EFFCEE}] => (Allow) D:\SteamLibrary\steamapps\common\Demonologist\Demonologist.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{817C51A7-4CE4-4298-B15D-C8A3B2CD184D}] => (Allow) D:\SteamLibrary\steamapps\common\Demonologist\Demonologist.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{478E5B07-D8F8-4954-BE43-79603104928C}] => (Allow) D:\SteamLibrary\steamapps\common\Escape Simulator\Escape Simulator.exe () [File not signed]
FirewallRules: [{BE964384-F1B9-4005-9F12-491DDD5A203B}] => (Allow) D:\SteamLibrary\steamapps\common\Escape Simulator\Escape Simulator.exe () [File not signed]
FirewallRules: [{5C8B5206-5B9C-4B2D-BD3D-E202A02975F2}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{B79CF142-9FBA-440A-A384-76430AD384B9}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{5A7B532E-AD38-486E-81F8-13E4B967A11A}] => (Allow) D:\SteamLibrary\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{EE425760-7A7F-4BCF-A440-11A63CD6BDCB}] => (Allow) D:\SteamLibrary\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{3A87CE91-BE1D-47B4-9E05-B3AF0DAE98E3}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B42DB025-548C-40E7-A91D-7E171543661B}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{966BCEAB-0352-4615-995B-EC1483AA3407}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{264D62C6-AC3A-4B21-A822-582F915A237F}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FAF8C5A0-7741-428F-8786-E62D855754D5}] => (Allow) D:\SteamLibrary\steamapps\common\Helldivers 2\bin\helldivers2.exe (Arrowhead Game Studios AB -> Arrowhead Game Studios AB)
FirewallRules: [{1A93341F-6AC1-4D2A-A73C-861A4C038DF8}] => (Allow) D:\SteamLibrary\steamapps\common\Helldivers 2\bin\helldivers2.exe (Arrowhead Game Studios AB -> Arrowhead Game Studios AB)
FirewallRules: [{8680A5D3-EC57-48B6-876C-16C448578F7B}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{DE06D1E9-238A-4C10-9748-97B89BF3A5DE}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{CAE7197B-6F3F-4DE6-9B13-797B4B601FC7}] => (Allow) D:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{BBD83622-A198-4C2E-9F52-B7E4F9CBD863}] => (Allow) D:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [TCP Query User{1C702848-CE38-407D-8446-BB3B625E8C79}D:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{582CC675-89DD-44D6-800A-27EA62324308}D:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [{C2EF1C40-C8F8-460F-B0C3-A7253A5EC4C9}] => (Allow) D:\SteamLibrary\steamapps\common\Nuclear Last Darkness\Nucleares.exe () [File not signed]
FirewallRules: [{548FECCF-B9A8-4ECF-B378-50CDB0B8DA65}] => (Allow) D:\SteamLibrary\steamapps\common\Nuclear Last Darkness\Nucleares.exe () [File not signed]
FirewallRules: [{2F33F6B0-E2AE-4E38-880C-B1F490FE99E2}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{FF34111E-93F1-4348-8BDD-4F9085916598}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.)
FirewallRules: [{D3A1C577-A067-4BBC-A859-59CF1108843B}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.)
FirewallRules: [TCP Query User{08F9B052-C95C-490A-BF94-B6D056091673}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Block) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{5C0769F5-17BB-43AA-9AA4-53736A52F08A}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Block) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{4F1CCDAE-89AD-4A9A-B358-DE900D9AB8B1}D:\forza\forza horizon 5\content\forzahorizon5.exe] => (Allow) D:\forza\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{8D2E3EF3-FD8C-4BFE-B1AC-78890AA23F57}D:\forza\forza horizon 5\content\forzahorizon5.exe] => (Allow) D:\forza\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{30AF7FF7-3517-448E-9062-76625DBB5DE1}D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe] => (Allow) D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe => No File
FirewallRules: [UDP Query User{06705521-510E-4F21-8444-6BFA21D55E14}D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe] => (Allow) D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe => No File
FirewallRules: [TCP Query User{06114F2E-318C-413E-BEB9-89AF1E273B8C}D:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) D:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{86534546-BF4A-4E6A-A9A1-DC9F731A76A6}D:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) D:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{6EA32ED3-30ED-4E66-AF60-682257A69E32}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB_BE.exe => No File
FirewallRules: [{C0039B23-01A5-4BA8-ABCB-DB0E218A7645}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB_BE.exe => No File
FirewallRules: [{83A5C59C-464A-4320-9407-F36ED75B87C0}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB.exe => No File
FirewallRules: [{3F31BF5A-69D6-410D-AE90-EFEAFD8225F6}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB.exe => No File
FirewallRules: [{BEFCABFB-AE96-46E8-9CC5-74D77F44EAD9}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe => No File
FirewallRules: [{838749B1-6F9C-46D5-B16D-C4892E3FB529}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe => No File
FirewallRules: [{59598C45-B612-4145-9DBD-A99DBD34E9DA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E1802B49-527D-4726-8D12-FC84EEB2D299}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{CDE140DB-6EAF-4A34-84E0-46058E1793C9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4FEC1C60-CD10-4E4A-B101-42D49740BFBD}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B872F59A-2750-4A99-8A8C-EF049C620800}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8A033D14-E31B-4FBB-8142-173474B5A5F1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5F134182-4ABE-41C1-8811-1005DE326F97}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1AD0221F-12CC-48C2-AE40-21FF2FAB179F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AD671E37-C9FD-45C4-8B92-8349DC259BF2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{80746932-3CAF-45E7-A575-719DD10CCCBB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{45FAF520-EDDD-4E42-BB2E-E4C949FC7217}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7C4587AF-DD78-43D0-AA5B-B9FCD68C20E7}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{73D25E21-2A07-43AB-BEB8-F024806F3A2E}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [TCP Query User{5DA28A02-669C-4005-94C6-7944FE994E0E}C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [UDP Query User{7A75E073-567C-4D85-B4A2-28901F944808}C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [{F69B88D9-F713-4513-803C-C48B6C69A385}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{551315CC-675D-4CD3-A8A0-2ECA94B7E7D9}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{EF4BD36B-D8DF-43BF-9064-74C4A08D581F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{DB3A6FA1-7D93-40A1-9869-B4DB4325A1D1}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [TCP Query User{5B3CFBD2-ECE5-411B-A276-CD03857E895C}E:\empirerp\server\fxserver.exe] => (Allow) E:\empirerp\server\fxserver.exe => No File
FirewallRules: [UDP Query User{01810F33-14FD-4F44-9B6D-79C06D9FE532}E:\empirerp\server\fxserver.exe] => (Allow) E:\empirerp\server\fxserver.exe => No File
FirewallRules: [TCP Query User{8BCF4BF8-1F98-431E-98E3-FFC796066218}E:\devncrp\cfx\fxserver.exe] => (Allow) E:\devncrp\cfx\fxserver.exe => No File
FirewallRules: [UDP Query User{44640721-FE44-4028-8FA4-BF87E76DE485}E:\devncrp\cfx\fxserver.exe] => (Allow) E:\devncrp\cfx\fxserver.exe => No File
FirewallRules: [TCP Query User{588BCC65-DCC0-47C5-BFA6-778D6520294E}E:\devncrp\server\fxserver.exe] => (Allow) E:\devncrp\server\fxserver.exe => No File
FirewallRules: [UDP Query User{09261A73-950B-4B57-909F-3ECB4B0489F2}E:\devncrp\server\fxserver.exe] => (Allow) E:\devncrp\server\fxserver.exe => No File
FirewallRules: [{F5D6CD92-AAE3-4079-85E9-8445AE06B4DD}] => (Allow) C:\Users\jdvor\AppData\Local\Temp\7z06DDB10C\aria2c.exe => No File
FirewallRules: [TCP Query User{73DB19CB-45DE-41DD-87A4-3AB8AF8A1CC5}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{78DDF31C-B36F-415B-A0E2-DFD0DC76D0D1}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{C2F73EF7-09D8-43C2-938D-CB88F45FF9E8}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{40566735-C78D-420E-8B33-71C0BD5C7FB6}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{216DB8A1-A7F5-4B83-9B6D-2A92C7ABFE04}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.81\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{19C44501-9B56-4412-87F5-7EBBF04A18F7}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [UDP Query User{3A4BE784-3037-4D87-A0F8-F7E3C57FCB7C}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [TCP Query User{A16E57EB-E73C-4ED3-9FBD-13848DD0AD26}E:\steraming\speaker.bot-x64-0.1.3\speaker.bot.exe] => (Allow) E:\steraming\speaker.bot-x64-0.1.3\speaker.bot.exe => No File
FirewallRules: [UDP Query User{BBF99346-602C-431B-815A-D9DA7910D641}E:\steraming\speaker.bot-x64-0.1.3\speaker.bot.exe] => (Allow) E:\steraming\speaker.bot-x64-0.1.3\speaker.bot.exe => No File
FirewallRules: [{51974EC8-E41F-445F-A617-FD6091046AEE}] => (Allow) D:\SteamLibrary\steamapps\common\Throne and Liberty Closed Beta Test\TL\Binaries\Win64\TL.exe (NCSOFT Corporation -> NCSOFT Corporation)
FirewallRules: [{564294ED-0B2C-4B26-A019-2D221ADC78A2}] => (Allow) D:\SteamLibrary\steamapps\common\Throne and Liberty Closed Beta Test\TL\Binaries\Win64\TL.exe (NCSOFT Corporation -> NCSOFT Corporation)
FirewallRules: [{C117447A-EB5B-48E6-B914-6B2CFA935991}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{73616984-3AD3-41FD-8C65-97AF869BE6E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7D82AB90-E06B-4B7B-B862-5BDAE2542482}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F61EC1AC-BF2D-43B3-919C-6700831E957C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{09C196A7-B97B-44BB-9B19-2655D17D406D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4FAE45E6-65A1-401F-9EDD-A90F4A541B27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{63B4B836-8D11-4A92-91BE-8645B6D0949A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0434BB6E-01A7-43B0-990D-E96D97A94979}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F48D9B5A-B1EC-4AB4-9C91-58BF90112399}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E67BC816-7ABA-43F9-9DFA-938EE478CAAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9F185F04-FC68-4B9A-976B-028A389450CA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{AFCC95E2-DF9F-437A-9205-E01D83D426A9}C:\users\jdvor\appdata\local\fivem\fivem.exe] => (Allow) C:\users\jdvor\appdata\local\fivem\fivem.exe (Rockstar Games, Inc. -> Cfx.re)
FirewallRules: [UDP Query User{9BC0D96B-570C-4DED-8582-9D3CB4E5E554}C:\users\jdvor\appdata\local\fivem\fivem.exe] => (Allow) C:\users\jdvor\appdata\local\fivem\fivem.exe (Rockstar Games, Inc. -> Cfx.re)
FirewallRules: [TCP Query User{25E5E18D-AAD5-4119-9689-679328ED663C}C:\users\jdvor\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\jdvor\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe (Cfx.re) [File not signed]
FirewallRules: [UDP Query User{FEAD60A7-2463-4D05-9985-D7168C678D88}C:\users\jdvor\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\jdvor\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe (Cfx.re) [File not signed]
FirewallRules: [TCP Query User{5265719D-D2C5-4827-8DC3-7CB4AA704AEB}C:\users\jdvor\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe] => (Allow) C:\users\jdvor\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe (Cfx.re) [File not signed]
FirewallRules: [UDP Query User{12EA994F-7CC4-4740-8370-A3C251988E86}C:\users\jdvor\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe] => (Allow) C:\users\jdvor\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe (Cfx.re) [File not signed]

==================== Restore Points =========================

10-04-2024 09:03:09 Windows Update
10-04-2024 09:03:14 Windows Update

==================== Faulty Device Manager Devices ============

Name: Řadič USB (Universal Serial Bus)
Description: Řadič USB (Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič RAID
Description: Řadič RAID
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/10/2024 04:18:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (04/10/2024 04:18:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/10/2024 04:18:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (04/10/2024 04:18:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/10/2024 08:55:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (04/10/2024 08:55:37 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/10/2024 02:31:20 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 1.8.17928.0 programu helldivers2.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (04/09/2024 07:48:20 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: ROGLiveService.exe, verze: 2.3.16.5, časové razítko: 0x65f398e6
Název chybujícího modulu: ROGLiveService.exe, verze: 2.3.16.5, časové razítko: 0x65f398e6
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000011bc16
ID chybujícího procesu: 0x0x15cc
Čas spuštění chybující aplikace: 0x0x1da886f7e6f97a1
Cesta k chybující aplikaci: C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
Cesta k chybujícímu modulu: C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
ID zprávy: 24d298b5-57e3-4210-84f7-50c5411d0236
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (04/13/2024 07:35:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ROG Live Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/13/2024 07:35:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS AURA SYNC lighting service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/13/2024 07:35:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management Engine WMI Provider Registration byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/13/2024 07:35:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WSL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/13/2024 07:35:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (04/13/2024 07:35:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ARMOURY CRATE Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (04/13/2024 07:35:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba LGHUB Updater Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (04/13/2024 07:35:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2024-04-13 06:19:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {302B9080-F24A-4951-B668-6F787F8EB2DE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-04-12 08:37:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {41D5FDDD-827C-4A02-A514-98031BAFDD0A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-04-11 13:59:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6C805F82-BED3-465E-A8BA-E73A3C40BCF8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-04-10 08:00:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {32C7F3A6-726C-4886-8B0D-3F763BDA9115}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-04-09 04:36:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {60B30608-2BB5-4D6D-B868-61202FD277AE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2024-04-13 07:38:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2802 09/27/2023
Motherboard: ASUSTeK COMPUTER INC. ROG MAXIMUS Z690 HERO
Processor: 12th Gen Intel(R) Core(TM) i7-12700K
Percentage of memory in use: 17%
Total physical RAM: 65277.32 MB
Available physical RAM: 53848.88 MB
Total Virtual: 69373.32 MB
Available Virtual: 56068.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.65 GB) (Free:818.97 GB) (Model: Samsung SSD 990 PRO 1TB) NTFS
Drive d: (Games) (Fixed) (Total:931.51 GB) (Free:214.24 GB) (Model: WDS100T1X0E-00AFY0) NTFS
Drive e: (Ostatní) (Fixed) (Total:465.76 GB) (Free:452.89 GB) (Model: Samsung SSD 970 EVO 500GB) NTFS

\\?\Volume{68a4f51e-e50b-4fe7-b8f3-51d90c47181a}\ () (Fixed) (Total:0.75 GB) (Free:0.08 GB) NTFS
\\?\Volume{c929630d-1503-4902-8f2a-1e47f104ab58}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 89371B41)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Divně chování PC (Zpomalené) prosím o pomoc

#2 Příspěvek od Rudy »

Zdravím!

Otevřte poznámkový blok a zkopírujte do něj:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {9DAFCB3A-66E0-49E0-8877-CD7836C732FB} - System32\Tasks\Cloud => "C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe" (No File)
Task: {42DDCA1D-B9F8-4D89-B2A7-296B578096E1} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{628FD316-95B2-4A3D-BD10-0FAA1CD3D99F} => C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC)
Task: {C44CB5B7-357F-4348-9936-06E928C688C1} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
R3 cpuz157; C:\Windows\temp\cpuz157\cpuz157_x64.sys [43568 2024-04-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44576 2024-04-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X] <==== ATTENTION
C:\DumpStack.log.tmp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\Users\jdvor\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\jdvor\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [141]
AlternateDataStreams: C:\Users\jdvor\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\jdvor\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [{A2577581-77A2-4D9A-80BB-0A87A20389CC}] => (Allow) C:\Users\jdvor\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{6C0DD3E9-303E-4FE1-820D-8BCECC702147}] => (Allow) C:\Users\jdvor\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [TCP Query User{4F1CCDAE-89AD-4A9A-B358-DE900D9AB8B1}D:\forza\forza horizon 5\content\forzahorizon5.exe] => (Allow) D:\forza\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{8D2E3EF3-FD8C-4BFE-B1AC-78890AA23F57}D:\forza\forza horizon 5\content\forzahorizon5.exe] => (Allow) D:\forza\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{30AF7FF7-3517-448E-9062-76625DBB5DE1}D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe] => (Allow) D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe => No File
FirewallRules: [UDP Query User{06705521-510E-4F21-8444-6BFA21D55E14}D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe] => (Allow) D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe => No File
FirewallRules: [{6EA32ED3-30ED-4E66-AF60-682257A69E32}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB_BE.exe => No File
FirewallRules: [{C0039B23-01A5-4BA8-ABCB-DB0E218A7645}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB_BE.exe => No File
FirewallRules: [{83A5C59C-464A-4320-9407-F36ED75B87C0}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB.exe => No File
FirewallRules: [{3F31BF5A-69D6-410D-AE90-EFEAFD8225F6}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB.exe => No File
FirewallRules: [{BEFCABFB-AE96-46E8-9CC5-74D77F44EAD9}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe => No File
FirewallRules: [{838749B1-6F9C-46D5-B16D-C4892E3FB529}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe => No File
FirewallRules: [TCP Query User{5DA28A02-669C-4005-94C6-7944FE994E0E}C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [UDP Query User{7A75E073-567C-4D85-B4A2-28901F944808}C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [TCP Query User{5B3CFBD2-ECE5-411B-A276-CD03857E895C}E:\empirerp\server\fxserver.exe] => (Allow) E:\empirerp\server\fxserver.exe => No File
FirewallRules: [UDP Query User{01810F33-14FD-4F44-9B6D-79C06D9FE532}E:\empirerp\server\fxserver.exe] => (Allow) E:\empirerp\server\fxserver.exe => No File
FirewallRules: [TCP Query User{8BCF4BF8-1F98-431E-98E3-FFC796066218}E:\devncrp\cfx\fxserver.exe] => (Allow) E:\devncrp\cfx\fxserver.exe => No File
FirewallRules: [UDP Query User{44640721-FE44-4028-8FA4-BF87E76DE485}E:\devncrp\cfx\fxserver.exe] => (Allow) E:\devncrp\cfx\fxserver.exe => No File
FirewallRules: [TCP Query User{588BCC65-DCC0-47C5-BFA6-778D6520294E}E:\devncrp\server\fxserver.exe] => (Allow) E:\devncrp\server\fxserver.exe => No File
FirewallRules: [UDP Query User{09261A73-950B-4B57-909F-3ECB4B0489F2}E:\devncrp\server\fxserver.exe] => (Allow) E:\devncrp\server\fxserver.exe => No File
FirewallRules: [{F5D6CD92-AAE3-4079-85E9-8445AE06B4DD}] => (Allow) C:\Users\jdvor\AppData\Local\Temp\7z06DDB10C\aria2c.exe => No File
FirewallRules: [TCP Query User{73DB19CB-45DE-41DD-87A4-3AB8AF8A1CC5}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{78DDF31C-B36F-415B-A0E2-DFD0DC76D0D1}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File

EmptyTemp:
End
Uložte do C:\Users\jdvor\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:

Re: Divně chování PC (Zpomalené) prosím o pomoc

#3 Příspěvek od Andyfuk »

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.04.2024
Ran by jdvor (13-04-2024 12:31:06) Run:1
Running from C:\Users\jdvor\Downloads
Loaded Profiles: jdvor
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {9DAFCB3A-66E0-49E0-8877-CD7836C732FB} - System32\Tasks\Cloud => "C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe" (No File)
Task: {42DDCA1D-B9F8-4D89-B2A7-296B578096E1} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{628FD316-95B2-4A3D-BD10-0FAA1CD3D99F} => C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC)
Task: {C44CB5B7-357F-4348-9936-06E928C688C1} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
R3 cpuz157; C:\Windows\temp\cpuz157\cpuz157_x64.sys [43568 2024-04-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44576 2024-04-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X] <==== ATTENTION
C:\DumpStack.log.tmp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\Users\jdvor\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\jdvor\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [141]
AlternateDataStreams: C:\Users\jdvor\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\jdvor\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [{A2577581-77A2-4D9A-80BB-0A87A20389CC}] => (Allow) C:\Users\jdvor\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{6C0DD3E9-303E-4FE1-820D-8BCECC702147}] => (Allow) C:\Users\jdvor\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [TCP Query User{4F1CCDAE-89AD-4A9A-B358-DE900D9AB8B1}D:\forza\forza horizon 5\content\forzahorizon5.exe] => (Allow) D:\forza\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{8D2E3EF3-FD8C-4BFE-B1AC-78890AA23F57}D:\forza\forza horizon 5\content\forzahorizon5.exe] => (Allow) D:\forza\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{30AF7FF7-3517-448E-9062-76625DBB5DE1}D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe] => (Allow) D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe => No File
FirewallRules: [UDP Query User{06705521-510E-4F21-8444-6BFA21D55E14}D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe] => (Allow) D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe => No File
FirewallRules: [{6EA32ED3-30ED-4E66-AF60-682257A69E32}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB_BE.exe => No File
FirewallRules: [{C0039B23-01A5-4BA8-ABCB-DB0E218A7645}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB_BE.exe => No File
FirewallRules: [{83A5C59C-464A-4320-9407-F36ED75B87C0}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB.exe => No File
FirewallRules: [{3F31BF5A-69D6-410D-AE90-EFEAFD8225F6}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB.exe => No File
FirewallRules: [{BEFCABFB-AE96-46E8-9CC5-74D77F44EAD9}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe => No File
FirewallRules: [{838749B1-6F9C-46D5-B16D-C4892E3FB529}] => (Allow) D:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe => No File
FirewallRules: [TCP Query User{5DA28A02-669C-4005-94C6-7944FE994E0E}C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [UDP Query User{7A75E073-567C-4D85-B4A2-28901F944808}C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [TCP Query User{5B3CFBD2-ECE5-411B-A276-CD03857E895C}E:\empirerp\server\fxserver.exe] => (Allow) E:\empirerp\server\fxserver.exe => No File
FirewallRules: [UDP Query User{01810F33-14FD-4F44-9B6D-79C06D9FE532}E:\empirerp\server\fxserver.exe] => (Allow) E:\empirerp\server\fxserver.exe => No File
FirewallRules: [TCP Query User{8BCF4BF8-1F98-431E-98E3-FFC796066218}E:\devncrp\cfx\fxserver.exe] => (Allow) E:\devncrp\cfx\fxserver.exe => No File
FirewallRules: [UDP Query User{44640721-FE44-4028-8FA4-BF87E76DE485}E:\devncrp\cfx\fxserver.exe] => (Allow) E:\devncrp\cfx\fxserver.exe => No File
FirewallRules: [TCP Query User{588BCC65-DCC0-47C5-BFA6-778D6520294E}E:\devncrp\server\fxserver.exe] => (Allow) E:\devncrp\server\fxserver.exe => No File
FirewallRules: [UDP Query User{09261A73-950B-4B57-909F-3ECB4B0489F2}E:\devncrp\server\fxserver.exe] => (Allow) E:\devncrp\server\fxserver.exe => No File
FirewallRules: [{F5D6CD92-AAE3-4079-85E9-8445AE06B4DD}] => (Allow) C:\Users\jdvor\AppData\Local\Temp\7z06DDB10C\aria2c.exe => No File
FirewallRules: [TCP Query User{73DB19CB-45DE-41DD-87A4-3AB8AF8A1CC5}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{78DDF31C-B36F-415B-A0E2-DFD0DC76D0D1}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File

EmptyTemp:
End
*****************

HKLM\SOFTWARE\Microsoft\Windows Defender\\DisableAntiSpyware => Error setting value.
HKLM\SOFTWARE\Microsoft\Windows Defender\\DisableAntiVirus => Error setting value.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9DAFCB3A-66E0-49E0-8877-CD7836C732FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DAFCB3A-66E0-49E0-8877-CD7836C732FB}" => removed successfully
C:\Windows\System32\Tasks\Cloud => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Cloud" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42DDCA1D-B9F8-4D89-B2A7-296B578096E1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42DDCA1D-B9F8-4D89-B2A7-296B578096E1}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{628FD316-95B2-4A3D-BD10-0FAA1CD3D99F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{628FD316-95B2-4A3D-BD10-0FAA1CD3D99F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C44CB5B7-357F-4348-9936-06E928C688C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C44CB5B7-357F-4348-9936-06E928C688C1}" => removed successfully
C:\Windows\System32\Tasks\ASUS\P508PowerAgent_sdk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
cpuz157 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\cpuz157 => removed successfully
cpuz157 => service removed successfully
cpuz158 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\cpuz158 => removed successfully
cpuz158 => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz154 => removed successfully
cpuz154 => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\Users\jdvor\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\jdvor\Downloads\adwcleaner.exe" => ":MBAM.Zone.Identifier" ADS not found.
C:\Users\jdvor\Downloads\FRST64.exe => ":MBAM.Zone.Identifier" ADS removed successfully
"C:\Users\jdvor\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2577581-77A2-4D9A-80BB-0A87A20389CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C0DD3E9-303E-4FE1-820D-8BCECC702147}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4F1CCDAE-89AD-4A9A-B358-DE900D9AB8B1}D:\forza\forza horizon 5\content\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8D2E3EF3-FD8C-4BFE-B1AC-78890AA23F57}D:\forza\forza horizon 5\content\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30AF7FF7-3517-448E-9062-76625DBB5DE1}D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{06705521-510E-4F21-8444-6BFA21D55E14}D:\forza\forza motorsport\content\forza_gaming.desktop.x64_release_final.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EA32ED3-30ED-4E66-AF60-682257A69E32}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0039B23-01A5-4BA8-ABCB-DB0E218A7645}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{83A5C59C-464A-4320-9407-F36ED75B87C0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F31BF5A-69D6-410D-AE90-EFEAFD8225F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BEFCABFB-AE96-46E8-9CC5-74D77F44EAD9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{838749B1-6F9C-46D5-B16D-C4892E3FB529}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5DA28A02-669C-4005-94C6-7944FE994E0E}C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7A75E073-567C-4D85-B4A2-28901F944808}C:\users\jdvor\downloads\fivem.app\data\cache\subprocess\fivem_chromebrowser" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5B3CFBD2-ECE5-411B-A276-CD03857E895C}E:\empirerp\server\fxserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{01810F33-14FD-4F44-9B6D-79C06D9FE532}E:\empirerp\server\fxserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8BCF4BF8-1F98-431E-98E3-FFC796066218}E:\devncrp\cfx\fxserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{44640721-FE44-4028-8FA4-BF87E76DE485}E:\devncrp\cfx\fxserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{588BCC65-DCC0-47C5-BFA6-778D6520294E}E:\devncrp\server\fxserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{09261A73-950B-4B57-909F-3ECB4B0489F2}E:\devncrp\server\fxserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F5D6CD92-AAE3-4079-85E9-8445AE06B4DD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{73DB19CB-45DE-41DD-87A4-3AB8AF8A1CC5}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{78DDF31C-B36F-415B-A0E2-DFD0DC76D0D1}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12795754 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1045219485 B
Windows/system/drivers => 18857555 B
Edge => 0 B
Chrome => 629996393 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7584 B
NetworkService => 51904 B
jdvor => 75111233 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-04-2024 12:32:20)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 12:32:20 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Divně chování PC (Zpomalené) prosím o pomoc

#4 Příspěvek od Rudy »

Smazáno. Zrychlil se chod?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:

Re: Divně chování PC (Zpomalené) prosím o pomoc

#5 Příspěvek od Andyfuk »

Nejspíš ano, jenom nějaká rada, jak tomu zase předejít? Děkuji mnohokrát za pomoc :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Divně chování PC (Zpomalené) prosím o pomoc

#6 Příspěvek od Rudy »

Občas PC vyčistit od zbytečností. Stačí, když použijete aplikaci vhodnou pro laiky - CCleaner: https://www.ccleaner.com/cs-cz/ccleaner ... gLIPvD_BwE . Nastavení v zásadě netřeba, postačí defaultní nastavení. Spusťte v okamžiku, kdy uvidíte, že se PC začíná zpomalovat. Nemaáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
Andyfuk
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 29 říj 2011 11:02
Kontaktovat uživatele:

Re: Divně chování PC (Zpomalené) prosím o pomoc

#7 Příspěvek od Andyfuk »

Děkuji mnohokrát, přeji krásný zbytek víkendu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Divně chování PC (Zpomalené) prosím o pomoc

#8 Příspěvek od Rudy »

Také vám hezký víkend a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno