Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
redregan
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 10 čer 2021 15:02

Preventivka

#1 Příspěvek od redregan »

Dobrý den, po delší době nějaká preventivka by se hodila.



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Kuba (administrator) on DESKTOP-QTVVQ9M (Micro-Star International Co., Ltd. MS-7B98) (09-01-2022 10:24:04)
Running from C:\Users\Kuba\Downloads
Loaded Profiles: Kuba
Platform: Microsoft Windows 10 Pro N Version 21H2 19044.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Discord Inc. -> Discord Inc.) C:\Users\Kuba\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(Chris Andriessen) [File not signed] D:\TaskbarX_1.7.1.0_x86\TaskbarX.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.mspaint_6.2105.4017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2>
(Nvidia Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
(Nvidia Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe <2>
(Nvidia Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(OpenVPN Technologies, Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe
(Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) D:\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\Run: [Steam] => D:\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\Run: [WallpaperEngine] => D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2703520 2021-12-12] (Skutta, Kristjan -> )
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [698328 2019-04-25] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\MountPoints2: {40899c8c-d9b2-11eb-bcce-2cf05d7c6f93} - "F:\autorun.exe"
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\MountPoints2: {d9c028d8-4555-11ec-bcfe-2cf05d7c6f93} - "G:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Achievement Watcher.lnk [2021-10-03]
ShortcutTarget: Achievement Watcher.lnk -> C:\Achievement Watcher\nw\nw.exe (Anthony Beaumont) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043D2194-ED36-4B17-8B03-EF6E5BDC2DCF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1641B846-18D0-4897-BC4B-F1155231CFD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-30] (Google LLC -> Google LLC)
Task: {213F78C6-C162-401B-A0B3-488F592E7BC9} - System32\Tasks\TaskbarX DESKTOP-QTVVQ9MKuba => D:\TaskbarX_1.7.1.0_x86\TaskbarX.exe [171008 2021-07-14] (Chris Andriessen) [File not signed]
Task: {31FD5537-FFE1-404B-BCC0-2ABBB999904F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {35B24FD1-0FB0-45A0-A692-3D761378DA58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-30] (Google LLC -> Google LLC)
Task: {385D434A-3461-4DA4-91AE-1A6A6FB59A9A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4C0BDE24-1A74-40FC-9F41-6BBFCF85C09F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {59B57392-0890-459E-83E5-2C4DA596F5E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61AC5F63-E4DC-47C6-99AD-BE8D39F94FB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63E2F0C9-601F-45FE-8150-1736B5934A60} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {677EA0A5-6933-42D0-AF5C-736BD6CA0563} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6E1F9083-3DFB-4B98-A84F-59D37A4FD31B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-11-30] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {79AACB05-B1D1-42EE-AB51-4AAC3DCCEA95} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {7CC17CC0-A340-4899-995A-041BB7BDBA87} - System32\Tasks\update-S-1-5-21-237910007-2860770382-811677678-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {7E40153A-9148-4CE7-AA70-71DCE7B803C1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8762B506-28F1-4575-AA98-A318B1C72C39} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CA226C1-4D04-4590-8A87-959107ECFAED} - System32\Tasks\Achievement Watcher Upgrade OnLogon => C:\Achievement Watcher\nw\nw.exe [3098112 2021-10-03] (Anthony Beaumont) [File not signed]
Task: {904F291C-F164-4D1D-A63E-9253AEB10720} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {94583E68-3A9D-4896-99A1-90512492F50B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {97216C44-5059-4AED-85BC-14A448ECF8DE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A75D544A-CE94-4BF9-B5CC-B105C2E1FB73} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B31038C8-4C17-4429-8C09-2E9BDF4E3C10} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2DC6999-7FB7-42BF-93F1-F5AACF60B99B} - System32\Tasks\Achievement Watcher Upgrade Daily => C:\Achievement Watcher\nw\nw.exe [3098112 2021-10-03] (Anthony Beaumont) [File not signed]
Task: {C93752FD-26DF-4155-B875-53B7B469AE4C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {CB30B7C8-E0DC-45A9-90C8-5E016A24D0ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF20B106-454A-4618-9917-669053754502} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D6A13C7E-FA85-493D-A3C7-2FC5A732506E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7B8FC3D-B826-4AA2-AA35-3FD15829D41B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F775776A-2414-4ED6-A18D-59A981BA9038} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-237910007-2860770382-811677678-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fd85a319-011d-4854-b79c-0bde86abb7ef}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\Kuba\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-08]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default [2022-01-09]
CHR Extension: (Prezentace) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-30]
CHR Extension: (BetterTTV) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-12-09]
CHR Extension: (7TV) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2021-12-22]
CHR Extension: (uBlock Origin) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-01-02]
CHR Extension: (Tampermonkey) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-12-28]
CHR Extension: (FrankerFaceZ) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2021-06-30]
CHR Extension: (Tabulky) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-30]
CHR Extension: (Return YouTube Dislike) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2021-12-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-24]
CHR Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2021-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-30]
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-12-21]
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812008 2022-01-04] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2022-01-05] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1955680 2021-07-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-07-28] (GOG Sp. z o.o. -> GOG.com)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-04-25] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-04-25] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-09-11] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-12-24] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320744 2021-11-30] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-16] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2021-01-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2021-01-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2021-06-17] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [37360 2019-04-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S4 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-01-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2021-12-21] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-09 10:24 - 2022-01-09 10:24 - 000022590 _____ C:\Users\Kuba\Downloads\FRST.txt
2022-01-09 10:23 - 2022-01-09 10:23 - 002311168 _____ (Farbar) C:\Users\Kuba\Downloads\FRST64.exe
2022-01-09 09:51 - 2022-01-09 09:52 - 000000000 ____D C:\Users\Kuba\Documents\Rockstar Games
2022-01-09 09:46 - 2022-01-09 09:46 - 000029680 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\wintun.sys
2022-01-09 09:44 - 2022-01-09 09:45 - 023950056 _____ (Proton Technologies AG) C:\Users\Kuba\Downloads\ProtonVPN_win_v1.24.2.exe
2022-01-09 09:43 - 2022-01-09 09:43 - 000005305 _____ C:\Users\Kuba\Downloads\us-free-03.protonvpn.com.udp.ovpn
2022-01-09 09:41 - 2022-01-09 09:41 - 000005305 _____ C:\Users\Kuba\Downloads\nl-free-05.protonvpn.com.udp.ovpn
2022-01-06 21:05 - 2022-01-06 21:05 - 000135705 _____ C:\Users\Kuba\Downloads\Věra Špinarová.pdf
2022-01-06 16:10 - 2022-01-06 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2022-01-06 16:10 - 2022-01-06 16:57 - 000000000 ____D C:\Program Files\KMSpico
2022-01-05 17:23 - 2022-01-05 17:23 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\EasyAntiCheat
2022-01-05 17:23 - 2022-01-05 17:23 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\Mediatonic
2022-01-05 17:22 - 2022-01-05 17:23 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2022-01-05 16:14 - 2022-01-05 16:14 - 000000000 ____D C:\Users\Kuba\Documents\Vlastní šablony Office
2022-01-05 15:10 - 2022-01-05 15:10 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Valve Corporation
2021-12-31 15:02 - 2021-12-31 15:02 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\Redbeet Interactive
2021-12-30 16:45 - 2021-12-30 16:45 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\Team17 Digital Limited
2021-12-25 16:43 - 2021-12-25 16:43 - 000007597 _____ C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
2021-12-24 13:35 - 2021-12-24 13:41 - 000000000 ____D C:\Users\Kuba\AppData\Local\Rockstar Games
2021-12-24 13:35 - 2021-12-24 13:35 - 000001924 _____ C:\Users\Kuba\Desktop\Rockstar Games Launcher.lnk
2021-12-23 22:13 - 2021-12-23 22:13 - 000000343 _____ C:\Users\Kuba\Desktop\Grand Theft Auto V.url
2021-12-22 14:48 - 2021-12-24 13:38 - 000000000 ____D C:\Program Files\Rockstar Games
2021-12-21 17:08 - 2021-12-22 14:28 - 000000000 ____D C:\ProgramData\Rockstar Games
2021-12-21 11:02 - 2021-12-21 11:02 - 000489368 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\wireguard.sys
2021-12-18 20:13 - 2021-12-18 20:13 - 000000617 _____ C:\Users\Kuba\Desktop\launcher – zástupce.lnk
2021-12-18 10:18 - 2021-12-24 13:38 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-12-16 20:31 - 2021-12-16 20:32 - 000000000 ____D C:\Users\Kuba\Documents\TrackMania
2021-12-16 20:31 - 2021-12-16 20:32 - 000000000 ____D C:\ProgramData\TrackMania
2021-12-16 19:57 - 2021-12-16 19:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-12-16 14:13 - 2021-12-16 14:13 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-16 14:06 - 2021-12-16 14:06 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-16 14:06 - 2021-12-16 14:06 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-16 14:06 - 2021-12-16 14:06 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-16 14:04 - 2021-12-16 14:04 - 000000000 ___HD C:\$WinREAgent
2021-12-15 09:59 - 2021-12-24 13:35 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2021-12-12 19:39 - 2021-12-12 19:39 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-237910007-2860770382-811677678-1001
2021-12-10 16:28 - 2021-12-10 16:28 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-10 15:32 - 2021-12-10 15:32 - 000000000 ____D C:\Users\Kuba\Documents\Skunkape Games

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-09 10:24 - 2021-08-08 14:01 - 000000000 ____D C:\FRST
2022-01-09 10:24 - 2021-06-30 14:03 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\discord
2022-01-09 10:23 - 2021-06-30 13:38 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-09 10:16 - 2021-06-30 13:30 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-09 10:07 - 2021-06-30 14:09 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-09 10:00 - 2021-08-21 17:29 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Proton Technologies AG
2022-01-09 10:00 - 2021-08-21 17:29 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2022-01-09 10:00 - 2021-06-30 14:08 - 000000000 ____D C:\WINDOWS\INF
2022-01-09 09:49 - 2021-06-30 14:03 - 000000000 ____D C:\Users\Kuba\AppData\Local\Discord
2022-01-08 20:10 - 2021-06-30 13:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-08 09:41 - 2021-06-30 14:09 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-08 09:41 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-08 09:41 - 2021-06-30 13:30 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-07 22:22 - 2021-06-30 13:53 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\vlc
2022-01-07 08:57 - 2021-06-30 13:39 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-07 08:57 - 2021-06-30 13:39 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-06 16:12 - 2021-06-30 14:13 - 000000000 ____D C:\WINDOWS\Panther
2022-01-05 16:16 - 2021-07-16 18:38 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-01-04 20:24 - 2021-11-04 20:04 - 000000000 ____D C:\Users\Kuba\Documents\American Truck Simulator
2022-01-04 19:39 - 2021-06-30 14:48 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Spotify
2022-01-04 14:18 - 2021-06-30 14:49 - 000000000 ____D C:\Users\Kuba\AppData\Local\Spotify
2022-01-03 17:40 - 2021-06-30 13:36 - 000000000 ____D C:\Users\Kuba\AppData\Local\Packages
2022-01-02 13:16 - 2021-06-30 14:10 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-02 13:16 - 2021-06-30 14:10 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-02 13:16 - 2021-06-30 13:35 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-02 13:09 - 2021-06-30 14:06 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-01-02 13:09 - 2021-06-30 13:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-02 13:09 - 2021-06-30 13:29 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-01 17:40 - 2021-06-30 19:32 - 000000000 ____D C:\Users\Kuba\Documents\Lightshot
2021-12-31 19:57 - 2021-07-04 15:32 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\uTorrent
2021-12-31 19:57 - 2021-06-30 15:17 - 000000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps
2021-12-31 15:03 - 2021-08-01 18:41 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\CreamAPI
2021-12-25 18:25 - 2021-06-30 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\NVIDIA Corporation
2021-12-25 17:06 - 2021-06-30 13:56 - 000000000 ____D C:\Users\Kuba\AppData\Local\PlaceholderTileLogoFolder
2021-12-24 13:09 - 2021-07-08 10:57 - 000000000 ____D C:\Users\Kuba\AppData\Local\ElevatedDiagnostics
2021-12-23 22:28 - 2021-06-30 13:36 - 000000000 ____D C:\Users\Kuba\AppData\Local\D3DSCache
2021-12-21 19:19 - 2021-06-30 13:55 - 000000000 ____D C:\Users\Kuba\Documents\My Games
2021-12-21 19:17 - 2021-08-13 15:52 - 000000000 ____D C:\WINDOWS\Minidump
2021-12-20 20:28 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-12-20 13:36 - 2021-06-30 14:31 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 13:36 - 2021-06-30 14:31 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 13:36 - 2021-06-30 14:31 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2021-12-20 13:36 - 2021-06-30 13:30 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-12-20 13:35 - 2021-06-30 14:31 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 13:35 - 2021-06-30 14:31 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 13:35 - 2021-06-30 14:31 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 13:35 - 2021-06-30 14:31 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 13:35 - 2021-06-30 14:31 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 13:35 - 2021-06-30 14:31 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 13:35 - 2021-06-30 14:31 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 13:35 - 2021-06-30 14:31 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-12-20 13:35 - 2021-06-30 14:31 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-18 11:09 - 2021-06-30 14:24 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-18 10:32 - 2021-10-08 19:05 - 000000000 ____D C:\Program Files\Epic Games
2021-12-16 14:13 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-16 14:13 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-16 14:13 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-16 14:13 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-16 14:13 - 2021-06-30 14:09 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-16 14:07 - 2021-06-30 14:06 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-16 14:04 - 2021-06-30 15:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-16 14:03 - 2021-06-30 15:31 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-16 10:55 - 2021-06-30 13:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-15 11:29 - 2021-08-11 15:33 - 002225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-12-15 11:29 - 2021-08-11 15:33 - 000217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-12-15 11:29 - 2021-08-11 15:33 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-12-15 11:28 - 2021-11-20 18:54 - 000116200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2021-12-15 11:28 - 2021-08-11 15:33 - 000333288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-12-15 11:28 - 2021-08-11 15:33 - 000197048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-12-15 11:28 - 2021-08-11 15:33 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-12-12 19:39 - 2021-06-30 13:37 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-237910007-2860770382-811677678-1001
2021-12-12 19:39 - 2021-06-30 13:34 - 000002374 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-11 21:50 - 2021-06-30 13:34 - 000000000 ____D C:\Users\Kuba
2021-12-11 08:48 - 2021-06-30 13:30 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 08:48 - 2021-06-30 13:30 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-10 16:33 - 2021-06-30 13:29 - 000295448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-10 16:32 - 2021-06-30 14:09 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-10 16:32 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-10 16:32 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-10 16:32 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-10 16:32 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-10 16:32 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-10 16:32 - 2021-06-30 14:09 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-12-10 16:10 - 2021-06-30 15:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-12-10 15:24 - 2021-06-30 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-12-10 15:08 - 2021-06-30 14:09 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories ========

2021-12-25 16:43 - 2021-12-25 16:43 - 000007597 _____ () C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
2021-06-30 19:28 - 2021-06-30 19:28 - 000000003 _____ () C:\Users\Kuba\AppData\Local\updater.log
2021-06-30 19:28 - 2021-06-30 19:28 - 000000424 _____ () C:\Users\Kuba\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================








Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Kuba (09-01-2022 10:24:48)
Running from C:\Users\Kuba\Downloads
Microsoft Windows 10 Pro N Version 21H2 19044.1415 (X64) (2021-06-30 12:31:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-237910007-2860770382-811677678-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-237910007-2860770382-811677678-503 - Limited - Disabled)
Guest (S-1-5-21-237910007-2860770382-811677678-501 - Limited - Disabled)
Kuba (S-1-5-21-237910007-2860770382-811677678-1001 - Administrator - Enabled) => C:\Users\Kuba
WDAGUtilityAccount (S-1-5-21-237910007-2860770382-811677678-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Achievement Watcher (HKLM\...\{2D4560A4-D5A2-4087-9717-E188CE329E97}}_is1) (Version: 1.6.5 - Anthony Beaumont)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.4.100.1025 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\BlueStacks X) (Version: 0.12.1.8 - BlueStack Systems, Inc.)
CPUID HWMonitor 1.45 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.45 - CPUID, Inc.)
Discord (HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC)
Growtopia (remove only) (HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\Growtopia) (Version: - )
HWiNFO64 Version 7.06 (HKLM\...\HWiNFO64_is1) (Version: 7.06 - Martin Malik - REALiX)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30401 (HKLM-x32\...\{5c60218e-5f7e-4eb5-ad7a-31892b4efe8d}) (Version: 14.30.30401.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30401 (HKLM-x32\...\{a5d3c0bc-cb02-4196-9d18-27d3c9a8a961}) (Version: 14.30.30401.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 3 - MSI Co., LTD)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.9 - Notepad++ Team)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenVPN 2.4.7-I607-Win10 (HKLM\...\OpenVPN) (Version: 2.4.7-I607-Win10 - OpenVPN Technologies, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rockstar Games Launcher (HKLM\...\Rockstar Games Launcher) (Version: 1.0.53.576 - Rockstar Games)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.53.576 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Spotify (HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\Spotify) (Version: 1.1.74.631.g0b24d9ad - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.23.3 (HKLM\...\TAP-Windows) (Version: 9.23.3 - OpenVPN Technologies, Inc.)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 125.1.10585 - Ubisoft)
Vzum (HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\6cfa0c5674100ff8) (Version: 1.0.0.40 - Vzum)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-10] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-22] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-09-22] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2021-12-17] (Realtek Semiconductor Corp)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.106.3544.2_x64__8wekyb3d8bbwe [2021-12-07] (ms-resource:PublisherDisplayName)
Windbg Preview -> C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe [2021-11-13] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-237910007-2860770382-811677678-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-01-21 11:23 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] D:\Steam\bin\cef\cef.win7x64\libcef.dll
2020-01-21 11:23 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] D:\Steam\bin\cef\cef.win7x64\libegl.dll
2020-01-21 11:23 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] D:\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-01-21 11:23 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-30 14:09 - 2021-12-15 19:26 - 000001052 _____ C:\WINDOWS\system32\drivers\etc\hosts
178.79.242.83 patches.rockstargames.com
178.79.242.83 prod.cloud.rockstargames.com
178.79.242.83 cdn.sc.rockstargames.com
178.79.242.83 a.rsg.sc
178.79.242.83 rsgames-2.hs.llnwd.net
104.255.105.71 socialclub.rockstargames.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-237910007-2860770382-811677678-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Achievement Watcher.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\StartupApproved\Run: => "Proxifier"
HKU\S-1-5-21-237910007-2860770382-811677678-1001\...\StartupApproved\Run: => "com.squirrel.PacketStream.PacketStream"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{F67B3716-7D41-4DFD-B244-39644DACC286}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{2A6363CB-1895-435E-BD08-27BBD981178C}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{5FA66C46-2FB0-4815-A1DC-44238846BE89}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{BB45E12F-4150-4621-8F4B-67316DD032E5}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{343FEECE-8EE2-4432-87B0-4AFAD791F4A5}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CD1496E1-2A82-4E7C-97C3-2D8BFA76CC96}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{E3EC78BF-F0E1-4868-9042-BD217FF51394}D:\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [UDP Query User{737408B3-B024-42CE-ACF1-CB25C363AFD0}D:\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{2B0F95B6-F8A7-46D6-A0C1-D50ABC3363AC}] => (Allow) C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{A1D3946A-739C-4686-A01A-F984DE28BDF2}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{386A35D1-41D0-4FDC-8C99-8FC6871C1D2A}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{012725F4-443B-467A-A0BA-53D98370B597}] => (Allow) D:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{7C661C0F-1329-45A3-8164-BF81969A6146}] => (Allow) D:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BA0FA8B9-35F8-43FE-86BD-1A474E853199}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{FB160F5B-54CA-45CB-8257-3BA58DD407D2}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{77C63EF8-4979-4B16-A4BF-84351338FA71}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{2D0D2F61-E6DA-4F9E-B23A-36A0704A7F77}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{344A595A-FE42-42A1-8804-9EE101D70B3C}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{0455078D-D753-4004-B614-744071EEA0A8}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{33EAB0FC-1AAE-406D-B630-4D4DB43E16E6}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{3371CAEB-4195-4877-BB8E-1C06BA06CCF6}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{17C00E16-1073-44D2-8EE2-840AFEE368E2}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{5C2B3F94-0812-4B65-B837-F8BCD92456BA}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{62545B85-D4DF-4593-9EB9-068AE56D9AB5}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{5ADD93CB-A57F-4AB7-AA35-8CCA1F5A06B2}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1FF1B2A6-8373-41BF-B0DF-46ED063D9FA1}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{7FF45E99-BA97-43F1-8350-B174700DACFE}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{36FD6786-775D-405E-85FC-ACF99E4191C7}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuysGameLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{57309853-C2CC-4C58-BF9D-5B1AEE734323}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuysGameLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{05AC1971-4B5B-4528-9FEB-BD49450C4CFB}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe => No File
FirewallRules: [{74FD7D6D-2E71-4D4A-ABA0-B1B0B55FEE40}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe => No File
FirewallRules: [{7CE2675C-BBA2-40C8-B92C-0EE8CF611120}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

21-12-2021 11:01:23 Installed ProtonVPN
30-12-2021 14:59:16 Naplánovaný kontrolní bod
08-01-2022 16:38:47 Naplánovaný kontrolní bod
09-01-2022 09:46:02 Installed ProtonVPN

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/09/2022 10:17:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GTA5.exe verze 1.0.2545.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 32e8

Čas spuštění: 01d80539944f8269

Čas ukončení: 4294967295

Cesta k aplikaci: D:\GTAV\GTA5.exe

ID hlášení: 7a3e0945-84b6-458a-ada5-14d7fd24d325

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (01/09/2022 09:56:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GTA5.exe verze 1.0.2545.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 24e8

Čas spuštění: 01d80536898c243c

Čas ukončení: 4294967295

Cesta k aplikaci: D:\GTAV\GTA5.exe

ID hlášení: e36ec058-6309-42e8-8a69-5ff9783f6353

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (01/09/2022 09:43:19 AM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/07/2022 09:52:58 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-QTVVQ9M)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/07/2022 08:34:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program vegas180.exe verze 18.0.0.284 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 36b8

Čas spuštění: 01d803f3fd484080

Čas ukončení: 14

Cesta k aplikaci: E:\vegas\vegas180.exe

ID hlášení: ea753662-3391-428c-b1a4-a0674965af22

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (01/07/2022 06:06:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program vegas180.exe verze 18.0.0.284 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2220

Čas spuštění: 01d803e82a3a9631

Čas ukončení: 11

Cesta k aplikaci: E:\vegas\vegas180.exe

ID hlášení: aefccfb7-fe2c-48f5-a05d-d19c0d1470fa

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (01/07/2022 06:00:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program vegas180.exe verze 18.0.0.284 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: ca0

Čas spuštění: 01d803e7dad51973

Čas ukončení: 17

Cesta k aplikaci: E:\vegas\vegas180.exe

ID hlášení: 1c8805e3-1911-4ddd-9848-d8658f29d6e2

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (01/07/2022 10:07:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program vegas180.exe verze 18.0.0.284 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2138

Čas spuštění: 01d8039de432e83e

Čas ukončení: 18

Cesta k aplikaci: E:\vegas\vegas180.exe

ID hlášení: 18f4cdb3-81f6-40f2-92b7-c2f583d39658

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown


System errors:
=============
Error: (01/09/2022 10:00:42 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{FD85A319-011D-4854-B79C-0BDE86ABB7EF}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (01/09/2022 10:00:42 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{FD85A319-011D-4854-B79C-0BDE86ABB7EF}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (01/05/2022 06:19:32 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (01/05/2022 06:19:32 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (01/05/2022 06:19:31 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (01/05/2022 05:23:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Epic Online Services byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/30/2021 10:52:59 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (12/29/2021 06:29:23 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.


Windows Defender:
================
Date: 2022-01-06 16:56:44
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win64/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Program Files\KMSpico\Service_KMS.exe; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.exe]; file:_C:\WINDOWS\SECOH-QAD.dll; file:_C:\WINDOWS\SECOH-QAD.exe; service:_Service KMSELDI
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.355.1499.0, AS: 1.355.1499.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18800.4, NIS: 0.0.0.0

Date: 2022-01-06 16:56:44
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Program Files\KMSpico\Service_KMS.exe; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x86.dll]; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x86.exe]; service:_Service KMSELDI
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.355.1499.0, AS: 1.355.1499.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18800.4, NIS: 0.0.0.0

Date: 2022-01-06 16:56:44
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:MSIL/AutoKms
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\AutoPico.exe; file:_C:\Program Files\KMSpico\KMSELDI.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk; file:_C:\WINDOWS\System32\Tasks\AutoPico Daily Restart->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9440C9E9-06A6-403D-8B44-86E4C631EE4D}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoPico Daily Restart; uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.355.1499.0, AS: 1.355.1499.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18800.4, NIS: 0.0.0.0

Date: 2022-01-06 16:08:25
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS!rfn
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_D:\-Franky Windows 10 Activator\-Franky Windows 10 Activator\KMSpico Install\KMSpico_setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-QTVVQ9M\Kuba
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.355.1447.0, AS: 1.355.1447.0, NIS: 1.355.1447.0
Verze modulu: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-06 16:08:25
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS!rfn
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_D:\-Franky Windows 10 Activator\-Franky Windows 10 Activator\KMSpico Install\KMSpico_setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-QTVVQ9M\Kuba
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.355.1447.0, AS: 1.355.1447.0, NIS: 1.355.1447.0
Verze modulu: AM: 1.1.18800.4, NIS: 1.1.18800.4

CodeIntegrity:
===============
Date: 2021-12-10 15:07:23
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.A0 06/10/2020
Motherboard: Micro-Star International Co., Ltd. Z390-A PRO (MS-7B98)
Processor: Intel(R) Core(TM) i7-9700K CPU @ 3.60GHz
Percentage of memory in use: 17%
Total physical RAM: 32702.47 MB
Available physical RAM: 26928.3 MB
Total Virtual: 37566.47 MB
Available Virtual: 30293.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.16 GB) (Free:350.18 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:110.68 GB) NTFS
Drive e: () (Fixed) (Total:447.13 GB) (Free:386.71 GB) NTFS

\\?\Volume{8f217c26-9674-4df5-81fd-bd6a1a813d08}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{5524856d-b629-455d-b03c-f95b0b660b92}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1B88793C)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 338F2852)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 83056731)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka

#2 Příspěvek od Diallix »

Dorý deň.

Vložte sem, prosím aj Addition log
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět