Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
SmilesCZ
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 09 říj 2022 21:51
Bydliště: Olomoucký kraj

Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#1 Příspěvek od SmilesCZ »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-10-2022 01
Ran by jiras (administrator) on ASUSSMILESCZ (ASUSTeK COMPUTER INC. FX502VE) (09-10-2022 22:44:15)
Running from C:\Users\jiras\OneDrive\Plocha
Loaded Profiles: jiras
Platform: Microsoft Windows 10 Home Version 21H2 19044.2006 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\Adobe\Adobe Lightroom\Adobe Lightroom CEF Helper.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(cmd.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.BrowserExtensionHost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\dptf_helper.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (Adobe Systems Incorporated -> Adobe Systems) C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe
(services.exe ->) (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\106.0.5249.37\remoting_host.exe <2>
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a63b95fe6e6a1712\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a63b95fe6e6a1712\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (McAfee, Inc. -> Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_9dadb8756023efe0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(SgrmBroker.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(SgrmBroker.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(SgrmBroker.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(svchost.exe ->) (ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-07-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-10-08] (Adobe Inc. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707768 2022-03-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [6353840 2022-08-01] (Adguard Software Limited -> Adguard Software Ltd)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292120 2022-09-22] (Intel Corporation -> Intel)
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-11-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\Run: [electron.app.Google Assistant] => C:\Users\jiras\AppData\Local\Programs\Google Assistant\Google Assistant.exe --sys-startup (No File)
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\Run: [GoogleChromeAutoLaunch_DD91B324026924BA936AA278F28E6FCC] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2900760 2022-10-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\MountPoints2: {070a03c2-ff1d-11e8-aa1d-107b442d0522} - "E:\autorun.exe"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\MountPoints2: {30b86780-7322-11ec-aabf-f496343e27a3} - "F:\Autorun.exe"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\MountPoints2: {84755c47-74d6-11ec-aac0-f496343e27a3} - "H:\autorun.exe"
HKLM\...\Print\Monitors\EPSON L130 Series 64MonitorBE: C:\Windows\system32\E_YLMBN6E.DLL [180224 2014-03-05] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\Installer\chrmstp.exe [2022-10-06] (Google LLC -> Google LLC)
Startup: C:\Users\jiras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PCRemoteReceiver.lnk [2022-06-30]
ShortcutTarget: PCRemoteReceiver.lnk -> C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08049561-ECFF-465B-BDD4-FA9BFB4BB5A7} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55808 2016-10-12] (ASUS) [File not signed]
Task: {1EDFD984-81BD-48D8-8868-6E47281283CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A0E5FD8-373B-4D46-9E4D-69C9D14822C4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {2F6FD352-1E3F-43A7-9C75-0239D0A09EF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {4B1B5B17-BE50-49DA-A99E-C3C1395B1F3A} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\jiras\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-07-17] (ESET, spol. s r.o. -> ESET)
Task: {5DD42528-B09A-45FC-B188-3BE66FCDB851} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {63E12A55-70A8-4E69-A2B4-6FC9AB0A16F3} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {64ADB340-C043-4308-9E13-FC2C4E12D63F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {68D258C2-B140-4E59-968B-2E45B33BEC74} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe [2478776 2016-11-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {743B2CF4-3117-4DBC-AAF5-899B9991043A} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [149712 2021-10-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {74548AE1-9381-4A97-85F5-AF87DB214FBF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7A89FA3E-0831-4F5F-9B9D-2088CE5D6BEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F38DA23-2996-4A12-A5F8-61A8C947AE4E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {82FCAD22-35BF-44B0-8EA1-70FF28466494} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8A32B2E1-F65B-4442-84E4-5EA119104114} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505736 2018-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {8F97422C-F2D8-44AD-A8A6-9F220F63A628} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {900AB248-ED78-41F3-B84E-501A7A14E56F} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {94AB0968-CED6-4815-AC9E-D8BB19049C06} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CC4B835-4CF2-471F-A2E1-37ED07BCE444} - System32\Tasks\{582FDA1C-BBAD-4809-AE40-9547F8543AB8} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe" -c --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{793C2BF7-A4FE-4608-91C9-9282C5801C21}"
Task: {A10ACCF6-AC86-49C8-8417-FA825DDF8063} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A8935FED-FAD4-4F4E-9546-D27CEF92F924} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AD40498F-7738-43CC-B17A-9D8BAD48EE7B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C814E1EC-0E4C-46DE-AF77-AF153DDACAA6} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [62016 2017-08-04] (Microsoft Windows Hardware Compatibility Publisher -> )
Task: {CC5624D6-9E99-41E1-A32A-BF18DB2F2CD2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {CD398E93-1B05-4C56-BE1D-4B193F2E97D8} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {CF231B09-5C43-4E58-A154-841DD1BBF47E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D2BAF2A8-B5EA-4E0A-B23F-5975234DBBFD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D73E1E03-5233-4B93-8173-8172A9838B8D} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\jiras\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-07-17] (ESET, spol. s r.o. -> ESET)
Task: {D81FF288-7101-479D-A50C-96F80DAFDC0C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1578784 2016-07-07] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [File not signed]
Task: {E694C864-8D2D-4147-8676-250C58478DF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E828F2A4-EA3B-4B07-A731-A0B7DC4490C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-03] (Google Inc -> Google Inc.)
Task: {EC53A7D1-DC70-4B5D-80D0-E6990E61B21A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {ECE8DDA1-2023-41B4-A1A7-6334B6E179A7} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jiras.spaca@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F1BF6F52-19A1-4349-A55B-CB0E78E8B23A} - System32\Tasks\WpsExternal_20161114022915 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe /wpscloudlaunch /wpsexternal /from=task (No File)
Task: {F5850068-789A-4FA6-9B88-5CA7D0473D51} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505736 2018-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F5F4CB05-0A1D-487D-B3C1-084937629122} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WpsExternal_20161114022915.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{10951c21-5929-4e42-b4ae-3971bc22fdc1}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{18d28f52-5521-4aec-918d-6e828c3a18b0}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\jiras\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-25]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.10 -> D:\aplikace a hry co se nevešli na disk C\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\aplikace a hry co se nevešli na disk C\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\aplikace a hry co se nevešli na disk C\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\aplikace a hry co se nevešli na disk C\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> D:\aplikace a hry co se nevešli na disk C\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\aplikace a hry co se nevešli na disk C\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\aplikace a hry co se nevešli na disk C\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.331.2 -> C:\Program Files (x86)\Java\jre1.8.0_331\bin\dtplugin\npDeployJava1.dll [2022-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.331.2 -> C:\Program Files (x86)\Java\jre1.8.0_331\bin\plugin2\npjp2.dll [2022-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-07] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-785668672-3562210802-3274318489-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jiras\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default [2022-10-09]
CHR DownloadDir: D:\Download
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://hypixel.inventivetalent.org; hxxps://web.whatsapp.com; hxxps://www.google.cz; hxxps://www.messenger.com; hxxps://www.waze.com; hxxps://www.wish.com
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxp://ask.fm/accou ... fault.aspx"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-10-05]
CHR Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2022-06-23]
CHR Extension: (Volume Booster - Ovladač hlasitosti) - C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmlkhccdfhkabeelccopjbklaapahae [2022-08-17]
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2022-10-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-16]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-25]
CHR Extension: (Excel Online) - C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2021-11-15]
CHR Extension: (Chrome Remote Desktop) - C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-10-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\jiras\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [473008 2022-08-01] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-07] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AsBhcService; C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [114360 2016-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\106.0.5249.37\remoting_host.exe [74528 2022-09-12] (Google LLC -> Google LLC)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [41240 2022-09-22] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [198424 2022-09-22] (Intel Corporation -> Intel)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc. -> McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (McAfee, Inc. -> Intel Security, Inc.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_9dadb8756023efe0\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_9dadb8756023efe0\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [99896 2022-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_314b5cb6bf57f471\AsusPTPFilter.sys [116712 2021-12-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [137040 2022-01-03] (GENESYS LOGIC, INC. -> Genesys Logic)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31112 2017-05-02] (ASUSTeK Computer Inc. -> ASUS)
R3 MpKsle4c5d987; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF76902D-595F-42E4-AA27-6B44AA9B54DB}\MpKslDrv.sys [228632 2022-10-09] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12464 2022-01-14] (Macrovision Europe Ltd) [File not signed]
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-08-31] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-08-31] (Microsoft Windows -> Microsoft Corporation)
S3 zttap300; C:\WINDOWS\System32\drivers\zttap300.sys [30488 2018-03-16] (ZeroTier Networks LLC -> ZeroTier Networks LLC)
U1 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-09 22:43 - 2022-10-09 22:44 - 000000000 ___DC C:\FRST
2022-10-09 16:48 - 2022-10-09 16:48 - 000000000 ____D C:\ProgramData\Google
2022-09-29 19:13 - 2022-10-03 17:28 - 000000000 ___DC C:\Counter-Strike 1.6
2022-09-28 18:20 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-09-28 18:20 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-09-28 18:20 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-09-28 18:20 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-09-28 18:20 - 2022-09-22 17:12 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-09-28 18:20 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-09-28 18:20 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-09-28 18:20 - 2022-09-22 17:12 - 001213416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-28 18:20 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-09-28 18:20 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-09-28 18:20 - 2022-09-22 17:08 - 001536504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-09-28 18:20 - 2022-09-22 17:08 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-09-28 18:20 - 2022-09-22 17:08 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-09-28 18:20 - 2022-09-22 17:08 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-09-28 18:20 - 2022-09-22 17:08 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-09-28 18:20 - 2022-09-22 17:08 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-09-28 18:20 - 2022-09-22 17:07 - 002127864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-09-28 18:20 - 2022-09-22 17:07 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-09-28 18:20 - 2022-09-22 17:07 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-09-28 18:20 - 2022-09-22 17:07 - 000845304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-09-28 18:20 - 2022-09-22 17:07 - 000456184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-09-28 18:20 - 2022-09-22 17:06 - 010270208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-09-28 18:20 - 2022-09-22 17:06 - 008803832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-09-28 18:20 - 2022-09-22 17:06 - 005751288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-09-28 18:20 - 2022-09-22 17:06 - 005362680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-09-28 18:20 - 2022-09-22 17:06 - 003066872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-09-28 18:20 - 2022-09-22 17:05 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-09-28 18:20 - 2022-09-22 17:04 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-09-28 18:20 - 2022-09-22 02:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-09-28 18:18 - 2022-09-28 18:24 - 000000000 ____D C:\WINDOWS\LastGood
2022-09-24 19:20 - 2022-09-24 19:20 - 000001512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2022-09-15 17:33 - 2022-09-15 17:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-15 17:33 - 2022-09-15 17:33 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-15 17:32 - 2022-09-15 17:32 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-15 17:32 - 2022-09-15 17:32 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-15 17:32 - 2022-09-15 17:32 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-15 17:24 - 2022-09-15 17:24 - 000000000 __HDC C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-09 22:43 - 2022-08-18 15:23 - 000000000 ____D C:\ProgramData\Adguard
2022-10-09 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-09 22:38 - 2018-09-03 16:03 - 000000000 ___DC C:\Program Files (x86)\Google
2022-10-09 22:34 - 2021-12-30 00:38 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-09 22:25 - 2019-10-04 23:11 - 000000000 __HDC C:\Users\Public\Documents\AdobeGCData
2022-10-09 22:18 - 2020-08-17 05:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-09 17:42 - 2017-07-04 20:11 - 000000000 ___DC C:\ProgramData\NVIDIA
2022-10-08 20:42 - 2020-08-31 08:13 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-08 20:42 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-08 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-08 20:35 - 2020-08-31 08:13 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-08 20:35 - 2020-08-31 08:13 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-06 19:35 - 2018-09-03 16:03 - 000002303 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-29 18:04 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-28 18:25 - 2018-09-03 15:44 - 000000000 ___DC C:\Users\jiras\AppData\Local\NVIDIA
2022-09-28 18:18 - 2017-07-04 20:08 - 000000000 ___DC C:\Program Files (x86)\Intel
2022-09-28 18:15 - 2022-04-26 01:02 - 000001380 ____C C:\Users\jiras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-09-26 18:40 - 2018-09-07 15:30 - 000000000 ___DC C:\Users\jiras\AppData\Local\ElevatedDiagnostics
2022-09-26 17:00 - 2022-05-03 21:38 - 000003852 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-09-26 17:00 - 2022-05-03 21:38 - 000003410 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-09-24 19:20 - 2017-07-04 20:07 - 000000000 ___DC C:\ProgramData\Package Cache
2022-09-22 17:04 - 2022-08-17 20:00 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-19 12:35 - 2020-08-17 05:06 - 001696634 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-19 12:35 - 2019-12-07 16:41 - 000720550 _____ C:\WINDOWS\system32\perfh005.dat
2022-09-19 12:35 - 2019-12-07 16:41 - 000146174 _____ C:\WINDOWS\system32\perfc005.dat
2022-09-19 12:28 - 2022-02-24 12:19 - 005149176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-19 12:28 - 2020-08-17 05:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-19 12:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-19 12:28 - 2018-09-03 15:41 - 000000000 _SHDC C:\Users\jiras\IntelGraphicsProfiles
2022-09-19 12:28 - 2017-07-04 20:08 - 000000000 __HDC C:\Intel
2022-09-19 12:27 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-19 12:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-18 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-09-17 16:56 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-17 16:56 - 2018-09-03 20:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-17 16:53 - 2018-09-03 20:38 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-15 17:32 - 2020-08-17 05:07 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-12 14:11 - 2018-09-03 15:41 - 000000000 ___DC C:\Users\jiras\AppData\Local\Packages

==================== Files in the root of some directories ========

2022-01-07 09:00 - 2022-01-07 09:00 - 000000258 _____ () C:\ProgramData\fontcacheev1.dat
2018-09-03 15:44 - 2019-08-21 19:19 - 000000200 ____C () C:\Users\jiras\AppData\Roaming\sp_data.sys
2020-01-24 08:56 - 2020-01-24 09:51 - 000001456 _____ () C:\Users\jiras\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-09-29 10:48 - 2018-09-29 10:48 - 000000000 ____C () C:\Users\jiras\AppData\Local\oobelibMkey.log
2018-10-30 21:44 - 2021-06-11 02:47 - 000007601 ____C () C:\Users\jiras\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-10-2022 01
Ran by jiras (09-10-2022 22:46:00)
Running from C:\Users\jiras\OneDrive\Plocha
Microsoft Windows 10 Home Version 21H2 19044.2006 (X64) (2020-08-17 03:12:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-785668672-3562210802-3274318489-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-785668672-3562210802-3274318489-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-785668672-3562210802-3274318489-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-785668672-3562210802-3274318489-501 - Limited - Disabled)
jiras (S-1-5-21-785668672-3562210802-3274318489-1001 - Administrator - Enabled) => C:\Users\jiras
WDAGUtilityAccount (S-1-5-21-785668672-3562210802-3274318489-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AdGuard (HKLM-x32\...\{2850ae2d-0bde-4252-b31e-7bfd1bf205ac}) (Version: 7.10.3961.0 - Adguard Software Ltd)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.10.3961.0 - Adguard Software Ltd) Hidden
Adobe AIR (HKLM-x32\...\{CE25DBD3-FCA7-4E77-9A60-F77BE12FC4BA}) (Version: 30.0.0.107 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.0.0.11 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
ASUS Battery Health Charging (HKLM-x32\...\{3A7E73B6-3A04-49ED-811E-CC39F7EA2E34}) (Version: 1.0.0002 - ASUS)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS Input Configuration (HKLM-x32\...\{7DDF7571-64BD-4232-9729-20FF10CE6C62}) (Version: 1.0.3 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.15 - ASUSTeK COMPUTER INC.)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.16 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.2 - ASUS)
ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0061 - ASUSTeK COMPUTER INC.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.3.32 - ICEpower a/s)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.5 - ASUSTek COMPUTER INC.)
digiCamControl (HKLM-x32\...\{e228fee9-3f05-4ed9-9186-26b05094d174}) (Version: 2.1.0.0 - ) Hidden
DJI Media Maker version 1.0.0.0 (HKLM\...\{23E217BE-9992-41B5-910F-A252680AD835}_is1) (Version: 1.0.0.0 - DJI)
Documentation Manager (HKLM\...\{BBADC524-5F32-4DF2-AF23-81B4D10FAA4E}) (Version: 22.90.0.5 - Intel Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{CA7CA513-2531-4801-83C6-CF8FB6C8711A}) (Version: 4.5.1.1.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.103 - Google LLC)
Half-Life Ultimate (HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\Half-Life Ultimate_is1) (Version: - Valve)
Chrome Remote Desktop Host (HKLM-x32\...\{7D6857FA-6404-4E47-A3C7-F4EB2DAFE615}) (Version: 106.0.5249.37 - Google LLC)
Intel Driver && Support Assistant (HKLM-x32\...\{87B5A0A1-22D3-4A05-8310-58CCEB63EF93}) (Version: 22.6.39.9 - Intel) Hidden
Intel Security Software Manager (HKLM\...\Intel Security Software Manager) (Version: 1.1.107.0 - Intel Security)
Intel(R) Computing Improvement Program (HKLM\...\{D17293BC-1678-4281-B94E-DBCF66AE7611}) (Version: 2.4.08919 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11002.3418 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{34663e82-6c5e-4b48-b1b1-fee1881dc39b}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{f07e8107-88e2-4459-865e-665afe7dda07}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{177F3AF8-1D9D-4C47-AB82-69571F4630DE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{DEDA24FF-BA95-42E7-B914-639D32515511}) (Version: 11.6.0.1035 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7325 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1003 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{F3514E47-5EA1-4BBE-8080-B3489086F64B}) (Version: 16.8.3.1003 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{AEDB97C8-18E1-4053-B7DD-B66E9531B207}) (Version: 30.100.1643.01 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000160-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.160.0.4 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{9806ff29-547d-4c1a-8db0-12c1fc51c8d9}) (Version: 22.6.39.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{224CC1EA-2433-4106-81BA-5D5432B11744}) (Version: 19.30.0.0905 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{bc0ed593-235e-47bf-9b81-bb287a4eea34}) (Version: 22.90.0.5 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{75FE588B-F158-4BB3-A283-A8D18E522A52}) (Version: 1.43.301.1 - Intel Corporation) Hidden
Java 8 Update 331 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180331F0}) (Version: 8.0.3310.9 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MediaTek SP Driver version 5.16.32.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.16.32.04 - MediaTek.Inc.)
Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.37 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{F72EB01C-8051-488C-AB30-848E38D3598B}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F29F6D90-52BF-4644-9F61-82EFF42A9268}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Need For Speed Hot Pursuit 2 (HKLM-x32\...\{76F4DD9B-C246-4BE0-00B6-3DE9ABF72299}) (Version: - )
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.60.615.2022 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8519 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 2 - Unwinder)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
Windows Driver Package - ASUS (AsusHFilter) HIDClass (12/19/2016 1.0.0.2) (HKLM\...\EEDD19DDF3F0CA7CFA2F4C500D442DD1FEB434F6) (Version: 12/19/2016 1.0.0.2 - ASUS)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (09/23/2016 11.0.0.14) (HKLM\...\F95583A62AB902A3FC263F668380483F9E0113CD) (Version: 09/23/2016 11.0.0.14 - ASUS)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-08-16] (Adobe Systems Incorporated)
Adobe Photoshop Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.7.403.0_x64__ynb6jyjzte8ga [2022-08-20] (Adobe Inc.)
ASUS ZenLink -> C:\Program Files\WindowsApps\B9ECED6F.ZenSync_1.0.7.0_x86__qmba6cd70vzyy [2022-08-01] (ASUSTeK COMPUTER INC.) [MS Ad]
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-05] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2018-09-03] (ASUSTeK COMPUTER INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.7.0_x64__qmba6cd70vzyy [2022-09-29] (ASUSTeK COMPUTER INC.)
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-09-03] (ASUSTeK COMPUTER INC.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-09-28] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-08-01] (INTEL CORP) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-785668672-3562210802-3274318489-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel)
CustomCLSID: HKU\S-1-5-21-785668672-3562210802-3274318489-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-29] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-29] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-29] (Adobe Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_9dadb8756023efe0\nvshext.dll [2022-09-22] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-29] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\jiras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Spotify.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=pjibgclleladliembfgfagdaldikeohf

==================== Loaded Modules (Whitelisted) =============

2016-10-12 23:17 - 2016-10-12 23:17 - 000125440 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-10-12 23:17 - 2016-10-12 23:17 - 000033280 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2022-08-09 15:02 - 2022-08-09 15:02 - 005998080 ____C () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2015-04-06 18:15 - 2017-09-18 16:04 - 002727112 ____C (Adobe Systems Incorporated -> Adobe Systems, Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Lightroom\amtlib.dll
2016-10-12 23:17 - 2016-10-12 23:17 - 001676288 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2016-10-12 23:17 - 2016-10-12 23:17 - 000178176 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2016-10-12 23:17 - 2016-10-12 23:17 - 000165888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2022-05-02 16:08 - 2022-05-02 16:09 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2021-05-21 14:04 - 2021-05-21 14:04 - 000130048 ____C (Sam Grogan) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2019-05-06 11:50 - 2014-03-05 04:06 - 000180224 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\E_YLMBN6E.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-785668672-3562210802-3274318489-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-785668672-3562210802-3274318489-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-785668672-3562210802-3274318489-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_331\bin\ssv.dll [2022-04-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_331\bin\jp2ssv.dll [2022-04-21] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\sharepoint.com -> hxxps://unipardubice-myfiles.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-06-29 23:41 - 2020-02-26 00:08 - 000000441 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-785668672-3562210802-3274318489-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jiras\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\untitled-1-100.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: Rockstar Service => 3
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\StartupApproved\StartupFolder: => "PCRemoteReceiver.lnk"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_21BF0A7F2A9B661F030D400356A0FF77"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\StartupApproved\Run: => "electron.app.Google Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{4C6EC4FC-5C4E-44B6-88DF-F06D01ED7231}C:\program files\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\openshot video editor\openshot-qt.exe => No File
FirewallRules: [TCP Query User{1D0080E8-D276-4A79-9D48-8DFFEC03975A}C:\program files\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\openshot video editor\openshot-qt.exe => No File
FirewallRules: [UDP Query User{5D50BA44-E072-412F-B648-E0B992223E1C}D:\aplikace a hry co se nevešli na disk c\launcher\grand theft auto v\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\launcher\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{780D23C4-0BC3-4FD3-8B7D-EEDF1CFC63CC}D:\aplikace a hry co se nevešli na disk c\launcher\grand theft auto v\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\launcher\grand theft auto v\gta5.exe => No File
FirewallRules: [{C4CF9F57-2309-4658-91B6-4B7B3F1E11D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{13A8ED8B-3935-49D0-9741-C6F16BF23F77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{52C9B34A-79C4-443E-9016-527FAF1F1661}D:\aplikace a hry co se nevešli na disk c\launcher\grand theft auto v\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\launcher\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{DDA97887-FE22-42DE-BC23-C599CBB5AE87}D:\aplikace a hry co se nevešli na disk c\launcher\grand theft auto v\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\launcher\grand theft auto v\gta5.exe => No File
FirewallRules: [{9BE493B5-3B4C-4F8E-9621-AA9D76E8F734}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{81E0E847-2C5D-4765-9E4C-2AF05A460411}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [UDP Query User{D24E403B-EE4C-4DA9-98A4-D5640D431504}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{9A75F1D9-856C-4BB9-B9F8-47F48D84C370}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{01494636-AB9D-48A0-8038-9A2B1CCA6528}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B82D8816-F52C-4AF1-8D2D-3416C1B61FCE}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{21A9A48C-6237-46BB-B4F5-AABB2AD5439F}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{6253E455-B558-4646-819A-4B4F038F0458}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{4C42205E-6A52-499E-A85D-67424373AA2D}C:\users\jiras\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jiras\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{E062F546-7317-4983-8DA3-EEA0B335D75C}C:\users\jiras\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jiras\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{9091A147-4DDD-4DC0-8DF8-19CA95EA4F91}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D646C87C-7E87-48D3-B475-D43149009BB5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0AEE75B3-2562-46C3-A45D-841433101192}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EBA9B59A-648C-4149-996B-9180B1EE6571}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{D4AEA27C-1BDB-4BE2-A668-93DF59716EB6}C:\program files\windowsapps\spotifyab.spotifymusic_1.88.353.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.88.353.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [TCP Query User{21F9699A-78F1-4076-97D8-0FA0514062D1}C:\program files\windowsapps\spotifyab.spotifymusic_1.88.353.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.88.353.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [{634BD4A4-8B87-43C1-AD10-D680BDB1C9F6}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{01AB89CD-3E81-4E14-9660-5CD29BFF2B2A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{05ED1CAE-0630-44E2-8B1D-0E8C9E4FFB3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3E3ADE01-8EE2-4F23-B09D-9E5FE1BAB642}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F25495E1-EE70-4D0B-8B79-EF21BF5C4743}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{E9D411CB-59ED-4511-ADD7-0BFE8C00DD46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4A072774-F6A3-430E-8BF3-862C30322B34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8AEED012-899F-4AFE-B09C-6A70C8448686}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CBB9BC41-0C58-4FC8-BD8D-3C0EFF8454D9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0F845915-4833-4DBF-BA24-7D8D2014A622}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe => No File
FirewallRules: [TCP Query User{6BDA4DE6-F518-429D-BD73-81F055A6B3A4}C:\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe] => (Allow) C:\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe => No File
FirewallRules: [UDP Query User{603A5A31-8BA3-4184-8ACE-BB7F4C858D53}C:\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe] => (Allow) C:\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe => No File
FirewallRules: [TCP Query User{62E796A7-E78D-4FC6-A779-81856504C593}C:\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe] => (Allow) C:\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe => No File
FirewallRules: [UDP Query User{BC37E27A-90CD-4CA2-A2C9-C740C0D01D3D}C:\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe] => (Allow) C:\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe => No File
FirewallRules: [TCP Query User{7588F0B8-FFBA-4185-84DB-456359B550AB}C:\program files (x86)\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\sitsp840dsl.exe] => (Allow) C:\program files (x86)\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\sitsp840dsl.exe => No File
FirewallRules: [UDP Query User{F3F4ED52-7452-47E0-84A0-AE13C934BDE9}C:\program files (x86)\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\sitsp840dsl.exe] => (Allow) C:\program files (x86)\siemens\sinutrain\sinumerik cnc-sw 840d sl 4.8 sp2\sitsp840dsl.exe => No File
FirewallRules: [TCP Query User{E1A0447D-3D0C-4790-AA01-54F5CA3BCD85}D:\aplikace a hry co se nevešli na disk c\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{64BC403E-60E9-4E91-8EA2-FC1E9092D79C}D:\aplikace a hry co se nevešli na disk c\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{44E3DF21-3B89-48C3-B238-B96784A1F743}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2CA7EC08-CA41-440B-905E-66EBDC23FBAA}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [{A6BEC8CE-19CB-4507-8D05-9E60E8B9FFA1}] => (Allow) LPort=25562
FirewallRules: [{6F68D3BC-A6E6-4EE9-9D3C-733EA30FFD15}] => (Allow) LPort=25565
FirewallRules: [{D8FD4A68-3917-42BD-B2C9-B0817DF3C34B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{44E003DF-BCBD-431A-B0E7-73D00492C1E4}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [{86C02B67-0155-48FF-9CAD-D6BCDAB472A8}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [TCP Query User{4DEF037B-F82C-410F-A65C-2327483D77E3}D:\aplikace a hry co se nevešli na disk c\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [UDP Query User{14197303-E708-4FF7-A87B-2968FBAF7DA8}D:\aplikace a hry co se nevešli na disk c\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [{D1E967D6-8063-4200-883F-36646E81EDE7}] => (Block) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [{97F473AF-7474-4DD9-86B7-C78B4BE711B6}] => (Block) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [{A03454DD-8803-42AD-9E51-70405DD09301}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{95D9B3BB-5E23-4733-AD90-596C12BA18A7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{96449080-DC42-4E00-8137-4628355015BD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{93E1E424-4CF9-4AF3-B3E5-4926E8BA86A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{0E810226-80C0-42EF-83B4-28EFF9B49B5D}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe => No File
FirewallRules: [TCP Query User{ACCD5F9C-AAC6-4D32-95FB-EC9BF8816BA9}D:\aplikace a hry co se nevešli na disk c\vlc\vlc.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4C32829C-FA66-4DF6-9D17-47E4EDEF6A80}D:\aplikace a hry co se nevešli na disk c\vlc\vlc.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E2A07853-44E6-4161-BE11-8A1561441BCA}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{4F439BFC-4838-4536-A2A8-9C2B74AFF634}] => (Allow) D:\aplikace a hry co se nevešli na disk C\steamapps\common\Ring of Elysium\SLauncher.exe => No File
FirewallRules: [{7FFAAAF5-ADF0-4968-B785-B09464DFE2C9}] => (Allow) D:\aplikace a hry co se nevešli na disk C\steamapps\common\Ring of Elysium\SLauncher.exe => No File
FirewallRules: [TCP Query User{6395484D-AA03-4818-B102-48CF12992ECC}D:\aplikace a hry co se nevešli na disk c\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\minecraft\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{9F749805-63C8-46D0-9CDA-4C9103D151A2}D:\aplikace a hry co se nevešli na disk c\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\minecraft\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [{0B138100-3E74-4B85-B936-B28BE7294C54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7952F94D-E670-430F-A740-58B1F63E3215}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ACE3EA54-AADD-47CB-B36A-3499E4F52FB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7748D86D-62F4-4601-AA38-42C2524BC69A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5ECC2A3C-77CF-4473-9CCB-D06B349A9F03}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D1A472C-23B0-4303-8B72-231A3D53F448}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1449300E-B505-4029-BA2B-4E7B92208A9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6947838-BAE1-49B4-9794-D2C6399658E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9BE83F39-821D-44BE-BBB3-6B3FA229338A}] => (Allow) D:\Download\4ukey-for-android.exe => No File
FirewallRules: [{247648F6-1DEF-4E5A-B838-5B6F1E5466A2}] => (Allow) D:\Download\4ukey-for-android.exe => No File
FirewallRules: [TCP Query User{DE3E31EF-B30B-4D81-9C5A-8BD9762A4555}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{33C60C1E-430C-4D8C-8CC2-DADE791E8F41}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{031D2EDB-C1C7-458B-B1EF-AB1FDE9E915B}] => (Block) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{A0C5C813-D347-4216-94F4-0DDE6C061B86}] => (Block) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [TCP Query User{02A38E04-AC20-48F1-AE9E-F5F506FE932A}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{3009D952-AE2D-49BA-A7EB-C5956D21BE27}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{2857CD45-B983-4E8C-822A-6E376D2DE7BE}C:\users\jiras\onedrive\plocha\bulánci\bulanci.exe] => (Block) C:\users\jiras\onedrive\plocha\bulánci\bulanci.exe => No File
FirewallRules: [UDP Query User{E229A625-4768-482B-9E14-F473FB253070}C:\users\jiras\onedrive\plocha\bulánci\bulanci.exe] => (Block) C:\users\jiras\onedrive\plocha\bulánci\bulanci.exe => No File
FirewallRules: [TCP Query User{CC2F1D8A-9A23-4F37-BFC8-6A96FDB6923D}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{6C196108-DDEB-46E0-9590-72CB47A2C2C3}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E7651166-0D7D-4FC4-B035-6D4A31BC076E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FB02C2F7-0D20-4A48-9D90-CB244FE57F20}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [TCP Query User{E7D38AAF-3D89-4651-AB7C-B83AF43F50D1}C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [UDP Query User{CD91AAB9-D4DA-441E-850B-EC98A44E791D}C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [{ED964662-66DE-45A8-8FB5-679127E24FE7}] => (Allow) D:\aplikace a hry co se nevešli na disk C\Steam\Steam.exe => No File
FirewallRules: [{AD67E4EB-AF45-4D40-8C99-6E2A0300F9AF}] => (Allow) D:\aplikace a hry co se nevešli na disk C\Steam\Steam.exe => No File
FirewallRules: [TCP Query User{9D1F68EB-90D2-4949-898D-851FB9D0880B}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe] => (Allow) C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe () [File not signed]
FirewallRules: [UDP Query User{FCCB799A-B696-42C9-A7BB-3D0A0CDCDCE3}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe] => (Allow) C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe () [File not signed]
FirewallRules: [{E54AD66D-59F4-40B9-AD37-BC60E9352E7C}] => (Allow) C:\Program Files\PC Remote Receiver\MonectServerService.exe => No File
FirewallRules: [{7FBFC475-89D5-4EF0-9466-BBE928DE4A41}] => (Allow) C:\Program Files\PC Remote Receiver\MonectMediaCenter.exe => No File
FirewallRules: [{244E24A3-988F-4057-BB3B-38F70488080C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{CA222895-7481-4D7B-9261-DE686172B963}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{0F69326C-AE24-4D63-AD3E-0F2014F588C3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{3F3D77CE-9FB1-4477-83DE-7BFA7FA4FD32}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{4B35C754-8C56-4810-90D3-1BAA232FF6CD}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{63D8D8A5-BC4F-4B3F-BE77-BF1CDD97E703}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{07B3A59F-22D6-45A2-95F9-A34807787AB7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{89F8A7AB-D365-493D-9EBD-09A3C4F8A974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F70F12AB-9304-4652-87CF-88A16CFA0AE1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F56E009A-344C-4A59-B27B-EA42C134DA79}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0981ED0A-0B96-45EB-9B7B-7E4F6B60943A}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe => No File
FirewallRules: [{AC72F08E-7EB8-4710-9CD8-559972488EBA}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe => No File
FirewallRules: [{50596591-17A5-4DB5-86F8-1998B5BF5542}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{49A20EF0-A1D4-4438-9E7F-E92755CE7611}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{42A04EB2-29EC-4C03-9DB7-88BA3E534EE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F4F792CF-96CF-4880-9ACF-C3544A55BC05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{2307AD43-1965-4C1A-B4F1-899091BDFBA5}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{EA6A552C-151A-4D08-92F9-0B9AEBCA340B}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.7.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{9AACEDE6-71F1-48F4-9EB1-83E3A2AAECC8}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.7.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{8756067D-A429-4D1E-9514-06BA381CAE21}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.7.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{5FD8AE87-A36D-4B5F-86CA-8EE81E94DDC7}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.7.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{E713138F-A4E6-4390-A9FC-B72F986E973A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D7C8339D-A7A6-45CA-BFF1-21C0F140C02A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42379E65-3B64-4C8F-86E7-6ABA3E148EFB}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\106.0.5249.37\remoting_host.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-09-2022 18:18:13 Installed Intel(R) Wireless Bluetooth(R)
09-10-2022 16:47:25 Installed Chrome Remote Desktop Host

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/09/2022 05:41:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WLANExt.exe, verze: 10.0.19041.1, časové razítko: 0x45c477dd
Název chybujícího modulu: MSVCR110.dll, verze: 11.0.51106.1, časové razítko: 0x5098826e
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003c4e9
ID chybujícího procesu: 0x48c8
Čas spuštění chybující aplikace: 0x01d8dbf5a9ca53ba
Cesta k chybující aplikaci: C:\WINDOWS\system32\WLANExt.exe
Cesta k chybujícímu modulu: C:\Windows\System32\MSVCR110.dll
ID zprávy: 886169cb-b4a1-49ec-9dbd-8ba2d4fc69c6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/09/2022 04:47:32 PM) (Source: MsiInstaller) (EventID: 11500) (User: ASUSSMILESCZ)
Description: Product: Chrome Remote Desktop Host -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (10/09/2022 04:47:29 PM) (Source: MsiInstaller) (EventID: 11500) (User: ASUSSMILESCZ)
Description: Product: Chrome Remote Desktop Host -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (10/05/2022 03:25:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/28/2022 06:55:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/28/2022 06:24:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NVDisplay.Container.exe, verze: 1.37.3103.4323, časové razítko: 0x621dbda6
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1949, časové razítko: 0xd7d07179
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000073084
ID chybujícího procesu: 0x908
Čas spuštění chybující aplikace: 0x01d8cc127e3c580c
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\nvamig.inf_amd64_0c50dc64ed3c91bc\Display.NvContainer\NVDisplay.Container.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 667bbc67-962b-4140-9a85-902dd9d7e737
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/26/2022 06:40:19 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/16/2022 07:20:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (10/09/2022 10:18:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter06.dll
Kód chyby: 258

Error: (10/08/2022 09:00:54 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby mccspsvc s argumenty Není k dispozici za účelem spuštění serveru:
{8F2BC96B-68C5-40E8-9CE1-368E3ACAC09B}

Error: (10/08/2022 09:00:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee CSP Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/08/2022 09:00:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby McAfee CSP Service bylo dosaženo časového limitu (120000 ms).

Error: (10/08/2022 09:00:54 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby mccspsvc s argumenty Není k dispozici za účelem spuštění serveru:
{8F2BC96B-68C5-40E8-9CE1-368E3ACAC09B}

Error: (10/08/2022 09:00:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee CSP Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/08/2022 09:00:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby McAfee CSP Service bylo dosaženo časového limitu (120000 ms).

Error: (10/07/2022 08:01:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
================
Date: 2022-10-09 11:32:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5B0445AD-5916-45AD-A51F-A4B860EF8EAC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-05 15:25:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {57E1C9FF-882E-49C2-A2B0-0FDB09FB179B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-03 18:20:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4856D36D-6CF2-457F-A587-5C180DED17AC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-09-29 19:50:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D061BC66-FA64-46D4-AD29-458469A89E26}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-09-28 18:55:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {594C5B35-7C6A-455E-83B6-A074F2598377}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-08-18 15:13:45
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.373.545.0
Předchozí verze bezpečnostních informací: 1.371.319.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.19500.2
Předchozí verze modulu: 1.1.19400.3
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.

Date: 2022-08-18 15:13:45
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.373.545.0
Předchozí verze bezpečnostních informací: 1.371.319.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.19500.2
Předchozí verze modulu: 1.1.19400.3
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.

Date: 2022-08-18 15:13:45
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.19500.2
Předchozí verze modulu: 1.1.19400.3
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.

Date: 2022-08-18 15:13:42
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.371.319.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19400.3
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

CodeIntegrity:
===============
Date: 2022-10-09 22:18:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a63b95fe6e6a1712\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. FX502VE.302 04/20/2017
Motherboard: ASUSTeK COMPUTER INC. FX502VE
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 82%
Total physical RAM: 8076.84 MB
Available physical RAM: 1386.95 MB
Total Virtual: 17292.84 MB
Available Virtual: 5495.36 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:117.68 GB) (Free:30.58 GB) (Model: HFS128G39TND-N210A) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:572.64 GB) (Model: TOSHIBA MQ01ABD100) NTFS

\\?\Volume{253aff98-f77f-4894-bca0-4c406a2c6e4b}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{cc1becad-6877-4399-9ff1-4c6de613c9eb}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.44 GB) NTFS
\\?\Volume{60b9828f-0aa5-4621-80e3-466178a6dde2}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#2 Příspěvek od JaRon »

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\MountPoints2: {070a03c2-ff1d-11e8-aa1d-107b442d0522} - "E:\autorun.exe"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\MountPoints2: {30b86780-7322-11ec-aabf-f496343e27a3} - "F:\Autorun.exe"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\MountPoints2: {84755c47-74d6-11ec-aac0-f496343e27a3} - "H:\autorun.exe" 
ShortcutTarget: PCRemoteReceiver.lnk -> C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
FirewallRules: [{9091A147-4DDD-4DC0-8DF8-19CA95EA4F91}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D646C87C-7E87-48D3-B475-D43149009BB5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0F845915-4833-4DBF-BA24-7D8D2014A622}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe => No File
FirewallRules: [{44E003DF-BCBD-431A-B0E7-73D00492C1E4}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [{86C02B67-0155-48FF-9CAD-D6BCDAB472A8}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [TCP Query User{4DEF037B-F82C-410F-A65C-2327483D77E3}D:\aplikace a hry co se nevešli na disk c\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [UDP Query User{14197303-E708-4FF7-A87B-2968FBAF7DA8}D:\aplikace a hry co se nevešli na disk c\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [{D1E967D6-8063-4200-883F-36646E81EDE7}] => (Block) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [{97F473AF-7474-4DD9-86B7-C78B4BE711B6}] => (Block) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [{A03454DD-8803-42AD-9E51-70405DD09301}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{95D9B3BB-5E23-4733-AD90-596C12BA18A7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{96449080-DC42-4E00-8137-4628355015BD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{93E1E424-4CF9-4AF3-B3E5-4926E8BA86A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{0E810226-80C0-42EF-83B4-28EFF9B49B5D}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe => No File
FirewallRules: [{9BE83F39-821D-44BE-BBB3-6B3FA229338A}] => (Allow) D:\Download\4ukey-for-android.exe => No File
FirewallRules: [{247648F6-1DEF-4E5A-B838-5B6F1E5466A2}] => (Allow) D:\Download\4ukey-for-android.exe => No File
FirewallRules: [TCP Query User{DE3E31EF-B30B-4D81-9C5A-8BD9762A4555}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{33C60C1E-430C-4D8C-8CC2-DADE791E8F41}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{031D2EDB-C1C7-458B-B1EF-AB1FDE9E915B}] => (Block) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{A0C5C813-D347-4216-94F4-0DDE6C061B86}] => (Block) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [TCP Query User{E7651166-0D7D-4FC4-B035-6D4A31BC076E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FB02C2F7-0D20-4A48-9D90-CB244FE57F20}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [TCP Query User{E7D38AAF-3D89-4651-AB7C-B83AF43F50D1}C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [UDP Query User{CD91AAB9-D4DA-441E-850B-EC98A44E791D}C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [{ED964662-66DE-45A8-8FB5-679127E24FE7}] => (Allow) D:\aplikace a hry co se nevešli na disk C\Steam\Steam.exe => No File
FirewallRules: [{AD67E4EB-AF45-4D40-8C99-6E2A0300F9AF}] => (Allow) D:\aplikace a hry co se nevešli na disk C\Steam\Steam.exe => No File
FirewallRules: [TCP Query User{9D1F68EB-90D2-4949-898D-851FB9D0880B}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe] => (Allow) C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe () [File not signed]
FirewallRules: [UDP Query User{FCCB799A-B696-42C9-A7BB-3D0A0CDCDCE3}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe] => (Allow) C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe () [File not signed]
FirewallRules: [{E54AD66D-59F4-40B9-AD37-BC60E9352E7C}] => (Allow) C:\Program Files\PC Remote Receiver\MonectServerService.exe => No File
FirewallRules: [{7FBFC475-89D5-4EF0-9466-BBE928DE4A41}] => (Allow) C:\Program Files\PC Remote Receiver\MonectMediaCenter.exe => No File
FirewallRules: [{244E24A3-988F-4057-BB3B-38F70488080C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{CA222895-7481-4D7B-9261-DE686172B963}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]


EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
SmilesCZ
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 09 říj 2022 21:51
Bydliště: Olomoucký kraj

Re: Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#3 Příspěvek od SmilesCZ »

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-10-2022 01
Ran by jiras (10-10-2022 11:53:39) Run:1
Running from C:\Users\jiras\OneDrive\Plocha
Loaded Profiles: defaultuser0 & jiras
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\MountPoints2: {070a03c2-ff1d-11e8-aa1d-107b442d0522} - "E:\autorun.exe"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\MountPoints2: {30b86780-7322-11ec-aabf-f496343e27a3} - "F:\Autorun.exe"
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\...\MountPoints2: {84755c47-74d6-11ec-aac0-f496343e27a3} - "H:\autorun.exe"
ShortcutTarget: PCRemoteReceiver.lnk -> C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
FirewallRules: [{9091A147-4DDD-4DC0-8DF8-19CA95EA4F91}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D646C87C-7E87-48D3-B475-D43149009BB5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0F845915-4833-4DBF-BA24-7D8D2014A622}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe => No File
FirewallRules: [{44E003DF-BCBD-431A-B0E7-73D00492C1E4}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [{86C02B67-0155-48FF-9CAD-D6BCDAB472A8}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [TCP Query User{4DEF037B-F82C-410F-A65C-2327483D77E3}D:\aplikace a hry co se nevešli na disk c\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [UDP Query User{14197303-E708-4FF7-A87B-2968FBAF7DA8}D:\aplikace a hry co se nevešli na disk c\gta5.exe] => (Allow) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [{D1E967D6-8063-4200-883F-36646E81EDE7}] => (Block) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [{97F473AF-7474-4DD9-86B7-C78B4BE711B6}] => (Block) D:\aplikace a hry co se nevešli na disk c\gta5.exe => No File
FirewallRules: [{A03454DD-8803-42AD-9E51-70405DD09301}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{95D9B3BB-5E23-4733-AD90-596C12BA18A7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{96449080-DC42-4E00-8137-4628355015BD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{93E1E424-4CF9-4AF3-B3E5-4926E8BA86A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{0E810226-80C0-42EF-83B4-28EFF9B49B5D}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe => No File
FirewallRules: [{9BE83F39-821D-44BE-BBB3-6B3FA229338A}] => (Allow) D:\Download\4ukey-for-android.exe => No File
FirewallRules: [{247648F6-1DEF-4E5A-B838-5B6F1E5466A2}] => (Allow) D:\Download\4ukey-for-android.exe => No File
FirewallRules: [TCP Query User{DE3E31EF-B30B-4D81-9C5A-8BD9762A4555}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{33C60C1E-430C-4D8C-8CC2-DADE791E8F41}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{031D2EDB-C1C7-458B-B1EF-AB1FDE9E915B}] => (Block) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{A0C5C813-D347-4216-94F4-0DDE6C061B86}] => (Block) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [TCP Query User{E7651166-0D7D-4FC4-B035-6D4A31BC076E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FB02C2F7-0D20-4A48-9D90-CB244FE57F20}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [TCP Query User{E7D38AAF-3D89-4651-AB7C-B83AF43F50D1}C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [UDP Query User{CD91AAB9-D4DA-441E-850B-EC98A44E791D}C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [{ED964662-66DE-45A8-8FB5-679127E24FE7}] => (Allow) D:\aplikace a hry co se nevešli na disk C\Steam\Steam.exe => No File
FirewallRules: [{AD67E4EB-AF45-4D40-8C99-6E2A0300F9AF}] => (Allow) D:\aplikace a hry co se nevešli na disk C\Steam\Steam.exe => No File
FirewallRules: [TCP Query User{9D1F68EB-90D2-4949-898D-851FB9D0880B}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe] => (Allow) C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe () [File not signed]
FirewallRules: [UDP Query User{FCCB799A-B696-42C9-A7BB-3D0A0CDCDCE3}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe] => (Allow) C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe () [File not signed]
FirewallRules: [{E54AD66D-59F4-40B9-AD37-BC60E9352E7C}] => (Allow) C:\Program Files\PC Remote Receiver\MonectServerService.exe => No File
FirewallRules: [{7FBFC475-89D5-4EF0-9466-BBE928DE4A41}] => (Allow) C:\Program Files\PC Remote Receiver\MonectMediaCenter.exe => No File
FirewallRules: [{244E24A3-988F-4057-BB3B-38F70488080C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{CA222895-7481-4D7B-9261-DE686172B963}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]


EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{070a03c2-ff1d-11e8-aa1d-107b442d0522} => removed successfully
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30b86780-7322-11ec-aabf-f496343e27a3} => removed successfully
HKU\S-1-5-21-785668672-3562210802-3274318489-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84755c47-74d6-11ec-aac0-f496343e27a3} => removed successfully
"C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe" => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\System\CurrentControlSet\Services\WsDrvInst => removed successfully
WsDrvInst => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9091A147-4DDD-4DC0-8DF8-19CA95EA4F91}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D646C87C-7E87-48D3-B475-D43149009BB5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F845915-4833-4DBF-BA24-7D8D2014A622}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44E003DF-BCBD-431A-B0E7-73D00492C1E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86C02B67-0155-48FF-9CAD-D6BCDAB472A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4DEF037B-F82C-410F-A65C-2327483D77E3}D:\aplikace a hry co se nevešli na disk c\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{14197303-E708-4FF7-A87B-2968FBAF7DA8}D:\aplikace a hry co se nevešli na disk c\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D1E967D6-8063-4200-883F-36646E81EDE7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{97F473AF-7474-4DD9-86B7-C78B4BE711B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A03454DD-8803-42AD-9E51-70405DD09301}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{95D9B3BB-5E23-4733-AD90-596C12BA18A7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96449080-DC42-4E00-8137-4628355015BD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{93E1E424-4CF9-4AF3-B3E5-4926E8BA86A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E810226-80C0-42EF-83B4-28EFF9B49B5D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BE83F39-821D-44BE-BBB3-6B3FA229338A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{247648F6-1DEF-4E5A-B838-5B6F1E5466A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DE3E31EF-B30B-4D81-9C5A-8BD9762A4555}C:\program files\avast software\avast\avastui.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{33C60C1E-430C-4D8C-8CC2-DADE791E8F41}C:\program files\avast software\avast\avastui.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{031D2EDB-C1C7-458B-B1EF-AB1FDE9E915B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0C5C813-D347-4216-94F4-0DDE6C061B86}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E7651166-0D7D-4FC4-B035-6D4A31BC076E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB02C2F7-0D20-4A48-9D90-CB244FE57F20}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E7D38AAF-3D89-4651-AB7C-B83AF43F50D1}C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CD91AAB9-D4DA-441E-850B-EC98A44E791D}C:\users\jiras\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED964662-66DE-45A8-8FB5-679127E24FE7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD67E4EB-AF45-4D40-8C99-6E2A0300F9AF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9D1F68EB-90D2-4949-898D-851FB9D0880B}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FCCB799A-B696-42C9-A7BB-3D0A0CDCDCE3}C:\program files (x86)\ea games\need for speed hot pursuit 2\nfshp2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E54AD66D-59F4-40B9-AD37-BC60E9352E7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FBFC475-89D5-4EF0-9466-BBE928DE4A41}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{244E24A3-988F-4057-BB3B-38F70488080C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA222895-7481-4D7B-9261-DE686172B963}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 2359296 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 372298911 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc *.cache => 418639096 B
Windows/system/drivers => 11483001 B
Edge => 1292576 B
Chrome => 672662836 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 260048 B
NetworkService => 9182804 B
defaultuser0 => 9189972 B
jiras => 33739374 B

RecycleBin => 53645834 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:55:43 ====
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#4 Příspěvek od JaRon »

vycisti PC s ADWCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
SmilesCZ
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 09 říj 2022 21:51
Bydliště: Olomoucký kraj

Re: Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#5 Příspěvek od SmilesCZ »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-10-2022
# Duration: 00:00:01
# OS: Windows 10 (Build 19044.2006)
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\jiras\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Touch VPN - Secure and unlimited VPN proxy - bihmplhobchoageeokmgbdihknkjbknd

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3308 octets] - [10/10/2022 12:08:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#6 Příspěvek od JaRon »

ak nie su problemy, tak hotovo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
SmilesCZ
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 09 říj 2022 21:51
Bydliště: Olomoucký kraj

Re: Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#7 Příspěvek od SmilesCZ »

nic nebylo nalezeno
Přílohy
jedna.JPG
jedna.JPG (65.22 KiB) Zobrazeno 727 x
Nahoru
SmilesCZ
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 09 říj 2022 21:51
Bydliště: Olomoucký kraj

Re: Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#8 Příspěvek od SmilesCZ »

jen asus věci
Přílohy
dva.JPG
dva.JPG (74.71 KiB) Zobrazeno 727 x
Nahoru
SmilesCZ
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 09 říj 2022 21:51
Bydliště: Olomoucký kraj

Re: Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#9 Příspěvek od SmilesCZ »

Pokud je to vše, tak moc děkuji za pomoc! Díky!
Přílohy
tři.JPG
tři.JPG (60.19 KiB) Zobrazeno 727 x
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola logu po útoku rusáků na můj PC, snad už bude vše OK, ukradli mi všechny hesla z PC

#10 Příspěvek od JaRon »

preinstalled su OK
za malo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“