Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Martinus
Návštěvník
Návštěvník
Příspěvky: 82
Registrován: 28 bře 2006 15:59

Prosím o kontrolu logu

#1 Příspěvek od Martinus »

Dobrý den,
prosím o kontrolu logu, počítač je čím dál tím víc pomalejší :?:

Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Ran by zeidl (administrator) on DESKTOP-2O519MS (ASUSTeK COMPUTER INC. X756UB) (08-02-2022 10:38:19)
Running from C:\Users\zeidl\Desktop
Loaded Profiles: zeidl
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe <2>
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Discord Inc. -> Discord Inc.) C:\Users\zeidl\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\54.0.3.0\crashpad_handler.exe <2>
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe <6>
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\x40plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <28>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [604496 2017-11-24] (Conexant Systems LLC -> Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802072 2022-01-29] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\MountPoints2: {5e2e4fcd-500a-11eb-8ab3-74c63b048505} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\MountPoints2: {7828296d-089a-11ec-8ad0-74c63b048505} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\Windows\system32\hpzlllhn.dll [48640 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk [2018-08-25]
ShortcutTarget: Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00421254-0677-4EBF-9DBA-99CF8942E0E3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2539864 2022-01-29] (Overwolf Ltd -> Overwolf LTD)
Task: {02B4DB22-9591-4355-AED3-1469593E528D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [File not signed]
Task: {19791FCA-F1D1-4266-88AC-4A5266702E3D} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsnotify.exe [513896 2015-11-30] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {3D3FBEAD-31C9-4C90-A7D9-C57BE1B5A78D} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {640CE461-1E19-4ACB-8444-8D70F57D4A52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {67C55F0C-E9DA-40F2-92D8-6B05AF96435C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {6A9F75C5-9A91-4631-AF6A-3B17ACF66BA8} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {6BD9D854-CB59-434E-B331-E0429BAB9CDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\ASUS Smart Gesture Launcher" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\ASUS Splendid ACMON" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\ASUS USB Charger Plus" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\ATK Package 36D18D69AFC3" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\ATK Package A22126881260" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d7191dcd8b65c2" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-397073922-2315547580-162950297-1001" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\TrackerAutoUpdate" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Update Checker" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\WpsNotifyTask_Administrator" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\WpsUpdateTask_Administrator" /ENABLE
Task: {7B800070-F14D-44F8-BD23-7E1AD1CD5A62} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {80B32C14-400A-4769-AC1C-971E4137163A} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1390472 2019-10-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {81E0CC85-352B-45AA-868A-5FD51369C3DA} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {85C0A55A-DF51-4B2D-9303-66ACF6D8465A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89AEE3FD-4D32-416E-B26D-ADCF721561C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8A14D155-ABC3-41C1-B7BD-53119635C2A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-30] (Google Inc -> Google LLC)
Task: {A4BD7A70-7B1B-4584-A212-F2086CBC2129} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdate.exe [480616 2015-11-30] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {ACAEFA6F-04F2-4306-B672-30E5755BFC5D} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [149712 2021-10-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {B5DEF1A3-2C27-48A1-98DD-63A728CB462D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {B9445428-B946-491C-978E-191E75F8FDA6} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed]
Task: {C084BE0B-9E52-4749-8FE5-8D0DF119B94B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-30] (Google Inc -> Google LLC)
Task: {C93D859B-2418-4789-91BA-282F42E65696} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-12-18] (ASUSTeK Computer Inc. -> AsusTek)
Task: {E0CD16EF-9737-425E-BAAC-F0BEBB66C416} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {E7B08464-F22C-4D09-8788-00004CB3656D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F94EA22E-72E4-4FE4-BD63-C1C3AEF7A11C} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5118ab69-d1dc-47ad-9cab-bf8e1c9a19b8}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{5118ab69-d1dc-47ad-9cab-bf8e1c9a19b8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c4dffb0b-9d7d-4079-8118-6f0b6e87086a}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\zeidl\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-30]

FireFox:
========
FF DefaultProfile: jiedt4d7.default-1527194852306
FF ProfilePath: C:\Users\zeidl\AppData\Roaming\Mozilla\Firefox\Profiles\jiedt4d7.default-1527194852306 [2022-02-08]
FF Notifications: Mozilla\Firefox\Profiles\jiedt4d7.default-1527194852306 -> hxxps://steamcommunity.com
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
FF Plugin HKU\S-1-5-21-397073922-2315547580-162950297-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Default [2021-04-15]
CHR StartupUrls: Default -> "hxxps://www.youtube.com/"
CHR Extension: (Prezentace) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-30]
CHR Extension: (Disk Google) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-23]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-04-15]
CHR Extension: (Tabulky) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-15]
CHR Profile: C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-30]
CHR Extension: (Slides) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-01]
CHR Extension: (Docs) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-01]
CHR Extension: (Google Drive) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-01]
CHR Extension: (YouTube) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-01]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-01]
CHR Extension: (Sheets) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-01]
CHR Extension: (Google Docs Offline) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-01]
CHR Extension: (Avast Online Security) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-03-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-01]
CHR Extension: (Gmail) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-01]
CHR Profile: C:\Users\zeidl\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-30]
CHR HKU\S-1-5-21-397073922-2315547580-162950297-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-14] (Epic Games Inc. -> Epic Games, Inc.)
S2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [829080 2015-06-11] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2022-01-30] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-07-24] (GOG Sp. z o.o. -> GOG.com)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdatesvr.exe [133480 2015-11-30] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-18] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-18] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2539864 2022-01-29] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2019-08-13] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-16] (Rockstar Games, Inc. -> Rockstar Games)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [141304 2015-12-18] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 excfs; C:\WINDOWS\System32\DRIVERS\excfs.sys [25752 2015-06-11] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R0 excsd; C:\WINDOWS\System32\DRIVERS\excsd.sys [117912 2015-06-11] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-08 10:38 - 2022-02-08 10:44 - 000031455 _____ C:\Users\zeidl\Desktop\FRST.txt
2022-02-08 10:35 - 2022-02-08 10:35 - 002311680 _____ (Farbar) C:\Users\zeidl\Desktop\FRST64.exe
2022-02-04 19:16 - 2022-02-04 19:16 - 000001165 _____ C:\Users\Public\Desktop\LibreOffice 7.3.lnk
2022-02-04 19:16 - 2022-02-04 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.3
2022-02-04 19:06 - 2022-02-04 19:07 - 347979776 _____ C:\Users\zeidl\Downloads\LibreOffice_7.3.0_Win_x64.msi
2022-02-02 11:39 - 2022-02-02 11:39 - 000000000 ____D C:\Users\zeidl\AppData\LocalLow\RubberBandGames
2022-01-30 17:14 - 2022-01-30 17:14 - 000000000 ____D C:\Users\zeidl\AppData\LocalLow\StudioClangore
2022-01-30 16:53 - 2022-01-30 16:53 - 000000000 ____D C:\Users\zeidl\AppData\LocalLow\DIGIDICED
2022-01-30 16:49 - 2022-01-30 16:49 - 000000222 _____ C:\Users\zeidl\Desktop\Patchwork.url
2022-01-30 15:35 - 2022-01-30 15:35 - 000001189 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Live Update.lnk
2022-01-30 15:35 - 2022-01-30 15:35 - 000000222 _____ C:\Users\zeidl\Desktop\Prison Architect.url
2022-01-28 15:11 - 2022-01-28 15:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-25 19:17 - 2022-01-26 15:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-01-25 15:14 - 2022-01-25 15:14 - 000719831 _____ C:\Users\zeidl\Downloads\Platba k úhradě.pdf.pdf
2022-01-24 16:22 - 2022-01-24 16:22 - 000000000 ____D C:\Users\zeidl\AppData\LocalLow\Nomad Games
2022-01-23 14:51 - 2022-01-23 14:51 - 000000222 _____ C:\Users\zeidl\Desktop\Dead Man's Draw.url
2022-01-22 16:24 - 2022-01-22 16:24 - 000000000 ____D C:\Users\zeidl\AppData\Roaming\SCP Secret Laboratory
2022-01-17 09:53 - 2022-01-17 09:53 - 000000222 _____ C:\Users\zeidl\Desktop\Little Racers STREET.url
2022-01-17 09:53 - 2022-01-17 09:53 - 000000222 _____ C:\Users\zeidl\Desktop\Lichdom Battlemage.url
2022-01-16 10:12 - 2022-01-16 10:12 - 000001526 _____ C:\Users\zeidl\Downloads\priloha_989199472_0_DetailZpravy.html
2022-01-14 19:47 - 2022-01-14 19:47 - 000000000 ____D C:\Users\zeidl\curseforge
2022-01-14 17:08 - 2022-01-14 17:08 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-14 17:08 - 2022-01-14 17:08 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-14 17:08 - 2022-01-14 17:08 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-14 16:14 - 2022-01-14 16:14 - 000000000 ___HD C:\$WinREAgent
2022-01-13 19:52 - 2022-01-14 20:32 - 000002319 _____ C:\Users\zeidl\Desktop\CurseForge.lnk
2022-01-13 19:52 - 2022-01-13 19:52 - 000004382 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2022-01-13 19:52 - 2022-01-13 19:52 - 000000000 ____D C:\Users\zeidl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2022-01-13 19:51 - 2022-02-02 11:52 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-01-13 19:51 - 2022-01-13 19:52 - 000000000 ____D C:\ProgramData\Overwolf
2022-01-13 16:45 - 2022-01-14 20:32 - 000000000 ____D C:\Users\zeidl\AppData\Local\Overwolf
2022-01-13 16:43 - 2022-01-13 16:43 - 001472600 _____ (Overwolf Ltd.) C:\Users\zeidl\Downloads\CurseForge - Installer.exe
2022-01-09 16:51 - 2022-01-09 17:23 - 000000000 ____D C:\Users\zeidl\AppData\Roaming\obs-studio
2022-01-09 16:50 - 2022-01-09 16:50 - 000001054 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2022-01-09 16:50 - 2022-01-09 16:50 - 000000000 ____D C:\ProgramData\obs-studio-hook
2022-01-09 16:50 - 2022-01-09 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2022-01-09 16:50 - 2022-01-09 16:50 - 000000000 ____D C:\Program Files\obs-studio

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-08 10:46 - 2018-05-26 15:05 - 000000000 ____D C:\Users\zeidl\AppData\Roaming\discord
2022-02-08 10:44 - 2018-05-24 21:58 - 000000000 ____D C:\Program Files (x86)\Steam
2022-02-08 10:43 - 2020-04-19 08:55 - 000000000 ____D C:\FRST
2022-02-08 10:36 - 2019-05-30 10:38 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-08 10:22 - 2018-05-26 15:05 - 000000000 ____D C:\Users\zeidl\AppData\Local\Discord
2022-02-08 09:24 - 2016-11-16 13:16 - 000000000 ____D C:\Users\zeidl\AppData\LocalLow\Mozilla
2022-02-08 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-08 09:19 - 2019-01-30 15:12 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-08 09:16 - 2018-05-24 11:33 - 000000165 _____ C:\Users\zeidl\AppData\Roaming\sp_data.sys
2022-02-08 01:46 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-07 22:00 - 2021-03-14 22:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-05 07:14 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-05 07:11 - 2020-06-10 21:18 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-05 07:11 - 2020-06-10 21:18 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-04 19:15 - 2021-10-06 17:51 - 000000000 ____D C:\Program Files\LibreOffice
2022-02-04 14:41 - 2021-02-10 17:56 - 000000037 _____ C:\Users\zeidl\Desktop\Karak.txt
2022-02-03 06:53 - 2018-11-16 11:29 - 000000000 ____D C:\Users\zeidl\AppData\Local\D3DSCache
2022-02-02 22:27 - 2021-09-03 21:33 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-02-02 22:27 - 2021-09-03 21:33 - 000001901 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-02-02 22:27 - 2021-09-03 21:33 - 000001901 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-02-02 22:27 - 2021-09-03 21:33 - 000001889 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-02-02 11:06 - 2018-05-24 23:08 - 000000000 ____D C:\Users\zeidl\AppData\Roaming\vlc
2022-02-01 11:49 - 2016-07-09 15:01 - 000000000 ____D C:\Test
2022-01-30 17:49 - 2020-07-06 15:11 - 000000000 ____D C:\Users\zeidl\Desktop\Deskové hry
2022-01-30 17:13 - 2016-07-08 19:49 - 000000000 ____D C:\Users\zeidl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-01-30 16:46 - 2018-12-19 19:25 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2022-01-30 16:36 - 2018-08-16 16:19 - 000000000 ____D C:\Users\zeidl\AppData\Roaming\Origin
2022-01-30 16:36 - 2018-08-16 16:19 - 000000000 ____D C:\ProgramData\Origin
2022-01-30 16:35 - 2015-11-30 18:32 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-01-30 16:32 - 2020-03-01 09:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terraria [GOG.com]
2022-01-30 16:27 - 2018-08-16 16:27 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-01-30 16:24 - 2018-08-16 16:22 - 000000000 ____D C:\Program Files (x86)\Origin
2022-01-30 16:24 - 2018-08-16 16:19 - 000000000 ____D C:\Users\zeidl\AppData\Local\Origin
2022-01-30 16:22 - 2018-12-17 19:18 - 000000000 ____D C:\Users\zeidl\AppData\Local\Ubisoft Game Launcher
2022-01-30 15:34 - 2021-03-14 23:15 - 000003980 _____ C:\WINDOWS\system32\Tasks\Update Checker
2022-01-30 15:34 - 2019-03-29 19:49 - 000000000 ____D C:\ProgramData\ASUS
2022-01-30 15:34 - 2015-11-30 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2022-01-28 16:50 - 2021-10-09 10:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-28 16:49 - 2018-05-24 21:47 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-26 15:08 - 2021-04-12 21:40 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7191dcd8b65c2
2022-01-26 15:08 - 2021-03-14 23:15 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-23 14:46 - 2020-04-10 09:53 - 000000000 ____D C:\Users\zeidl\AppData\Local\DeadMansDraw
2022-01-21 22:48 - 2021-03-14 23:15 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 22:48 - 2021-03-14 23:15 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 08:09 - 2019-05-30 10:39 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-18 08:07 - 2018-09-24 14:15 - 000000000 ____D C:\Users\zeidl\AppData\Local\CrashDumps
2022-01-16 09:19 - 2018-05-24 21:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-16 09:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-14 20:37 - 2018-05-24 22:45 - 000000000 ____D C:\Users\zeidl\AppData\Roaming\.minecraft
2022-01-14 19:47 - 2021-03-14 02:24 - 000000000 ____D C:\Users\zeidl
2022-01-14 17:30 - 2021-03-14 23:04 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-14 17:30 - 2019-12-07 15:41 - 000719322 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-14 17:30 - 2019-12-07 15:41 - 000145448 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-14 17:27 - 2018-05-24 11:33 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2022-01-14 17:24 - 2016-07-08 15:26 - 000000000 __SHD C:\Users\zeidl\IntelGraphicsProfiles
2022-01-14 17:23 - 2018-05-24 11:04 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-14 17:21 - 2021-03-14 23:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-14 17:21 - 2021-03-14 22:46 - 000469472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-14 17:21 - 2021-03-14 22:46 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-14 17:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-14 17:20 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-14 17:18 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 17:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 17:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 17:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 17:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 17:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 17:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-14 17:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-14 16:01 - 2018-05-25 09:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-14 15:38 - 2018-05-25 09:12 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2020-05-16 21:59 - 2020-05-16 21:59 - 042886902 _____ () C:\Users\zeidl\AppData\Roaming\gta5_patch.bin
2020-05-16 21:59 - 2020-05-16 21:59 - 000332800 _____ () C:\Users\zeidl\AppData\Roaming\patcher.dll
2018-05-24 11:33 - 2022-02-08 09:16 - 000000165 _____ () C:\Users\zeidl\AppData\Roaming\sp_data.sys
2021-12-17 20:59 - 2021-12-17 20:59 - 000000000 _____ () C:\Users\zeidl\AppData\Local\D2803C.tmp
2019-05-12 09:03 - 2019-05-12 09:03 - 000000000 _____ () C:\Users\zeidl\AppData\Local\D29FC3.tmp
2018-08-16 14:15 - 2018-08-18 06:12 - 000006144 _____ () C:\Users\zeidl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by zeidl (08-02-2022 10:46:42)
Running from C:\Users\zeidl\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2021-03-14 22:15:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-397073922-2315547580-162950297-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-397073922-2315547580-162950297-503 - Limited - Disabled)
Guest (S-1-5-21-397073922-2315547580-162950297-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-397073922-2315547580-162950297-504 - Limited - Disabled)
zeidl (S-1-5-21-397073922-2315547580-162950297-1001 - Administrator - Enabled) => C:\Users\zeidl

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{7BCB15FE-CC5D-4C6D-B1C6-B0AF74EE09E0}) (Version: 20.6.20117.44471 - Alcor Micro Corp.)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.15 - ASUSTeK COMPUTER INC.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.120 - ICEpower a/s)
AutoHotkey 1.1.32.00 (HKLM\...\AutoHotkey) (Version: 1.1.32.00 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.50.0 - Bethesda Softworks)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BurnAware Free 12.9 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.7.32 - Canon Inc.)
Canon Utilities Map Utility (HKLM-x32\...\Map Utility Parent) (Version: 1.8.2.3 - Canon Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.95.69 - Conexant)
CrystalDiskInfo 8.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.3.0 - Crystal Dew World)
CurseForge (HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.190.3.1 - Overwolf app)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Diablo (HKLM-x32\...\1412601690_is1) (Version: 1.09 Hellfire v2 - GOG.com)
Diablo II (HKLM-x32\...\Diablo II) (Version: 0.0.0.0 - Blizzard Entertainment)
Discord (HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\Discord) (Version: 0.0.310 - Discord Inc.)
eObčanka (HKLM\...\{45F6BE7F-4C79-4E99-A6C8-63919DFF6F87}) (Version: 3.1.1.19123 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
Epic Games Launcher (HKLM-x32\...\{19BC09B5-F319-4A61-A878-475E7F7054EA}) (Version: 1.1.195.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
ExpressCache (HKLM\...\{F19137D8-2E93-4043-9634-4D44E7EFE889}) (Version: 1.3.118.0 - Condusiv Technologies)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 55.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Heroes of Might and Magic 4 Complete (HKLM-x32\...\1207658915_is1) (Version: 3.0 - GOG.com)
Heroes of Might and Magic III Complete (HKLM-x32\...\Heroes of Might and Magic III Complete) (Version: - )
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7325 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.3.0.3 (HKLM\...\{8113FFA7-4CB7-4855-A319-1DB2A7FB9733}) (Version: 7.3.0.3 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{6a3b46d3-fbf1-4b22-8b42-48b675de6b81}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MiniTool Partition Wizard Free 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 96.0.3 (x64 cs)) (Version: 96.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 96.0.3.8061 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 91.5.1 (x86 cs)) (Version: 91.5.1 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.190.0.12 - Overwolf Ltd.)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd)
Playnite (HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\Playnite_is1) (Version: 6.5 - Josef Nemec)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Stardew Valley Česky verze 0.7 (HKLM-x32\...\{50E086FD-BE8D-4271-B791-C7ECD2567FB8}_is1) (Version: 0.7 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Panthers World At War v8.20 (HKLM-x32\...\spwawv820Public) (Version: - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: v1.4.3.2 - GOG.com)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\1207658930_is1) (Version: 3.5.0.26 - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 77.1 - Ubisoft)
UNO (HKLM-x32\...\Uplay Install 3352) (Version: - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VASSAL 3.5.7 (HKLM\...\VASSAL 3.5.7) (Version: 3.5.7 - vassalengine.org)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows Driver Package - ASUS (AsusSGDrv) Mouse (11/11/2015 8.0.0.23) (HKLM\...\FF0137EA2940E916D51DA702B6425126CC7C89BF) (Version: 11/11/2015 8.0.0.23 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.2 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5178 - Kingsoft Corp.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.11.277.0_x64__rz1tebttyb220 [2022-01-22] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-14] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.18.203.0_x64__8wekyb3d8bbwe [2021-12-12] (Microsoft Studios)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-27] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-24] (Netflix, Inc.)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2021-06-24] (TripAdvisor LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxDTCM.dll [2019-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.iv50] => C:\WINDOWS\SysWOW64\ir50_32original.dll [746496 2019-12-07] (Microsoft Windows -> Intel Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\zeidl\Desktop\Martin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\zeidl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Jakub (Kuba) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2015-08-25 10:40 - 2015-08-25 10:40 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2018-09-14 18:23 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-09-14 18:23 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-09-14 18:23 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-05-24 22:00 - 2014-04-09 05:25 - 000071680 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssmp3.asi
2018-05-24 22:00 - 2014-04-09 05:25 - 000153088 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssvoice.asi
2021-10-14 11:33 - 2021-10-14 11:33 - 000372736 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\44ce21c1c56741e3ce97cf172ca30e92\Interop.CxHDAudioAPILib.ni.dll
2021-10-14 11:33 - 2021-10-14 11:33 - 000018944 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 001680384 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000178688 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000164864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2016-03-24 10:12 - 2018-03-13 10:21 - 001173504 _____ (Conexant Systems, Inc.) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2018-05-24 22:00 - 2014-05-03 02:16 - 000440320 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mss32.DLL
2018-05-24 22:00 - 2014-04-09 05:25 - 000055296 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mssdsp.flt
2018-09-14 18:23 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2020-07-19 06:49 - 2021-09-21 14:41 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-07-19 06:49 - 2021-09-21 14:41 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-07-19 06:49 - 2021-09-21 14:41 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-01-30 16:23 - 2021-09-21 14:41 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-01-30 16:23 - 2021-09-21 14:41 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-01-30 16:23 - 2021-09-21 14:41 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-01-30 16:23 - 2021-09-21 14:41 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-01-30 16:23 - 2021-09-21 14:41 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-01-30 16:23 - 2021-09-21 14:41 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [270]
AlternateDataStreams: C:\ProgramData\TEMP:AD81D29D [243]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-397073922-2315547580-162950297-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-397073922-2315547580-162950297-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-397073922-2315547580-162950297-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2019-01-04 14:50 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Condusiv Technologies\ExpressCache\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-397073922-2315547580-162950297-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\ASUS\wallpapers\ASUS.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{42A84051-FB27-4A41-88C1-0AD5613D098E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splendor\Splendor.exe () [File not signed]
FirewallRules: [{74445BBF-0199-4922-812E-DEC262577A8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splendor\Splendor.exe () [File not signed]
FirewallRules: [{9B171771-970B-4F92-82D4-2CE541EA16DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pandemic\Pandemic.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{CF1F0652-6703-49EE-A745-48434ED89177}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pandemic\Pandemic.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{B1DA7356-2855-4712-9759-66B0A1BD1C53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraforming Mars\TerraformingMars.exe () [File not signed]
FirewallRules: [{3193FC02-DEFD-4449-BEE9-40C55115AA5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraforming Mars\TerraformingMars.exe () [File not signed]
FirewallRules: [{F965040C-6B07-402B-83B4-9A4FEF640987}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{8DC632DB-514C-4092-AFA2-E197A69883FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{38A01F05-0974-46BE-9917-F4C9124F9246}] => (Block) C:\program files\epic games\darkestdungeon\_windowsnosteam\darkest.exe () [File not signed]
FirewallRules: [{A3A8024B-3B60-44BF-98DF-2458AD10E536}] => (Block) C:\program files\epic games\darkestdungeon\_windowsnosteam\darkest.exe () [File not signed]
FirewallRules: [UDP Query User{7BEDB4D2-D4A3-4CE1-B114-008A05CF6D50}C:\program files\epic games\darkestdungeon\_windowsnosteam\darkest.exe] => (Allow) C:\program files\epic games\darkestdungeon\_windowsnosteam\darkest.exe () [File not signed]
FirewallRules: [TCP Query User{93035673-B60E-4F31-AA12-AE79931F01A0}C:\program files\epic games\darkestdungeon\_windowsnosteam\darkest.exe] => (Allow) C:\program files\epic games\darkestdungeon\_windowsnosteam\darkest.exe () [File not signed]
FirewallRules: [{765C0997-2D5A-44BF-98B0-08135DB99244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{39F4B10D-96BF-4376-8B9E-652F8E1FBDD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{C5FB68BB-AF2A-4B54-A223-BF54DFF329EA}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{0B557E1D-F6BA-4FA4-9BFE-DD83974CB7A0}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{FC12B906-2804-4C7D-8CA6-9C0B5966661A}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{696C26BE-CD87-476C-A2AA-631705C43721}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{C4E0E95E-2211-4BF6-8414-BED4162928AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{740F89D0-E616-413E-B941-96051B6DF601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{0D42FC3D-312E-48BD-830C-E5A280C3182D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{CD9CCEF0-3F37-4FDE-A5F3-94895915FF37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{8CF7F52C-3D90-4AAA-A67E-12A7486F2FFD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\UNO\uno.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{1EF10A86-77C6-438C-A30C-DD36FCDD5D97}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\UNO\uno.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [UDP Query User{049516B6-4B59-49FA-ADAD-26ABD9C8DFF8}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [TCP Query User{B84B3BAF-9BC5-4B92-BFAE-79C1D2A218E4}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{21590096-E583-4762-A18E-AC1BB4D64EA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Adventure Game\TheWitcherAdventureGame.exe () [File not signed]
FirewallRules: [{36F6BCCC-E8DC-4B6B-9FDB-167ABE420DD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Adventure Game\TheWitcherAdventureGame.exe () [File not signed]
FirewallRules: [{A5F2D9D2-C315-45AF-909F-A09C069E04D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Carcassonne The Official Board Game\Carcassonne.exe () [File not signed]
FirewallRules: [{7C2D28BC-46EF-4194-9986-46C786DB48E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Carcassonne The Official Board Game\Carcassonne.exe () [File not signed]
FirewallRules: [{1D4A811A-CE67-4B2F-AAD2-FC3217E8FC4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe => No File
FirewallRules: [{1F212994-C298-4266-9164-C37D275842E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe => No File
FirewallRules: [{E5DE371B-8402-4F2A-9A51-B1E3C4F8BFB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe (Brace Yourself Games (Transcendsense Technologies Inc) -> )
FirewallRules: [{4065923D-D8DF-4A52-8CB3-7447664D183B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe (Brace Yourself Games (Transcendsense Technologies Inc) -> )
FirewallRules: [{D6EFF8D8-FA99-43BD-9B61-85818680FC1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe () [File not signed]
FirewallRules: [{59B46EC5-AF6F-4BB4-A57B-C3C9EDC5877B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe () [File not signed]
FirewallRules: [{B3C2E565-3596-40F3-8772-CA1243556E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe () [File not signed]
FirewallRules: [{1126B18F-18F2-405C-AED8-92067C05512D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe () [File not signed]
FirewallRules: [{D7A00497-B01B-4124-B371-8567086BAB37}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{CB83467F-D679-43F5-BEDB-F69313E2A0B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{E770CB10-B3F6-47C6-A481-BEA436233C21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{17812516-59BE-4981-9861-9622948561CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{75342C17-EC7A-4A80-B3C5-388D0054818F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7D061927-7209-41EB-8532-80E1DED5CA79}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E2C7A036-D080-4B8E-8A6F-D7AC10C62FC1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{948DFE0D-4F36-4489-8CF1-ED3478E3E9DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{59172E76-33E6-46B2-BAA6-84A5B139E0D8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{6E168671-9115-4D45-858D-B07D3E376B65}C:\gog games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\gog games\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [UDP Query User{97A025A8-C713-49AF-9650-70F83B8B4CE7}C:\gog games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\gog games\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [TCP Query User{BDDD1299-FD7A-4E39-B108-2105210EA0A2}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{86D1433D-C53E-464B-821A-D464C2440EA9}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{7140E26F-9608-450C-99FD-E4BA32FB7CB6}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{91ADE2F6-C9EA-4DE4-B305-0DB1670ACEDB}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{1C59D42E-C905-404E-A15F-1BE99477EF85}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{413DEBB7-51E6-40D3-8735-AC0530387A10}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{263B6504-E5DF-4077-B698-345AFF2CE4E0}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{DFC38E88-0B9E-44F0-A7D4-4554AA0BDDFD}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C27462B8-FCEE-42AF-BAF7-938A91A853CD}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [UDP Query User{066FDE4A-9252-43D0-99E8-A9F84271E0EE}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [{13F43C0B-AD46-4067-9771-F66E407BB487}] => (Block) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [{21F1D5C7-EF2E-4BA0-B7BC-6EC06ECFABEA}] => (Block) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [TCP Query User{64E6AC28-2D0E-4484-834B-3E9606106D1C}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{F23A6C55-D46C-41C4-85FA-B93FB1FC21F9}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{DF9FF247-9AA4-40CE-A744-BA2F61CB98A2}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Diablo\Diablo.exe (GOG Sp. z o.o. -> Blizzard Entertainment)
FirewallRules: [{D0D4A1F4-F6A3-4BEF-8371-D4C5C80370A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{8E886745-C2D4-4651-8A12-12779F987A5A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{029121DB-BC7F-48E3-B983-2F2D28377B62}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FF12328D-F7D9-42E3-BB2E-5E3529E13A9E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{966880F6-548E-4479-831F-3D8D8038280F}C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe => No File
FirewallRules: [UDP Query User{3B7A39DA-E6E4-4797-B742-A8A436BA24DE}C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe => No File
FirewallRules: [{6F221E1B-7FA3-4E5F-B7A5-2E8B1AA8BBEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inquisitor\Game\Inquisitor.exe => No File
FirewallRules: [{8D1ECC4A-A720-4EDE-9D86-B3046662B5E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inquisitor\Game\Inquisitor.exe => No File
FirewallRules: [TCP Query User{70377998-66DD-4E6F-8851-55EE125FA3FB}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe => No File
FirewallRules: [UDP Query User{7F8E938C-C27E-4B85-BB1E-450B5379AA9A}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe => No File
FirewallRules: [TCP Query User{665AA3D6-26EB-4F0F-ABA7-21F8D7BA714E}C:\program files\epic games\railwayempire\railwayempire.exe] => (Allow) C:\program files\epic games\railwayempire\railwayempire.exe => No File
FirewallRules: [UDP Query User{13F9780C-2F42-4204-9B20-710CFA2E9977}C:\program files\epic games\railwayempire\railwayempire.exe] => (Allow) C:\program files\epic games\railwayempire\railwayempire.exe => No File
FirewallRules: [TCP Query User{42A29186-F43F-42BA-A3DD-B563FF15CF48}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2EFA322F-C7A9-465F-AF04-3820822DAC7A}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [{F8E5AC4E-30ED-4B9E-885D-2CED0BF4F90E}] => (Block) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [{68C0A13A-5FCA-4DF8-A8BF-1AAB52425024}] => (Block) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [{E87E4DBD-C69F-422B-8996-F640730B9F13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil.exe () [File not signed]
FirewallRules: [{BC248F01-01AD-4D97-9920-F10425C9518B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil.exe () [File not signed]
FirewallRules: [TCP Query User{D2DC4611-EF08-47AD-BB53-745AD9F178F2}C:\program files\epic games\amongus\among us.exe] => (Block) C:\program files\epic games\amongus\among us.exe () [File not signed]
FirewallRules: [UDP Query User{0545CBBB-F945-48A4-A511-015B6D73159E}C:\program files\epic games\amongus\among us.exe] => (Block) C:\program files\epic games\amongus\among us.exe () [File not signed]
FirewallRules: [{D82F3425-3528-4959-B3AF-19171BF8D00D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Lord of the Rings - LCG\Lord of the Rings - LCG.exe () [File not signed]
FirewallRules: [{43DA31DA-C4E0-4230-90BE-E6656EBD0FCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Lord of the Rings - LCG\Lord of the Rings - LCG.exe () [File not signed]
FirewallRules: [{547020E7-1FBE-405F-875C-B336354F1C04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{60980A93-AE21-48EA-9A8A-57784373A170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [TCP Query User{45DC37B1-5012-4559-9E20-8A763F0028A3}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{69664D36-1A5B-44E0-9C1A-50DA5EA06B5D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1B1424A7-1941-4E38-A034-B2F6C7FF3305}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{737D9561-429A-4B91-9A6F-966A3934EF12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E9DCFEF-3F82-47C9-B5A3-513772B1BC6B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3FCEFBB6-0715-4F9B-A8C9-5365A73AB714}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{894A72A1-B233-4063-83ED-13048D63D91C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Racers STREET\LittleRacersStreet.exe (Microsoft) [File not signed]
FirewallRules: [{11B89114-D6A4-4778-917D-2065457F7848}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Racers STREET\LittleRacersStreet.exe (Microsoft) [File not signed]
FirewallRules: [{EB05213B-DA58-4E90-9813-B8F791E0E068}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe (Xaviant, LLC) [File not signed]
FirewallRules: [{6C661D86-E20F-4E98-BC21-EE37DBCF80D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe (Xaviant, LLC) [File not signed]
FirewallRules: [{D00050E4-CFF0-4B62-A68E-848032C9C9A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7CB1C75A-2439-45B9-8492-243687B8A871}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Mans Draw\DeadMansDraw.exe (Stardock Entertainment, Inc. -> )
FirewallRules: [{9676BB14-C0F7-48AC-8EF6-8307D8019924}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Mans Draw\DeadMansDraw.exe (Stardock Entertainment, Inc. -> )
FirewallRules: [{64CC9709-956F-4A7A-AC9E-F828A12CE379}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Love Letter\LoveLetter_Release.exe () [File not signed]
FirewallRules: [{382C4DD6-0B16-4DFD-ACD3-ECD115DF3D7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Love Letter\LoveLetter_Release.exe () [File not signed]
FirewallRules: [TCP Query User{CADC8DC0-6A34-4F85-839D-0BB9C9A32B01}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3D2849C8-0A61-4081-A507-8F2ED20EA4AA}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{23BEC1AA-FE25-4968-802B-A8C70DB124DB}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2121A9D5-BDBB-4E29-998A-8D19FD5EA600}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{326BDC96-18F0-4433-AD6D-BD879D090253}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{6228E60B-85E7-482D-A9BA-AB2BC4D41F53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{FBE3C29B-A3E9-43C0-9F74-A7332070A013}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{08402A05-4886-4636-8B82-4AF8230C28CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3E115600-2AC9-4F9A-BB01-87B4E94B5DDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{0D5769FB-2833-4926-B640-039494B74E5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [TCP Query User{0DA190BE-57E4-4E83-A194-C0FE7720E162}C:\program files (x86)\steam\steamapps\common\prison architect\prison architect64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\prison architect\prison architect64.exe () [File not signed]
FirewallRules: [UDP Query User{CD3114AC-614F-40F7-8772-DFB6EE3CB3C6}C:\program files (x86)\steam\steamapps\common\prison architect\prison architect64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\prison architect\prison architect64.exe () [File not signed]
FirewallRules: [{B6C56E79-94F5-4FCB-BB61-54A24D9A8CB2}] => (Block) C:\program files (x86)\steam\steamapps\common\prison architect\prison architect64.exe () [File not signed]
FirewallRules: [{53289A7D-11AA-441C-9CFC-FDBAA8CFA60C}] => (Block) C:\program files (x86)\steam\steamapps\common\prison architect\prison architect64.exe () [File not signed]
FirewallRules: [{EFB45F43-B556-4F1A-9CD4-53327CC17E8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Patchwork\pxw.exe () [File not signed]
FirewallRules: [{D0BF578D-89A4-48D8-B558-16A0164A409B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Patchwork\pxw.exe () [File not signed]
FirewallRules: [{22EEF788-E0D4-45DE-890C-DF0BE2AE1E7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Potion Explosion\PotionExplosion.exe () [File not signed]
FirewallRules: [{BBAACCF7-D840-4981-A4B9-CC82556479C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Potion Explosion\PotionExplosion.exe () [File not signed]
FirewallRules: [{EFF53268-37AC-46CB-9228-3F1D1077125C}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{645A9A8B-F5A5-48EA-8C5D-901F779714ED}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8EAFA684-CC2C-457F-849E-CE4A3DB17353}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{ADDFE614-78F3-46BD-A63E-C1C279ECA405}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{9205C84B-7D93-4A95-8DD8-E0A9627E9DF8}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3ADA8150-C365-40DE-92BF-56802D225442}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A2D82D95-D529-45A5-BB66-22FEEBE9E741}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A080F636-B1B1-48D1-99A2-35C3D334FB0F}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

==================== Restore Points =========================

31-01-2022 06:58:36 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/08/2022 10:55:25 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/08/2022 09:40:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Název chybujícího modulu: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Kód výjimky: 0xc0000409
Posun chyby: 0x000df57d
ID chybujícího procesu: 0x3810
Čas spuštění chybující aplikace: 0x01d81cc740bdff0d
Cesta k chybující aplikaci: c:\program files\avast software\secureline\vpnupdate.exe
Cesta k chybujícímu modulu: c:\program files\avast software\secureline\vpnupdate.exe
ID zprávy: e16fa466-426e-40c1-ba1e-4d5d474bd8b7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/07/2022 10:01:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Název chybujícího modulu: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Kód výjimky: 0xc0000409
Posun chyby: 0x000df57d
ID chybujícího procesu: 0xcac
Čas spuštění chybující aplikace: 0x01d81c65b12272e7
Cesta k chybující aplikaci: c:\program files\avast software\secureline\vpnupdate.exe
Cesta k chybujícímu modulu: c:\program files\avast software\secureline\vpnupdate.exe
ID zprávy: 4e4e9cf4-e9e6-4124-b700-fc69eef43ca5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/07/2022 09:38:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Název chybujícího modulu: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Kód výjimky: 0xc0000409
Posun chyby: 0x000df57d
ID chybujícího procesu: 0x5e8
Čas spuštění chybující aplikace: 0x01d81bfe16367598
Cesta k chybující aplikaci: c:\program files\avast software\secureline\vpnupdate.exe
Cesta k chybujícímu modulu: c:\program files\avast software\secureline\vpnupdate.exe
ID zprávy: cf4ef33c-b505-476a-a04b-e7d5fc3a4d5e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/06/2022 10:23:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Název chybujícího modulu: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Kód výjimky: 0xc0000409
Posun chyby: 0x000df57d
ID chybujícího procesu: 0x4b1c
Čas spuštění chybující aplikace: 0x01d81b9f8a91a950
Cesta k chybující aplikaci: c:\program files\avast software\secureline\vpnupdate.exe
Cesta k chybujícímu modulu: c:\program files\avast software\secureline\vpnupdate.exe
ID zprávy: c476e757-077a-4574-89e3-0112e05de1d3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/06/2022 09:40:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Název chybujícího modulu: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Kód výjimky: 0xc0000409
Posun chyby: 0x000df57d
ID chybujícího procesu: 0x30e8
Čas spuštění chybující aplikace: 0x01d81b34ebd9c76e
Cesta k chybující aplikaci: c:\program files\avast software\secureline\vpnupdate.exe
Cesta k chybujícímu modulu: c:\program files\avast software\secureline\vpnupdate.exe
ID zprávy: b2128f27-79ea-45e5-9600-e712101896a7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/05/2022 09:51:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Název chybujícího modulu: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Kód výjimky: 0xc0000409
Posun chyby: 0x000df57d
ID chybujícího procesu: 0x21a0
Čas spuštění chybující aplikace: 0x01d81ad208694422
Cesta k chybující aplikaci: c:\program files\avast software\secureline\vpnupdate.exe
Cesta k chybujícímu modulu: c:\program files\avast software\secureline\vpnupdate.exe
ID zprávy: 4ae1682b-184f-4e16-bd4b-2aeb9f3a9279
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/05/2022 09:49:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Název chybujícího modulu: vpnupdate.exe, verze: 5.5.522.0, časové razítko: 0x5d9c53ed
Kód výjimky: 0xc0000409
Posun chyby: 0x000df57d
ID chybujícího procesu: 0x3274
Čas spuštění chybující aplikace: 0x01d81a6d52d76be5
Cesta k chybující aplikaci: c:\program files\avast software\secureline\vpnupdate.exe
Cesta k chybujícímu modulu: c:\program files\avast software\secureline\vpnupdate.exe
ID zprávy: bfd374ac-126d-4fb8-bf14-d8eee97754f6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/08/2022 11:35:44 AM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-2O519MS)
Description: U aktivace identifikátoru CLSID {4991D34B-80A1-4291-83B6-3328366B9097} vypršel časový limit během čekání na zastavení služby BITS.

Error: (02/08/2022 11:31:43 AM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-2O519MS)
Description: U aktivace identifikátoru CLSID {F087771F-D74F-4C1A-BB8A-E16ACA9124EA} vypršel časový limit během čekání na zastavení služby BITS.

Error: (02/08/2022 11:27:42 AM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-2O519MS)
Description: U aktivace identifikátoru CLSID {6D18AD12-BDE3-4393-B311-099C346E6DF9} vypršel časový limit během čekání na zastavení služby BITS.

Error: (02/08/2022 11:23:40 AM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-2O519MS)
Description: U aktivace identifikátoru CLSID {03CA98D6-FF5D-49B8-ABC6-03DD84127020} vypršel časový limit během čekání na zastavení služby BITS.

Error: (02/08/2022 11:19:39 AM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-2O519MS)
Description: U aktivace identifikátoru CLSID {659CDEA7-489E-11D9-A9CD-000D56965251} vypršel časový limit během čekání na zastavení služby BITS.

Error: (02/08/2022 11:15:38 AM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-2O519MS)
Description: U aktivace identifikátoru CLSID {BB6DF56B-CACE-11DC-9992-0019B93A3A84} vypršel časový limit během čekání na zastavení služby BITS.

Error: (02/08/2022 11:11:37 AM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-2O519MS)
Description: U aktivace identifikátoru CLSID {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} vypršel časový limit během čekání na zastavení služby BITS.

Error: (02/08/2022 11:07:36 AM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-2O519MS)
Description: U aktivace identifikátoru CLSID {4D233817-B456-4E75-83D2-B17DEC544D12} vypršel časový limit během čekání na zastavení služby BITS.


Windows Defender:
================
Date: 2022-02-07 18:59:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {98852849-48B7-4271-8A3C-7BC99AEFB823}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-02-06 22:48:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5CDDA5AC-973A-4D33-A65B-A6071510DF18}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-02-06 10:38:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E785FFF3-58ED-4934-A6A9-E1EAC5255F70}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-02-05 09:26:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {17A86B8A-48F4-4691-BFBD-5591EDADE6CD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-02-03 16:27:40
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A0001205-1599-448B-8836-B35289E7C736}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-01-04 08:05:26
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2021-12-31 21:27:43
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2021-12-17 15:08:17
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

CodeIntegrity:
===============
Date: 2021-06-09 07:57:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-06-09 07:57:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-09 07:57:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X756UB.302 01/25/2016
Motherboard: ASUSTeK COMPUTER INC. X756UB
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 63%
Total physical RAM: 8088.11 MB
Available physical RAM: 2988.8 MB
Total Virtual: 15888.55 MB
Available Virtual: 5394.31 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:135.67 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:208.75 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:19 GB) (Free:16.13 GB) FAT32

\\?\Volume{d11f50b5-0fad-4ccc-92b1-5e64ec5c8935}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{596614f3-d357-4299-ba90-f3ae7348c699}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9078C1F8)

Partition: GPT.
Could not read MBR for disk 1.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#2 Příspěvek od JaRon »

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\MountPoints2: {5e2e4fcd-500a-11eb-8ab3-74c63b048505} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\MountPoints2: {7828296d-089a-11ec-8ad0-74c63b048505} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2021-12-17 20:59 - 2021-12-17 20:59 - 000000000 _____ () C:\Users\zeidl\AppData\Local\D2803C.tmp
2019-05-12 09:03 - 2019-05-12 09:03 - 000000000 _____ () C:\Users\zeidl\AppData\Local\D29FC3.tmp
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [270]
AlternateDataStreams: C:\ProgramData\TEMP:AD81D29D [243]
FirewallRules: [{C5FB68BB-AF2A-4B54-A223-BF54DFF329EA}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{0B557E1D-F6BA-4FA4-9BFE-DD83974CB7A0}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{C4E0E95E-2211-4BF6-8414-BED4162928AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{740F89D0-E616-413E-B941-96051B6DF601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{1D4A811A-CE67-4B2F-AAD2-FC3217E8FC4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe => No File
FirewallRules: [{1F212994-C298-4266-9164-C37D275842E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe => No File
FirewallRules: [TCP Query User{966880F6-548E-4479-831F-3D8D8038280F}C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe => No File
FirewallRules: [UDP Query User{3B7A39DA-E6E4-4797-B742-A8A436BA24DE}C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe => No File
FirewallRules: [{6F221E1B-7FA3-4E5F-B7A5-2E8B1AA8BBEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inquisitor\Game\Inquisitor.exe => No File
FirewallRules: [{8D1ECC4A-A720-4EDE-9D86-B3046662B5E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inquisitor\Game\Inquisitor.exe => No File
FirewallRules: [TCP Query User{70377998-66DD-4E6F-8851-55EE125FA3FB}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe => No File
FirewallRules: [UDP Query User{7F8E938C-C27E-4B85-BB1E-450B5379AA9A}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe => No File
FirewallRules: [TCP Query User{665AA3D6-26EB-4F0F-ABA7-21F8D7BA714E}C:\program files\epic games\railwayempire\railwayempire.exe] => (Allow) C:\program files\epic games\railwayempire\railwayempire.exe => No File
FirewallRules: [UDP Query User{13F9780C-2F42-4204-9B20-710CFA2E9977}C:\program files\epic games\railwayempire\railwayempire.exe] => (Allow) C:\program files\epic games\railwayempire\railwayempire.exe => No File
FirewallRules: [TCP Query User{42A29186-F43F-42BA-A3DD-B563FF15CF48}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2EFA322F-C7A9-465F-AF04-3820822DAC7A}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [{F8E5AC4E-30ED-4B9E-885D-2CED0BF4F90E}] => (Block) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [{68C0A13A-5FCA-4DF8-A8BF-1AAB52425024}] => (Block) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File



EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Martinus
Návštěvník
Návštěvník
Příspěvky: 82
Registrován: 28 bře 2006 15:59

Re: Prosím o kontrolu logu

#3 Příspěvek od Martinus »

Provedeno:

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by zeidl (10-02-2022 10:12:43) Run:1
Running from C:\Users\zeidl\Desktop
Loaded Profiles: zeidl
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\MountPoints2: {5e2e4fcd-500a-11eb-8ab3-74c63b048505} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-397073922-2315547580-162950297-1001\...\MountPoints2: {7828296d-089a-11ec-8ad0-74c63b048505} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2021-12-17 20:59 - 2021-12-17 20:59 - 000000000 _____ () C:\Users\zeidl\AppData\Local\D2803C.tmp
2019-05-12 09:03 - 2019-05-12 09:03 - 000000000 _____ () C:\Users\zeidl\AppData\Local\D29FC3.tmp
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [270]
AlternateDataStreams: C:\ProgramData\TEMP:AD81D29D [243]
FirewallRules: [{C5FB68BB-AF2A-4B54-A223-BF54DFF329EA}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{0B557E1D-F6BA-4FA4-9BFE-DD83974CB7A0}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{C4E0E95E-2211-4BF6-8414-BED4162928AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{740F89D0-E616-413E-B941-96051B6DF601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe => No File
FirewallRules: [{1D4A811A-CE67-4B2F-AAD2-FC3217E8FC4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe => No File
FirewallRules: [{1F212994-C298-4266-9164-C37D275842E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe => No File
FirewallRules: [TCP Query User{966880F6-548E-4479-831F-3D8D8038280F}C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe => No File
FirewallRules: [UDP Query User{3B7A39DA-E6E4-4797-B742-A8A436BA24DE}C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe => No File
FirewallRules: [{6F221E1B-7FA3-4E5F-B7A5-2E8B1AA8BBEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inquisitor\Game\Inquisitor.exe => No File
FirewallRules: [{8D1ECC4A-A720-4EDE-9D86-B3046662B5E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Inquisitor\Game\Inquisitor.exe => No File
FirewallRules: [TCP Query User{70377998-66DD-4E6F-8851-55EE125FA3FB}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe => No File
FirewallRules: [UDP Query User{7F8E938C-C27E-4B85-BB1E-450B5379AA9A}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe => No File
FirewallRules: [TCP Query User{665AA3D6-26EB-4F0F-ABA7-21F8D7BA714E}C:\program files\epic games\railwayempire\railwayempire.exe] => (Allow) C:\program files\epic games\railwayempire\railwayempire.exe => No File
FirewallRules: [UDP Query User{13F9780C-2F42-4204-9B20-710CFA2E9977}C:\program files\epic games\railwayempire\railwayempire.exe] => (Allow) C:\program files\epic games\railwayempire\railwayempire.exe => No File
FirewallRules: [TCP Query User{42A29186-F43F-42BA-A3DD-B563FF15CF48}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2EFA322F-C7A9-465F-AF04-3820822DAC7A}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [{F8E5AC4E-30ED-4B9E-885D-2CED0BF4F90E}] => (Block) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File
FirewallRules: [{68C0A13A-5FCA-4DF8-A8BF-1AAB52425024}] => (Block) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe => No File



EmptyTemp:
Reboot:
End

*****************

HKU\S-1-5-21-397073922-2315547580-162950297-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5e2e4fcd-500a-11eb-8ab3-74c63b048505} => removed successfully
HKU\S-1-5-21-397073922-2315547580-162950297-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7828296d-089a-11ec-8ad0-74c63b048505} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
C:\Users\zeidl\AppData\Local\D2803C.tmp => moved successfully
C:\Users\zeidl\AppData\Local\D29FC3.tmp => moved successfully
C:\ProgramData\TEMP => ":2CB9631F" ADS removed successfully
C:\ProgramData\TEMP => ":AD81D29D" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5FB68BB-AF2A-4B54-A223-BF54DFF329EA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B557E1D-F6BA-4FA4-9BFE-DD83974CB7A0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4E0E95E-2211-4BF6-8414-BED4162928AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{740F89D0-E616-413E-B941-96051B6DF601}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D4A811A-CE67-4B2F-AAD2-FC3217E8FC4D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F212994-C298-4266-9164-C37D275842E5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{966880F6-548E-4479-831F-3D8D8038280F}C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3B7A39DA-E6E4-4797-B742-A8A436BA24DE}C:\program files (x86)\steam\steamapps\common\hive\concept\binaries\win64\concept-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F221E1B-7FA3-4E5F-B7A5-2E8B1AA8BBEB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D1ECC4A-A720-4EDE-9D86-B3046662B5E0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{70377998-66DD-4E6F-8851-55EE125FA3FB}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7F8E938C-C27E-4B85-BB1E-450B5379AA9A}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{665AA3D6-26EB-4F0F-ABA7-21F8D7BA714E}C:\program files\epic games\railwayempire\railwayempire.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{13F9780C-2F42-4204-9B20-710CFA2E9977}C:\program files\epic games\railwayempire\railwayempire.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{42A29186-F43F-42BA-A3DD-B563FF15CF48}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2EFA322F-C7A9-465F-AF04-3820822DAC7A}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8E5AC4E-30ED-4B9E-885D-2CED0BF4F90E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68C0A13A-5FCA-4DF8-A8BF-1AAB52425024}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 126902402 B
Java, Flash, Steam htmlcache => 628309938 B
Windows/system/drivers => 9438479 B
Edge => 151318 B
Chrome => 14677306 B
Firefox => 1391023367 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 49376 B
NetworkService => 30488396 B
zeidl => 159246087 B

RecycleBin => 19220600357 B
EmptyTemp: => 20.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:22:01 ====
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#4 Příspěvek od JaRon »

je to lepsie :???:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Martinus
Návštěvník
Návštěvník
Příspěvky: 82
Registrován: 28 bře 2006 15:59

Re: Prosím o kontrolu logu

#5 Příspěvek od Martinus »

Vypadá to, že ano. Firefox už startoval hrozně dlouho, vždy se jakoby zaseknul s bílou obrazovkou a teprve po nějaké době se to "odseklo" :?:
Teď už startuje hned.
Děkuji za pomoc :)
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#6 Příspěvek od JaRon »

rado sa stalo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“