Prosím o konrolu logu - divné chování klávesnice

Zpráva

Ulenius · #1 Příspěvek od **Ulenius** » 27 lis 2022 17:10

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by Ondřej (administrator) on PC_MACA (Gigabyte Technology Co., Ltd. B85M-D3H) (27-11-2022 17:00:22)
Running from C:\Users\Ondřej\Downloads
Loaded Profiles: Ondřej
Platform: Microsoft Windows 10 Home Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <15>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(services.exe ->) (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (SOKNO S.R.L. -> Almico Software (almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-07-31] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2017-12-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148016 2022-11-24] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001\...\Run: [MicrosoftEdgeAutoLaunch_EDAA1C58A242E101A929921455CEB224] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892168 2022-11-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001\...\MountPoints2: {6f8a6b6c-f4c5-11ec-85ec-74d435efd599} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MB5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCF.DLL [30208 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB5000 series: C:\Windows\system32\CNCALCF.DLL [303104 2014-04-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB5000 series: C:\Windows\system32\CNMLMCF.DLL [406016 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): HPDiscoPMB011.dll (No File)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2019-02-21]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.121\Installer\chrmstp.exe [2022-11-24] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C37FEF-3664-436E-BC3C-18E1F6141968} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04CCB4A3-5AB0-4D78-981C-C62E21E36B4B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0877720C-8C6D-4C14-9EAC-8A8FFA5A7736} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0C0EF3AE-36AA-480D-B767-E356182B30AB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1B87E381-B7A2-4222-9BFA-EB67D99CBBC0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1EA98B66-0F8D-445D-9FB8-3D15C06A83E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {327C1A89-6FE3-4ADA-B0A0-3CF62C42E564} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {34A6F930-2DCF-4FD0-84E7-0A565DE18FA5} - System32\Tasks\G2MUpdateTask-S-1-5-21-4267231415-2614256609-1536768060-1001 => C:\Users\Ondřej\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-05-02] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {41B19D62-AC60-4A33-8E4B-E91225F3836A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4597E343-90EC-425B-9049-D021CF5F2B7A} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4E75A05A-C06B-41A0-B34D-8D0CBD25780C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-19] (Google Inc -> Google Inc.)
Task: {4ED50FBB-404B-4B81-AECC-C8F1A1987CCD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {536C1C89-AEBB-4EE9-91E7-F33C1E39167B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {56C6FD42-D3B0-42D9-8594-D22DF1885900} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {69951B1B-CC3C-492F-B274-FCD278A630B4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {758D4989-D487-4992-8EBB-305759CFE006} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {795C6B2B-29A4-45AD-B986-F3C47BF11490} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7A2BD527-C4B9-4C71-905D-4810E56E1BAA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7C23B6FA-FE29-4905-9CC1-03914D280BB1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7C83E4D6-269A-4830-BD60-C25984053A99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-19] (Google Inc -> Google Inc.)
Task: {7D40BC80-D927-43AA-BA04-DC1CD7A6C28A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7E74C3F6-13E2-46BF-AA75-DC856E46E117} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {7F0B1FB2-E6FA-426C-804D-6878E9A35B0F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8308764F-51BA-44BF-BF54-31DD7706E117} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {86A43B18-4AFC-4586-A953-404384923C93} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {86F9FD78-D574-4AD8-9055-903A46CD12CB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9847F978-C4E5-4EAD-AA7C-53D5632A97DE} - System32\Tasks\G2MUploadTask-S-1-5-21-4267231415-2614256609-1536768060-1001 => C:\Users\Ondřej\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-05-02] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A720129D-9EA0-4003-BBC2-18092A48A6B5} - System32\Tasks\Speedfan\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [4841120 2015-02-20] (SOKNO S.R.L. -> Almico Software (almico.com))
Task: {A9F191BF-958D-4FE8-8592-3E695B791FF4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B3E141F9-DF1D-44C5-87C2-38B2A9D2534A} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (No File)
Task: {B583E7A8-401E-4F5C-B085-59B544D344D9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C56889EB-6B71-4005-9F4B-51C9EAEE0A6F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C6C92EC6-730E-4A54-95BF-0525959F0475} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (No File)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {E449B382-97B8-4A88-92A5-98F8C6D0D2F4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E732FE85-39D9-4A2F-85D0-715F9EED5B5C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E826E5BF-8E5E-405C-8D34-B47891660B25} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EBA96EA4-6531-4540-8D7C-6D67002FE2C0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F2234312-1ADE-4DE7-AC6C-6785CF1B95DD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4267231415-2614256609-1536768060-1001.job => C:\Users\Ondřej\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4267231415-2614256609-1536768060-1001.job => C:\Users\Ondřej\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 8.8.8.8 192.168.0.254
Tcpip\..\Interfaces\{fa476eeb-8f94-463f-b34a-325fe46e9ecd}: [DhcpNameServer] 192.168.2.1 8.8.8.8 192.168.0.254
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ondřej\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-27]

FireFox:
========
FF DefaultProfile: s5qsc2cl.default-1403891781314
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314 [2022-11-27]
FF DownloadDir: G:\Download
FF Homepage: Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314 -> hxxp://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314 -> hxxps://www.letgo.cz
FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314\Extensions\jid0-bnmfwWw2w2w4e4edvcdDbnMhdVg@jetpack.xpi [2022-11-14]
FF Extension: (NoScript) - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-11-22]
FF Extension: (No Name) - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-11-23]
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\ezli7y4k.default [2018-08-21]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4267231415-2614256609-1536768060-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ondřej\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS -> Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default [2022-10-20]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-04-30] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1990496 2021-10-29] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-08-25] (GOG Sp. z o.o. -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228848 2022-11-04] (HP Inc. -> HP Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575064 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; E:\RockStar\Launcher\RockstarService.exe [2016208 2022-06-30] (Rockstar Games, Inc. -> Rockstar Games)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13036464 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307064 2015-07-31] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe [441344 2017-01-05] (Wondershare) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices) [File not signed]
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 MpKsl95c9499b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0750C33-F482-4631-A0DD-C60BCBE28801}\MpKslDrv.sys [214280 2022-11-27] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 RTCore64; E:\Programs\afterburner\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2019-08-16] (Famatech Corp. -> Famatech Corp.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-27 17:00 - 2022-11-27 17:01 - 000028371 _____ C:\Users\Ondřej\Downloads\FRST.txt
2022-11-27 17:00 - 2022-11-27 17:00 - 000000000 ____D C:\FRST
2022-11-27 16:59 - 2022-11-27 16:59 - 002375680 _____ (Farbar) C:\Users\Ondřej\Downloads\FRST64.exe
2022-11-27 16:56 - 2022-11-27 16:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Ondřej\Downloads\hijackthis(2).exe
2022-11-27 16:56 - 2022-11-27 16:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Ondřej\Downloads\hijackthis(1).exe
2022-11-24 17:34 - 2022-11-24 17:34 - 000000000 ____D C:\Users\Ondřej\AppData\LocalLow\IronGate
2022-11-23 19:51 - 2022-11-23 19:51 - 000000222 _____ C:\Users\Ondřej\Desktop\Valheim.url
2022-11-21 20:42 - 2022-11-21 20:42 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-11-21 20:42 - 2022-11-21 20:42 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-11-21 20:42 - 2022-11-21 20:42 - 000000000 ____D C:\Program Files\Google
2022-11-19 19:50 - 2022-11-19 19:50 - 000000000 ___HD C:\$WinREAgent
2022-11-19 19:20 - 2022-11-19 19:20 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-11-19 19:20 - 2022-11-19 19:20 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-11-19 19:15 - 2022-11-19 19:15 - 000106531 _____ C:\Users\Ondřej\Downloads\Plán záloh.pdf
2022-11-17 16:24 - 2022-11-17 16:24 - 000000000 ___HD C:\$Windows.~WS
2022-11-17 16:24 - 2022-11-17 16:24 - 000000000 ____D C:\$WINDOWS.~BT
2022-11-17 15:15 - 2022-11-17 15:15 - 000000000 ____D C:\Users\OndYej
2022-11-17 14:46 - 2022-07-14 00:32 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-11-17 14:44 - 2022-11-17 14:45 - 001358596 _____ C:\WINDOWS\Minidump\111722-10859-01.dmp
2022-11-16 19:57 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-16 19:57 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-16 19:57 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-16 19:57 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-16 19:57 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-16 19:57 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-16 19:57 - 2022-08-23 23:25 - 001471984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-16 19:57 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-16 19:57 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-16 19:57 - 2022-08-23 23:25 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 001182704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 000714752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-16 19:57 - 2022-08-23 23:22 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 000052208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 010269696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 008803840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 005362688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 003066864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 002127856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 001607664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 000845312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 000456192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-16 19:57 - 2022-08-23 23:20 - 005735936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-16 19:57 - 2022-08-23 23:20 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-16 19:57 - 2022-08-23 22:57 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-15 19:46 - 2022-11-17 14:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-13 19:32 - 2022-11-13 19:32 - 000608040 _____ C:\Users\Ondřej\Downloads\2926012863-1.pdf
2022-11-13 19:31 - 2022-11-13 19:31 - 000608044 _____ C:\Users\Ondřej\Downloads\2926012863.pdf
2022-11-12 13:27 - 2022-11-12 18:08 - 000000000 ____D C:\Program Files\RUXIM
2022-11-08 20:21 - 2022-11-08 20:21 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-08 20:21 - 2022-11-08 20:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-08 20:21 - 2022-11-08 20:21 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-08 20:21 - 2022-11-08 20:21 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-27 16:57 - 2016-09-05 17:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-27 16:56 - 2022-02-11 17:45 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-27 16:55 - 2021-02-01 23:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-27 16:55 - 2021-02-01 23:07 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-27 16:55 - 2020-03-22 18:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-11-27 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-27 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-27 16:55 - 2019-05-13 17:15 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-27 16:55 - 2016-11-18 10:43 - 000000000 ____D C:\Users\Ondřej\AppData\LocalLow\Mozilla
2022-11-27 16:55 - 2015-04-11 21:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-11-27 16:54 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-27 16:54 - 2015-11-06 17:21 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-27 16:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-11-27 16:35 - 2021-02-01 23:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-27 11:22 - 2021-02-01 23:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-27 11:22 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-27 11:22 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-27 11:22 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-27 10:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-27 10:13 - 2021-02-01 23:15 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{211FF416-9F14-4EAA-AC72-D8EC75DBE629}
2022-11-25 19:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-24 19:41 - 2017-04-19 11:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-24 19:41 - 2017-04-19 11:34 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-23 19:30 - 2020-06-04 07:35 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-23 19:30 - 2020-06-04 07:35 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-20 11:25 - 2020-10-31 10:03 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-20 10:38 - 2022-09-12 20:40 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\com.adobe.dunamis
2022-11-19 19:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-19 19:20 - 2022-10-20 17:10 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2022-11-19 19:20 - 2022-10-20 17:10 - 000067064 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2022-11-19 19:20 - 2021-11-28 23:07 - 002815440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000460240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000243192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000198136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000165368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-11-19 19:18 - 2022-10-14 17:53 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-19 19:18 - 2022-10-14 17:53 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-11-19 19:18 - 2021-02-01 23:15 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-17 16:49 - 2021-02-01 21:20 - 000000000 ___DC C:\WINDOWS\Panther
2022-11-17 16:49 - 2020-10-26 20:07 - 000000000 ____D C:\ESD
2022-11-17 16:23 - 2020-11-29 11:43 - 000000000 ____D C:\Users\Ondřej\Desktop\Petra VŠ
2022-11-17 15:15 - 2019-05-13 17:28 - 000000000 ____D C:\Users\Ondřej\AppData\Local\NVIDIA Corporation
2022-11-17 15:15 - 2015-06-27 18:29 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-11-17 14:46 - 2021-02-01 23:15 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2019-05-13 17:28 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-11-17 14:46 - 2019-05-13 17:15 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-11-17 14:46 - 2017-05-07 21:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-11-17 14:46 - 2017-05-07 21:42 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-11-17 14:45 - 2021-04-30 20:53 - 000000000 ____D C:\WINDOWS\Minidump
2022-11-17 14:44 - 2015-04-14 20:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-17 11:11 - 2020-02-18 19:05 - 000067563 _____ C:\Users\Ondřej\Desktop\Plat_duben2020.xlsx
2022-11-15 19:55 - 2021-09-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-15 18:35 - 2020-06-14 14:25 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\.minecraft
2022-11-14 20:51 - 2022-01-15 11:12 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4267231415-2614256609-1536768060-1001
2022-11-14 20:51 - 2021-02-01 23:15 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4267231415-2614256609-1536768060-1001
2022-11-14 20:51 - 2021-02-01 23:08 - 000002421 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-13 10:01 - 2015-12-27 23:14 - 000000000 ____D C:\Users\Ondřej\AppData\Local\CrashDumps
2022-11-12 12:57 - 2018-02-25 08:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-12 12:46 - 2018-05-13 20:51 - 000000000 ____D C:\Users\Ondřej\AppData\Local\PlaceholderTileLogoFolder
2022-11-12 12:45 - 2021-02-01 23:15 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 12:45 - 2021-02-01 23:15 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 04:21 - 2022-06-07 20:24 - 000316880 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInputRedist.dll
2022-11-11 02:35 - 2022-06-07 20:24 - 000199672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2022-11-10 21:12 - 2017-11-18 11:47 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Packages
2022-11-08 22:49 - 2021-02-01 23:07 - 000580080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-08 20:21 - 2021-02-01 23:07 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-08 20:14 - 2015-07-23 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2022-11-08 20:11 - 2015-04-13 21:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-08 20:09 - 2015-04-13 21:07 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-05 16:23 - 2021-06-02 19:20 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-11-05 16:21 - 2022-03-25 18:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP

==================== Files in the root of some directories ========

2022-04-02 12:30 - 2022-04-02 12:30 - 000006246 _____ () C:\Users\Ondřej\AppData\Local\2240114613
2022-04-22 21:21 - 2022-04-22 21:21 - 000006254 _____ () C:\Users\Ondřej\AppData\Local\2461386307
2021-05-02 13:21 - 2021-05-02 13:21 - 000016930 _____ () C:\Users\Ondřej\AppData\Local\recently-used.xbel
2015-04-17 21:58 - 2020-10-11 21:11 - 000007605 _____ () C:\Users\Ondřej\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#2 Příspěvek od **Rudy** » 27 lis 2022 18:07

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Ulenius · #3 Příspěvek od **Ulenius** » 27 lis 2022 18:11

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-27-2022
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2251)
# Cleaned: 2
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Ondřej\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1624 octets] - [27/11/2022 17:11:04]
AdwCleaner[C00].txt - [1616 octets] - [27/11/2022 17:13:13]
AdwCleaner[S01].txt - [1720 octets] - [27/11/2022 18:10:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

#4 Příspěvek od **Rudy** » 27 lis 2022 18:49

Dejte nové logy FRST+Addition.

Ulenius · #5 Příspěvek od **Ulenius** » 27 lis 2022 19:55

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by Ondřej (administrator) on PC_MACA (Gigabyte Technology Co., Ltd. B85M-D3H) (27-11-2022 19:51:27)
Running from C:\Users\Ondřej\Downloads
Loaded Profiles: Ondřej
Platform: Microsoft Windows 10 Home Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(services.exe ->) (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.10271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.10271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (SOKNO S.R.L. -> Almico Software (almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-07-31] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2017-12-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148016 2022-11-24] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001\...\Run: [MicrosoftEdgeAutoLaunch_EDAA1C58A242E101A929921455CEB224] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892168 2022-11-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001\...\MountPoints2: {6f8a6b6c-f4c5-11ec-85ec-74d435efd599} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MB5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCF.DLL [30208 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB5000 series: C:\Windows\system32\CNCALCF.DLL [303104 2014-04-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB5000 series: C:\Windows\system32\CNMLMCF.DLL [406016 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): HPDiscoPMB011.dll (No File)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2019-02-21]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.121\Installer\chrmstp.exe [2022-11-24] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C37FEF-3664-436E-BC3C-18E1F6141968} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04CCB4A3-5AB0-4D78-981C-C62E21E36B4B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0877720C-8C6D-4C14-9EAC-8A8FFA5A7736} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0C0EF3AE-36AA-480D-B767-E356182B30AB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1B87E381-B7A2-4222-9BFA-EB67D99CBBC0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1EA98B66-0F8D-445D-9FB8-3D15C06A83E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {327C1A89-6FE3-4ADA-B0A0-3CF62C42E564} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {34A6F930-2DCF-4FD0-84E7-0A565DE18FA5} - System32\Tasks\G2MUpdateTask-S-1-5-21-4267231415-2614256609-1536768060-1001 => C:\Users\Ondřej\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-05-02] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {41B19D62-AC60-4A33-8E4B-E91225F3836A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4597E343-90EC-425B-9049-D021CF5F2B7A} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4E75A05A-C06B-41A0-B34D-8D0CBD25780C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-19] (Google Inc -> Google Inc.)
Task: {4ED50FBB-404B-4B81-AECC-C8F1A1987CCD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {536C1C89-AEBB-4EE9-91E7-F33C1E39167B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {56C6FD42-D3B0-42D9-8594-D22DF1885900} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {69951B1B-CC3C-492F-B274-FCD278A630B4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {758D4989-D487-4992-8EBB-305759CFE006} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {795C6B2B-29A4-45AD-B986-F3C47BF11490} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7A2BD527-C4B9-4C71-905D-4810E56E1BAA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7C23B6FA-FE29-4905-9CC1-03914D280BB1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7C83E4D6-269A-4830-BD60-C25984053A99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-19] (Google Inc -> Google Inc.)
Task: {7D40BC80-D927-43AA-BA04-DC1CD7A6C28A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7E74C3F6-13E2-46BF-AA75-DC856E46E117} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {7F0B1FB2-E6FA-426C-804D-6878E9A35B0F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8308764F-51BA-44BF-BF54-31DD7706E117} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {86A43B18-4AFC-4586-A953-404384923C93} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {86F9FD78-D574-4AD8-9055-903A46CD12CB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9847F978-C4E5-4EAD-AA7C-53D5632A97DE} - System32\Tasks\G2MUploadTask-S-1-5-21-4267231415-2614256609-1536768060-1001 => C:\Users\Ondřej\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-05-02] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A720129D-9EA0-4003-BBC2-18092A48A6B5} - System32\Tasks\Speedfan\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [4841120 2015-02-20] (SOKNO S.R.L. -> Almico Software (almico.com))
Task: {A9F191BF-958D-4FE8-8592-3E695B791FF4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B3E141F9-DF1D-44C5-87C2-38B2A9D2534A} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (No File)
Task: {B583E7A8-401E-4F5C-B085-59B544D344D9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C56889EB-6B71-4005-9F4B-51C9EAEE0A6F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C6C92EC6-730E-4A54-95BF-0525959F0475} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (No File)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {E449B382-97B8-4A88-92A5-98F8C6D0D2F4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E732FE85-39D9-4A2F-85D0-715F9EED5B5C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E826E5BF-8E5E-405C-8D34-B47891660B25} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EBA96EA4-6531-4540-8D7C-6D67002FE2C0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F2234312-1ADE-4DE7-AC6C-6785CF1B95DD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4267231415-2614256609-1536768060-1001.job => C:\Users\Ondřej\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4267231415-2614256609-1536768060-1001.job => C:\Users\Ondřej\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 8.8.8.8 192.168.0.254
Tcpip\..\Interfaces\{fa476eeb-8f94-463f-b34a-325fe46e9ecd}: [DhcpNameServer] 192.168.2.1 8.8.8.8 192.168.0.254
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ondřej\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-27]

FireFox:
========
FF DefaultProfile: s5qsc2cl.default-1403891781314
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314 [2022-11-27]
FF DownloadDir: G:\Download
FF Homepage: Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314 -> hxxp://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314 -> hxxps://www.letgo.cz
FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314\Extensions\jid0-bnmfwWw2w2w4e4edvcdDbnMhdVg@jetpack.xpi [2022-11-14]
FF Extension: (NoScript) - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-11-22]
FF Extension: (No Name) - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\s5qsc2cl.default-1403891781314\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-11-23]
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\ezli7y4k.default [2018-08-21]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4267231415-2614256609-1536768060-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ondřej\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS -> Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default [2022-10-20]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-04-30] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1990496 2021-10-29] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-08-25] (GOG Sp. z o.o. -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228848 2022-11-04] (HP Inc. -> HP Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575064 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; E:\RockStar\Launcher\RockstarService.exe [2016208 2022-06-30] (Rockstar Games, Inc. -> Rockstar Games)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13036464 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307064 2015-07-31] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe [441344 2017-01-05] (Wondershare) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices) [File not signed]
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 RTCore64; E:\Programs\afterburner\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2019-08-16] (Famatech Corp. -> Famatech Corp.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-12] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl95c9499b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0750C33-F482-4631-A0DD-C60BCBE28801}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-27 17:10 - 2022-11-27 17:13 - 000000000 ____D C:\AdwCleaner
2022-11-27 17:10 - 2022-11-27 17:10 - 008791352 _____ (Malwarebytes) C:\Users\Ondřej\Downloads\adwcleaner.exe
2022-11-27 17:10 - 2022-11-27 17:10 - 000022438 _____ C:\Users\Ondřej\Downloads\Addition.zip
2022-11-27 17:02 - 2022-11-27 17:10 - 000093848 _____ C:\Users\Ondřej\Downloads\Addition.txt
2022-11-27 17:00 - 2022-11-27 19:52 - 000028732 _____ C:\Users\Ondřej\Downloads\FRST.txt
2022-11-27 17:00 - 2022-11-27 19:51 - 000000000 ____D C:\FRST
2022-11-27 16:59 - 2022-11-27 16:59 - 002375680 _____ (Farbar) C:\Users\Ondřej\Downloads\FRST64.exe
2022-11-27 16:56 - 2022-11-27 16:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Ondřej\Downloads\hijackthis(2).exe
2022-11-27 16:56 - 2022-11-27 16:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Ondřej\Downloads\hijackthis(1).exe
2022-11-24 17:34 - 2022-11-24 17:34 - 000000000 ____D C:\Users\Ondřej\AppData\LocalLow\IronGate
2022-11-23 19:51 - 2022-11-23 19:51 - 000000222 _____ C:\Users\Ondřej\Desktop\Valheim.url
2022-11-21 20:42 - 2022-11-21 20:42 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-11-21 20:42 - 2022-11-21 20:42 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-11-21 20:42 - 2022-11-21 20:42 - 000000000 ____D C:\Program Files\Google
2022-11-19 19:50 - 2022-11-19 19:50 - 000000000 ___HD C:\$WinREAgent
2022-11-19 19:20 - 2022-11-19 19:20 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-11-19 19:20 - 2022-11-19 19:20 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-11-19 19:15 - 2022-11-19 19:15 - 000106531 _____ C:\Users\Ondřej\Downloads\Plán záloh.pdf
2022-11-17 16:24 - 2022-11-17 16:24 - 000000000 ___HD C:\$Windows.~WS
2022-11-17 16:24 - 2022-11-17 16:24 - 000000000 ____D C:\$WINDOWS.~BT
2022-11-17 15:15 - 2022-11-17 15:15 - 000000000 ____D C:\Users\OndYej
2022-11-17 14:46 - 2022-07-14 00:32 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-11-17 14:44 - 2022-11-17 14:45 - 001358596 _____ C:\WINDOWS\Minidump\111722-10859-01.dmp
2022-11-16 19:57 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-16 19:57 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-16 19:57 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-16 19:57 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-16 19:57 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-16 19:57 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-16 19:57 - 2022-08-23 23:25 - 001471984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-16 19:57 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-16 19:57 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-16 19:57 - 2022-08-23 23:25 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 001182704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 000714752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-16 19:57 - 2022-08-23 23:22 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-16 19:57 - 2022-08-23 23:22 - 000052208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 010269696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 008803840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 005362688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 003066864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 002127856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 001607664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 000845312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-16 19:57 - 2022-08-23 23:21 - 000456192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-16 19:57 - 2022-08-23 23:20 - 005735936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-16 19:57 - 2022-08-23 23:20 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-16 19:57 - 2022-08-23 22:57 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-15 19:46 - 2022-11-17 14:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-13 19:32 - 2022-11-13 19:32 - 000608040 _____ C:\Users\Ondřej\Downloads\2926012863-1.pdf
2022-11-13 19:31 - 2022-11-13 19:31 - 000608044 _____ C:\Users\Ondřej\Downloads\2926012863.pdf
2022-11-12 13:27 - 2022-11-12 18:08 - 000000000 ____D C:\Program Files\RUXIM
2022-11-08 20:21 - 2022-11-08 20:21 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-08 20:21 - 2022-11-08 20:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-08 20:21 - 2022-11-08 20:21 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-08 20:21 - 2022-11-08 20:21 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-27 19:50 - 2021-02-01 23:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-27 19:50 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-27 19:47 - 2015-11-06 17:21 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-27 19:41 - 2016-09-05 17:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-27 18:45 - 2016-11-18 10:43 - 000000000 ____D C:\Users\Ondřej\AppData\LocalLow\Mozilla
2022-11-27 18:23 - 2022-02-11 17:45 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-27 18:23 - 2021-02-01 23:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-27 18:23 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-27 18:23 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-27 18:23 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-27 18:22 - 2019-05-13 17:15 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-27 18:17 - 2015-04-11 21:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-11-27 18:16 - 2021-02-01 23:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-27 18:16 - 2021-02-01 23:07 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-27 18:16 - 2020-03-22 18:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-11-27 18:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-27 18:15 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-27 18:11 - 2017-06-29 05:20 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Hewlett-Packard
2022-11-27 18:11 - 2016-02-16 21:56 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-11-27 17:18 - 2015-12-27 23:14 - 000000000 ____D C:\Users\Ondřej\AppData\Local\CrashDumps
2022-11-27 17:15 - 2017-01-28 20:50 - 000000000 ____D C:\Users\Ondřej\AppData\Local\ElevatedDiagnostics
2022-11-27 17:14 - 2021-02-01 23:15 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{211FF416-9F14-4EAA-AC72-D8EC75DBE629}
2022-11-27 16:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-11-27 10:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-25 19:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-24 19:41 - 2017-04-19 11:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-24 19:41 - 2017-04-19 11:34 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-23 19:30 - 2020-06-04 07:35 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-23 19:30 - 2020-06-04 07:35 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-20 11:25 - 2020-10-31 10:03 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-20 10:38 - 2022-09-12 20:40 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\com.adobe.dunamis
2022-11-19 19:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-19 19:20 - 2022-10-20 17:10 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2022-11-19 19:20 - 2022-10-20 17:10 - 000067064 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2022-11-19 19:20 - 2021-11-28 23:07 - 002815440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000460240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000243192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000198136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000165368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-11-19 19:20 - 2021-11-28 23:07 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-11-19 19:18 - 2022-10-14 17:53 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-19 19:18 - 2022-10-14 17:53 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-11-19 19:18 - 2021-02-01 23:15 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-17 16:49 - 2021-02-01 21:20 - 000000000 ___DC C:\WINDOWS\Panther
2022-11-17 16:49 - 2020-10-26 20:07 - 000000000 ____D C:\ESD
2022-11-17 16:23 - 2020-11-29 11:43 - 000000000 ____D C:\Users\Ondřej\Desktop\Petra VŠ
2022-11-17 15:15 - 2019-05-13 17:28 - 000000000 ____D C:\Users\Ondřej\AppData\Local\NVIDIA Corporation
2022-11-17 15:15 - 2015-06-27 18:29 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-11-17 14:46 - 2021-02-01 23:15 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2021-02-01 23:15 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 14:46 - 2019-05-13 17:28 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-11-17 14:46 - 2019-05-13 17:15 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-11-17 14:46 - 2017-05-07 21:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-11-17 14:46 - 2017-05-07 21:42 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-11-17 14:45 - 2021-04-30 20:53 - 000000000 ____D C:\WINDOWS\Minidump
2022-11-17 14:44 - 2015-04-14 20:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-17 11:11 - 2020-02-18 19:05 - 000067563 _____ C:\Users\Ondřej\Desktop\Plat_duben2020.xlsx
2022-11-15 19:55 - 2021-09-07 20:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-15 18:35 - 2020-06-14 14:25 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\.minecraft
2022-11-14 20:51 - 2022-01-15 11:12 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4267231415-2614256609-1536768060-1001
2022-11-14 20:51 - 2021-02-01 23:15 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4267231415-2614256609-1536768060-1001
2022-11-14 20:51 - 2021-02-01 23:08 - 000002421 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-12 12:57 - 2018-02-25 08:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-12 12:46 - 2018-05-13 20:51 - 000000000 ____D C:\Users\Ondřej\AppData\Local\PlaceholderTileLogoFolder
2022-11-12 12:45 - 2021-02-01 23:15 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 12:45 - 2021-02-01 23:15 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 04:21 - 2022-06-07 20:24 - 000316880 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInputRedist.dll
2022-11-11 02:35 - 2022-06-07 20:24 - 000199672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2022-11-10 21:12 - 2017-11-18 11:47 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Packages
2022-11-08 22:49 - 2021-02-01 23:07 - 000580080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-08 22:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-08 20:21 - 2021-02-01 23:07 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-08 20:14 - 2015-07-23 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2022-11-08 20:11 - 2015-04-13 21:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-08 20:09 - 2015-04-13 21:07 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-05 16:23 - 2021-06-02 19:20 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-11-05 16:21 - 2022-03-25 18:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP

==================== Files in the root of some directories ========

2022-04-02 12:30 - 2022-04-02 12:30 - 000006246 _____ () C:\Users\Ondřej\AppData\Local\2240114613
2022-04-22 21:21 - 2022-04-22 21:21 - 000006254 _____ () C:\Users\Ondřej\AppData\Local\2461386307
2021-05-02 13:21 - 2021-05-02 13:21 - 000016930 _____ () C:\Users\Ondřej\AppData\Local\recently-used.xbel
2015-04-17 21:58 - 2020-10-11 21:11 - 000007605 _____ () C:\Users\Ondřej\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#6 Příspěvek od **Rudy** » 27 lis 2022 21:13

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001\...\MountPoints2: {6f8a6b6c-f4c5-11ec-85ec-74d435efd599} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): HPDiscoPMB011.dll (No File)
Task: {0877720C-8C6D-4C14-9EAC-8A8FFA5A7736} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0C0EF3AE-36AA-480D-B767-E356182B30AB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {327C1A89-6FE3-4ADA-B0A0-3CF62C42E564} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {4E75A05A-C06B-41A0-B34D-8D0CBD25780C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-19] (Google Inc -> Google Inc.)
Task: {4ED50FBB-404B-4B81-AECC-C8F1A1987CCD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {69951B1B-CC3C-492F-B274-FCD278A630B4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {795C6B2B-29A4-45AD-B986-F3C47BF11490} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7C23B6FA-FE29-4905-9CC1-03914D280BB1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7C83E4D6-269A-4830-BD60-C25984053A99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-19] (Google Inc -> Google Inc.)
Task: {A9F191BF-958D-4FE8-8592-3E695B791FF4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B3E141F9-DF1D-44C5-87C2-38B2A9D2534A} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (No File)
Task: {C56889EB-6B71-4005-9F4B-51C9EAEE0A6F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C6C92EC6-730E-4A54-95BF-0525959F0475} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (No File)
Task: {E826E5BF-8E5E-405C-8D34-B47891660B25} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EBA96EA4-6531-4540-8D7C-6D67002FE2C0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\Ondřej\AppData\Local\2240114613
C:\Users\Ondřej\AppData\Local\2461386307
CustomCLSID: HKU\S-1-5-21-4267231415-2614256609-1536768060-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Ondřej\AppData\Local\GoToMeeting\18705\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-4267231415-2614256609-1536768060-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Ondřej\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
FirewallRules: [{D05ED369-AE52-484F-94C8-986FBE678CB8}] => (Allow) E:\Games\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{CB6F902B-C9B8-43EC-B035-04B1290074B6}] => (Allow) E:\Games\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{2DE32EB1-8AF0-4F98-81F8-49731FFEE316}] => (Allow) C:\Program Files (x86)\Hotspot Shield\10.11.4\bin\hsscp.exe => No File
FirewallRules: [{B25D7860-9A79-44F3-9002-A4BCA54EE650}] => (Allow) C:\Program Files (x86)\Hotspot Shield\10.11.4\bin\hsscp.exe => No File
FirewallRules: [{024E5040-EB56-4D46-9F70-4EBE1A75CF58}] => (Allow) C:\Program Files (x86)\Hotspot Shield\10.11.4\bin\hsscp.exe => No File
FirewallRules: [{E01DC2AF-4155-4446-B896-D71F3DE93704}] => (Allow) C:\Program Files (x86)\Hotspot Shield\10.11.4\bin\hsscp.exe => No File
FirewallRules: [UDP Query User{9D53ADCA-C12D-44BA-8235-BB0816099719}E:\games\openra\dune2000.exe] => (Allow) E:\games\openra\dune2000.exe => No File
FirewallRules: [TCP Query User{9D237FC9-89C2-4720-B35E-90C029FBA524}E:\games\openra\dune2000.exe] => (Allow) E:\games\openra\dune2000.exe => No File
FirewallRules: [{B9D28F92-CDC9-4EFE-B24E-30F1D19D2527}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{3D420D18-6EBB-4B98-B454-4FB59D695315}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1DE7985F-C8F7-4492-B8B4-5E6FCA734EC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{8657C608-3BA9-4503-9981-FCB29751E35C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{EC74FBE3-14E1-44A5-8BBB-8CACB9673022}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS1478\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{02651D16-A62F-4FC2-A83F-54F74E5B404A}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS1478\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D8B7BCC-70A1-44BA-9E4A-499EAB0F98F4}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS3CFF\HP.EasyStart.exe => No File
FirewallRules: [UDP Query User{12A13DC1-85F5-4D22-8C88-6ACB8F350703}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{ED291A32-7534-4378-9AEF-810B37AE5A05}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [{6277E08D-A81E-4D04-97D3-B3F9E2E6EFF3}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{3896EAF9-8793-4123-8C7E-D46D9CBCD7A8}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [UDP Query User{40ECF48D-4905-4548-B754-1B649DEB2D78}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{8989543C-C7C3-480A-BBED-726A1AFB8582}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [UDP Query User{32DE69B2-1597-439A-8807-5D5B7550B509}G:\openra\redalert.exe] => (Block) G:\openra\redalert.exe => No File
FirewallRules: [TCP Query User{F63A2998-DD39-4266-BDE3-78EE20893726}G:\openra\redalert.exe] => (Block) G:\openra\redalert.exe => No File
FirewallRules: [{8A7D5D5F-D1CD-4332-BDB7-09EAD3E82B68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{568E00C4-2230-49A9-B046-3C381FDC6DBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [UDP Query User{668B3F52-5250-49CA-AD1B-104CE7D92880}G:\openra\redalert.exe] => (Allow) G:\openra\redalert.exe => No File
FirewallRules: [TCP Query User{43FBF8DC-47D4-4B60-A32C-7F50820425D4}G:\openra\redalert.exe] => (Allow) G:\openra\redalert.exe => No File
FirewallRules: [{4F27DE98-BF82-4D9A-BF40-E86ACC5B00AC}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS4141\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{75B177E4-CFCF-4A4A-97E0-F96E7A414C5D}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS4141\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB2EA17F-478B-46B4-BBE2-251E115D2965}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS7B02\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{0B90A02F-FFF2-48C3-94ED-74A091C95BB0}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS7B02\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{E662F0ED-0569-4ED0-B789-A40B9F0B20A6}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS259D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AABF2D1A-09F2-4882-AAAD-DC5E1EC111C6}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS259D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{14E30772-165C-41F1-A24E-6A7DFA1DD18D}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS1074\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EB98F9F-4151-4849-AC88-1DB55533DD04}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS1074\HPDiagnosticCoreUI.exe => No File
FirewallRules: [UDP Query User{C0037907-110B-4A82-BF33-8CDECF27A863}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe => No File
FirewallRules: [TCP Query User{B68F9569-8BEA-4689-8F25-8E74F46EC4E1}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe => No File
FirewallRules: [{D0886375-7455-4BB1-8D10-28AF6F29F7E2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe => No File
FirewallRules: [{C1871025-C426-4D70-8181-AD1559F3CE67}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe => No File
FirewallRules: [{601751A2-309C-462D-85AC-37F991543AB4}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe => No File
FirewallRules: [{FF59E245-A4EA-46A5-8CF0-9C16D87F3149}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe => No File
FirewallRules: [{EE5CBB66-EA40-40C3-994A-78996B384EBB}] => (Block) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe => No File
FirewallRules: [{A953CD17-6CD3-4719-AA3E-BD9711876B09}] => (Block) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe => No File
FirewallRules: [UDP Query User{B318E390-D719-4C3E-AE68-9F82AA92A412}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe => No File
FirewallRules: [TCP Query User{7318A089-85D2-4F08-A78C-5925E5C644FF}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe => No File
FirewallRules: [UDP Query User{423B898E-7C13-4176-A84E-52C2163A690A}F:\programs\utorrent\utorrent.exe] => (Block) F:\programs\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{6F978A95-0AEC-4058-A504-61E92E396C68}F:\programs\utorrent\utorrent.exe] => (Block) F:\programs\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{78345FDA-95D4-4889-8026-6264C6D8CD46}C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe => No File
FirewallRules: [TCP Query User{9BC72191-165E-48CB-963A-4A9547432A1B}C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe => No File
FirewallRules: [{9F083A62-27F5-44DA-86B3-01F271063377}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS0B0C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9C14953E-59FD-4DFC-9CC3-A34009AE791C}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS0B0C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{D0E4A2F2-1BC2-4219-A088-F311F2F03E8C}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS0753\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{78A90A20-0BA2-4551-95BB-8759F3A8F85C}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS0753\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{F33A7660-FBCA-4370-87A8-8ECC1C6DD045}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS030D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{8C87870E-0ED2-4420-9833-CDB7EB228E55}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS030D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{5142DA43-88D4-4221-8744-3C8C80870706}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File
FirewallRules: [{AD1C788F-D7E6-4001-B9D5-BF9BC619BBB3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File
FirewallRules: [{0352037B-C1E5-4272-A7BD-9DBABF071B04}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File
FirewallRules: [{C51CA9FC-C47E-404A-810E-3D9D4F1514AA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File
FirewallRules: [TCP Query User{E7B7FF08-F06F-4A7D-A131-5CEDF0E4C7DC}F:\programs\utorrent\utorrent.exe] => (Allow) F:\programs\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{5A05738E-16FF-4636-8565-9CE31F4C897A}F:\programs\utorrent\utorrent.exe] => (Allow) F:\programs\utorrent\utorrent.exe => No File
FirewallRules: [{8ADEAF48-A1F1-487B-B2F1-7AC41002A1B5}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [{62CEB4CA-221B-41D0-8718-956406385F58}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [TCP Query User{DDE0F64E-6683-4B36-9161-336871B7B063}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe => No File
FirewallRules: [UDP Query User{496DA94F-BC89-4BA1-B954-8C0392AD3363}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe => No File
FirewallRules: [TCP Query User{8C49F893-D5B6-42A5-8154-8C45B36967E4}C:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\games\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{C8C8F646-B5B5-40D7-A840-DAE5A903DB2E}C:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\games\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [TCP Query User{748206B6-2958-43C5-B28C-75BA7A54F0ED}C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe] => (Allow) C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe => No File
FirewallRules: [UDP Query User{EBE56445-7B6E-4910-97A7-FEF03798E355}C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe] => (Allow) C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe => No File
FirewallRules: [TCP Query User{8FB3359C-6E24-4AD5-818F-D3EAB60B5570}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{9FB6FC54-C0C3-4416-868D-4DD88298B1C2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [{338B7FFB-71E2-4EFA-BCA4-C5A8C222F241}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{8F1252D3-3011-4674-BA4D-5A75E2FF4022}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{CE81E23D-005D-40B1-AAD0-064438A06A54}] => (Allow) F:\aktivoffice\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{D6112E1E-4C10-4197-B547-49B27286D99E}] => (Allow) F:\aktivoffice\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{762710D2-E5E3-4B37-BA43-1E0AB196A647}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{3245EE1D-0977-463A-AE1A-EFFEC8E0F352}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{853E9069-1A9E-4A64-A4B0-ED77649A3415}G:\aoe3\age of empires iii\age3.exe] => (Allow) G:\aoe3\age of empires iii\age3.exe => No File
FirewallRules: [UDP Query User{AC27A8E8-FA9F-4322-91DA-1DA0D6C975AE}G:\aoe3\age of empires iii\age3.exe] => (Allow) G:\aoe3\age of empires iii\age3.exe => No File
FirewallRules: [{09E41FA3-2371-4069-A2F9-3B492BBB8D4F}] => (Allow) G:\aoe3\age of empires iii\age3.exe => No File
FirewallRules: [{2F406992-1EEE-4D38-80F8-A25A21CA3C48}] => (Allow) G:\aoe3\age of empires iii\age3.exe => No File
FirewallRules: [{C0DA0060-E5CE-4E12-BF2B-873029FF0C74}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{6E8D1D4E-0178-4541-AC88-DC51A725B2D6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2056C653-A6D8-4A18-BBD0-615F91619858}] => (Allow) E:\Games\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{D8709DD9-41AE-4CD8-BB77-2592290FD143}] => (Allow) E:\Games\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [TCP Query User{42847116-C2F9-4F90-80E8-DC7AA45C1B10}E:\games\epic games\totalwarsagatroy\troy.exe] => (Allow) E:\games\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [UDP Query User{217BB144-0B43-4F33-92CF-E14058E07E58}E:\games\epic games\totalwarsagatroy\troy.exe] => (Allow) E:\games\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [{A581AA71-3AF3-4838-8BB2-02748CA24D7F}] => (Allow) E:\Games\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{D1BB0E92-04AE-4F86-8579-3F5798804292}] => (Allow) E:\Games\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [TCP Query User{ED46BDB8-0A2E-4E32-BB8E-89B645E3CCB0}E:\games\ottd\openttd.exe] => (Allow) E:\games\ottd\openttd.exe => No File
FirewallRules: [UDP Query User{63BD3995-3953-4073-8B48-01A662C96632}E:\games\ottd\openttd.exe] => (Allow) E:\games\ottd\openttd.exe => No File
FirewallRules: [TCP Query User{6BCD41F3-E1C4-4AEA-9BD9-E61B451462E3}E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe => No File
FirewallRules: [UDP Query User{CEAC53EF-0453-4A73-B594-56685C6E57D1}E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe => No File

EmptyTemp:
End

Uložte do C:\Users\Ondřej\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Ulenius · #7 Příspěvek od **Ulenius** » 28 lis 2022 20:00

DObrý den, děkuji.

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by Ondřej (27-11-2022 22:16:15) Run:1
Running from C:\Users\Ondřej\Downloads
Loaded Profiles: Ondřej & Péťa & Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001\...\MountPoints2: {6f8a6b6c-f4c5-11ec-85ec-74d435efd599} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): HPDiscoPMB011.dll (No File)
Task: {0877720C-8C6D-4C14-9EAC-8A8FFA5A7736} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0C0EF3AE-36AA-480D-B767-E356182B30AB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {327C1A89-6FE3-4ADA-B0A0-3CF62C42E564} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {4E75A05A-C06B-41A0-B34D-8D0CBD25780C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-19] (Google Inc -> Google Inc.)
Task: {4ED50FBB-404B-4B81-AECC-C8F1A1987CCD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {69951B1B-CC3C-492F-B274-FCD278A630B4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {795C6B2B-29A4-45AD-B986-F3C47BF11490} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7C23B6FA-FE29-4905-9CC1-03914D280BB1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7C83E4D6-269A-4830-BD60-C25984053A99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-19] (Google Inc -> Google Inc.)
Task: {A9F191BF-958D-4FE8-8592-3E695B791FF4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B3E141F9-DF1D-44C5-87C2-38B2A9D2534A} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (No File)
Task: {C56889EB-6B71-4005-9F4B-51C9EAEE0A6F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C6C92EC6-730E-4A54-95BF-0525959F0475} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (No File)
Task: {E826E5BF-8E5E-405C-8D34-B47891660B25} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EBA96EA4-6531-4540-8D7C-6D67002FE2C0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\Ondřej\AppData\Local\2240114613
C:\Users\Ondřej\AppData\Local\2461386307
CustomCLSID: HKU\S-1-5-21-4267231415-2614256609-1536768060-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Ondřej\AppData\Local\GoToMeeting\18705\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-4267231415-2614256609-1536768060-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Ondřej\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
FirewallRules: [{D05ED369-AE52-484F-94C8-986FBE678CB8}] => (Allow) E:\Games\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{CB6F902B-C9B8-43EC-B035-04B1290074B6}] => (Allow) E:\Games\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{2DE32EB1-8AF0-4F98-81F8-49731FFEE316}] => (Allow) C:\Program Files (x86)\Hotspot Shield\10.11.4\bin\hsscp.exe => No File
FirewallRules: [{B25D7860-9A79-44F3-9002-A4BCA54EE650}] => (Allow) C:\Program Files (x86)\Hotspot Shield\10.11.4\bin\hsscp.exe => No File
FirewallRules: [{024E5040-EB56-4D46-9F70-4EBE1A75CF58}] => (Allow) C:\Program Files (x86)\Hotspot Shield\10.11.4\bin\hsscp.exe => No File
FirewallRules: [{E01DC2AF-4155-4446-B896-D71F3DE93704}] => (Allow) C:\Program Files (x86)\Hotspot Shield\10.11.4\bin\hsscp.exe => No File
FirewallRules: [UDP Query User{9D53ADCA-C12D-44BA-8235-BB0816099719}E:\games\openra\dune2000.exe] => (Allow) E:\games\openra\dune2000.exe => No File
FirewallRules: [TCP Query User{9D237FC9-89C2-4720-B35E-90C029FBA524}E:\games\openra\dune2000.exe] => (Allow) E:\games\openra\dune2000.exe => No File
FirewallRules: [{B9D28F92-CDC9-4EFE-B24E-30F1D19D2527}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{3D420D18-6EBB-4B98-B454-4FB59D695315}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1DE7985F-C8F7-4492-B8B4-5E6FCA734EC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{8657C608-3BA9-4503-9981-FCB29751E35C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{EC74FBE3-14E1-44A5-8BBB-8CACB9673022}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS1478\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{02651D16-A62F-4FC2-A83F-54F74E5B404A}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS1478\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D8B7BCC-70A1-44BA-9E4A-499EAB0F98F4}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS3CFF\HP.EasyStart.exe => No File
FirewallRules: [UDP Query User{12A13DC1-85F5-4D22-8C88-6ACB8F350703}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{ED291A32-7534-4378-9AEF-810B37AE5A05}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [{6277E08D-A81E-4D04-97D3-B3F9E2E6EFF3}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{3896EAF9-8793-4123-8C7E-D46D9CBCD7A8}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [UDP Query User{40ECF48D-4905-4548-B754-1B649DEB2D78}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{8989543C-C7C3-480A-BBED-726A1AFB8582}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [UDP Query User{32DE69B2-1597-439A-8807-5D5B7550B509}G:\openra\redalert.exe] => (Block) G:\openra\redalert.exe => No File
FirewallRules: [TCP Query User{F63A2998-DD39-4266-BDE3-78EE20893726}G:\openra\redalert.exe] => (Block) G:\openra\redalert.exe => No File
FirewallRules: [{8A7D5D5F-D1CD-4332-BDB7-09EAD3E82B68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{568E00C4-2230-49A9-B046-3C381FDC6DBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [UDP Query User{668B3F52-5250-49CA-AD1B-104CE7D92880}G:\openra\redalert.exe] => (Allow) G:\openra\redalert.exe => No File
FirewallRules: [TCP Query User{43FBF8DC-47D4-4B60-A32C-7F50820425D4}G:\openra\redalert.exe] => (Allow) G:\openra\redalert.exe => No File
FirewallRules: [{4F27DE98-BF82-4D9A-BF40-E86ACC5B00AC}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS4141\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{75B177E4-CFCF-4A4A-97E0-F96E7A414C5D}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS4141\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB2EA17F-478B-46B4-BBE2-251E115D2965}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS7B02\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{0B90A02F-FFF2-48C3-94ED-74A091C95BB0}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS7B02\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{E662F0ED-0569-4ED0-B789-A40B9F0B20A6}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS259D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AABF2D1A-09F2-4882-AAAD-DC5E1EC111C6}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS259D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{14E30772-165C-41F1-A24E-6A7DFA1DD18D}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS1074\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EB98F9F-4151-4849-AC88-1DB55533DD04}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS1074\HPDiagnosticCoreUI.exe => No File
FirewallRules: [UDP Query User{C0037907-110B-4A82-BF33-8CDECF27A863}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe => No File
FirewallRules: [TCP Query User{B68F9569-8BEA-4689-8F25-8E74F46EC4E1}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe => No File
FirewallRules: [{D0886375-7455-4BB1-8D10-28AF6F29F7E2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe => No File
FirewallRules: [{C1871025-C426-4D70-8181-AD1559F3CE67}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe => No File
FirewallRules: [{601751A2-309C-462D-85AC-37F991543AB4}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe => No File
FirewallRules: [{FF59E245-A4EA-46A5-8CF0-9C16D87F3149}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe => No File
FirewallRules: [{EE5CBB66-EA40-40C3-994A-78996B384EBB}] => (Block) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe => No File
FirewallRules: [{A953CD17-6CD3-4719-AA3E-BD9711876B09}] => (Block) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe => No File
FirewallRules: [UDP Query User{B318E390-D719-4C3E-AE68-9F82AA92A412}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe => No File
FirewallRules: [TCP Query User{7318A089-85D2-4F08-A78C-5925E5C644FF}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe => No File
FirewallRules: [UDP Query User{423B898E-7C13-4176-A84E-52C2163A690A}F:\programs\utorrent\utorrent.exe] => (Block) F:\programs\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{6F978A95-0AEC-4058-A504-61E92E396C68}F:\programs\utorrent\utorrent.exe] => (Block) F:\programs\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{78345FDA-95D4-4889-8026-6264C6D8CD46}C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe => No File
FirewallRules: [TCP Query User{9BC72191-165E-48CB-963A-4A9547432A1B}C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe => No File
FirewallRules: [{9F083A62-27F5-44DA-86B3-01F271063377}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS0B0C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9C14953E-59FD-4DFC-9CC3-A34009AE791C}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS0B0C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{D0E4A2F2-1BC2-4219-A088-F311F2F03E8C}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS0753\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{78A90A20-0BA2-4551-95BB-8759F3A8F85C}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS0753\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{F33A7660-FBCA-4370-87A8-8ECC1C6DD045}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS030D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{8C87870E-0ED2-4420-9833-CDB7EB228E55}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\7zS030D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{5142DA43-88D4-4221-8744-3C8C80870706}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File
FirewallRules: [{AD1C788F-D7E6-4001-B9D5-BF9BC619BBB3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File
FirewallRules: [{0352037B-C1E5-4272-A7BD-9DBABF071B04}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File
FirewallRules: [{C51CA9FC-C47E-404A-810E-3D9D4F1514AA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File
FirewallRules: [TCP Query User{E7B7FF08-F06F-4A7D-A131-5CEDF0E4C7DC}F:\programs\utorrent\utorrent.exe] => (Allow) F:\programs\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{5A05738E-16FF-4636-8565-9CE31F4C897A}F:\programs\utorrent\utorrent.exe] => (Allow) F:\programs\utorrent\utorrent.exe => No File
FirewallRules: [{8ADEAF48-A1F1-487B-B2F1-7AC41002A1B5}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [{62CEB4CA-221B-41D0-8718-956406385F58}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [TCP Query User{DDE0F64E-6683-4B36-9161-336871B7B063}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe => No File
FirewallRules: [UDP Query User{496DA94F-BC89-4BA1-B954-8C0392AD3363}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe => No File
FirewallRules: [TCP Query User{8C49F893-D5B6-42A5-8154-8C45B36967E4}C:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\games\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{C8C8F646-B5B5-40D7-A840-DAE5A903DB2E}C:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\games\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [TCP Query User{748206B6-2958-43C5-B28C-75BA7A54F0ED}C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe] => (Allow) C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe => No File
FirewallRules: [UDP Query User{EBE56445-7B6E-4910-97A7-FEF03798E355}C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe] => (Allow) C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe => No File
FirewallRules: [TCP Query User{8FB3359C-6E24-4AD5-818F-D3EAB60B5570}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{9FB6FC54-C0C3-4416-868D-4DD88298B1C2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [{338B7FFB-71E2-4EFA-BCA4-C5A8C222F241}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{8F1252D3-3011-4674-BA4D-5A75E2FF4022}] => (Allow) C:\Users\Ondřej\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{CE81E23D-005D-40B1-AAD0-064438A06A54}] => (Allow) F:\aktivoffice\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{D6112E1E-4C10-4197-B547-49B27286D99E}] => (Allow) F:\aktivoffice\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{762710D2-E5E3-4B37-BA43-1E0AB196A647}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{3245EE1D-0977-463A-AE1A-EFFEC8E0F352}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{853E9069-1A9E-4A64-A4B0-ED77649A3415}G:\aoe3\age of empires iii\age3.exe] => (Allow) G:\aoe3\age of empires iii\age3.exe => No File
FirewallRules: [UDP Query User{AC27A8E8-FA9F-4322-91DA-1DA0D6C975AE}G:\aoe3\age of empires iii\age3.exe] => (Allow) G:\aoe3\age of empires iii\age3.exe => No File
FirewallRules: [{09E41FA3-2371-4069-A2F9-3B492BBB8D4F}] => (Allow) G:\aoe3\age of empires iii\age3.exe => No File
FirewallRules: [{2F406992-1EEE-4D38-80F8-A25A21CA3C48}] => (Allow) G:\aoe3\age of empires iii\age3.exe => No File
FirewallRules: [{C0DA0060-E5CE-4E12-BF2B-873029FF0C74}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{6E8D1D4E-0178-4541-AC88-DC51A725B2D6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2056C653-A6D8-4A18-BBD0-615F91619858}] => (Allow) E:\Games\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{D8709DD9-41AE-4CD8-BB77-2592290FD143}] => (Allow) E:\Games\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [TCP Query User{42847116-C2F9-4F90-80E8-DC7AA45C1B10}E:\games\epic games\totalwarsagatroy\troy.exe] => (Allow) E:\games\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [UDP Query User{217BB144-0B43-4F33-92CF-E14058E07E58}E:\games\epic games\totalwarsagatroy\troy.exe] => (Allow) E:\games\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [{A581AA71-3AF3-4838-8BB2-02748CA24D7F}] => (Allow) E:\Games\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{D1BB0E92-04AE-4F86-8579-3F5798804292}] => (Allow) E:\Games\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [TCP Query User{ED46BDB8-0A2E-4E32-BB8E-89B645E3CCB0}E:\games\ottd\openttd.exe] => (Allow) E:\games\ottd\openttd.exe => No File
FirewallRules: [UDP Query User{63BD3995-3953-4073-8B48-01A662C96632}E:\games\ottd\openttd.exe] => (Allow) E:\games\ottd\openttd.exe => No File
FirewallRules: [TCP Query User{6BCD41F3-E1C4-4AEA-9BD9-E61B451462E3}E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe => No File
FirewallRules: [UDP Query User{CEAC53EF-0453-4A73-B594-56685C6E57D1}E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f8a6b6c-f4c5-11ec-85ec-74d435efd599} => removed successfully
HKLM\System\CurrentControlSet\Control\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series) => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0877720C-8C6D-4C14-9EAC-8A8FFA5A7736}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0877720C-8C6D-4C14-9EAC-8A8FFA5A7736}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C0EF3AE-36AA-480D-B767-E356182B30AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0EF3AE-36AA-480D-B767-E356182B30AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{327C1A89-6FE3-4ADA-B0A0-3CF62C42E564}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{327C1A89-6FE3-4ADA-B0A0-3CF62C42E564}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E75A05A-C06B-41A0-B34D-8D0CBD25780C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E75A05A-C06B-41A0-B34D-8D0CBD25780C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4ED50FBB-404B-4B81-AECC-C8F1A1987CCD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ED50FBB-404B-4B81-AECC-C8F1A1987CCD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69951B1B-CC3C-492F-B274-FCD278A630B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69951B1B-CC3C-492F-B274-FCD278A630B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{795C6B2B-29A4-45AD-B986-F3C47BF11490}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{795C6B2B-29A4-45AD-B986-F3C47BF11490}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C23B6FA-FE29-4905-9CC1-03914D280BB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C23B6FA-FE29-4905-9CC1-03914D280BB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7C83E4D6-269A-4830-BD60-C25984053A99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C83E4D6-269A-4830-BD60-C25984053A99}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9F191BF-958D-4FE8-8592-3E695B791FF4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F191BF-958D-4FE8-8592-3E695B791FF4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3E141F9-DF1D-44C5-87C2-38B2A9D2534A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3E141F9-DF1D-44C5-87C2-38B2A9D2534A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\rempl\shell => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\rempl\shell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C56889EB-6B71-4005-9F4B-51C9EAEE0A6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C56889EB-6B71-4005-9F4B-51C9EAEE0A6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6C92EC6-730E-4A54-95BF-0525959F0475}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6C92EC6-730E-4A54-95BF-0525959F0475}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E826E5BF-8E5E-405C-8D34-B47891660B25}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E826E5BF-8E5E-405C-8D34-B47891660B25}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBA96EA4-6531-4540-8D7C-6D67002FE2C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBA96EA4-6531-4540-8D7C-6D67002FE2C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\Users\Ondřej\AppData\Local\2240114613 => moved successfully
C:\Users\Ondřej\AppData\Local\2461386307 => moved successfully
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => removed successfully
HKU\S-1-5-21-4267231415-2614256609-1536768060-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D05ED369-AE52-484F-94C8-986FBE678CB8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB6F902B-C9B8-43EC-B035-04B1290074B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2DE32EB1-8AF0-4F98-81F8-49731FFEE316}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B25D7860-9A79-44F3-9002-A4BCA54EE650}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{024E5040-EB56-4D46-9F70-4EBE1A75CF58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E01DC2AF-4155-4446-B896-D71F3DE93704}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9D53ADCA-C12D-44BA-8235-BB0816099719}E:\games\openra\dune2000.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9D237FC9-89C2-4720-B35E-90C029FBA524}E:\games\openra\dune2000.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9D28F92-CDC9-4EFE-B24E-30F1D19D2527}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D420D18-6EBB-4B98-B454-4FB59D695315}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DE7985F-C8F7-4492-B8B4-5E6FCA734EC8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8657C608-3BA9-4503-9981-FCB29751E35C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC74FBE3-14E1-44A5-8BBB-8CACB9673022}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02651D16-A62F-4FC2-A83F-54F74E5B404A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D8B7BCC-70A1-44BA-9E4A-499EAB0F98F4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{12A13DC1-85F5-4D22-8C88-6ACB8F350703}C:\program files (x86)\origin games\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ED291A32-7534-4378-9AEF-810B37AE5A05}C:\program files (x86)\origin games\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6277E08D-A81E-4D04-97D3-B3F9E2E6EFF3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3896EAF9-8793-4123-8C7E-D46D9CBCD7A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{40ECF48D-4905-4548-B754-1B649DEB2D78}C:\program files (x86)\origin games\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8989543C-C7C3-480A-BBED-726A1AFB8582}C:\program files (x86)\origin games\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{32DE69B2-1597-439A-8807-5D5B7550B509}G:\openra\redalert.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F63A2998-DD39-4266-BDE3-78EE20893726}G:\openra\redalert.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A7D5D5F-D1CD-4332-BDB7-09EAD3E82B68}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{568E00C4-2230-49A9-B046-3C381FDC6DBC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{668B3F52-5250-49CA-AD1B-104CE7D92880}G:\openra\redalert.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{43FBF8DC-47D4-4B60-A32C-7F50820425D4}G:\openra\redalert.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F27DE98-BF82-4D9A-BF40-E86ACC5B00AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75B177E4-CFCF-4A4A-97E0-F96E7A414C5D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB2EA17F-478B-46B4-BBE2-251E115D2965}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B90A02F-FFF2-48C3-94ED-74A091C95BB0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E662F0ED-0569-4ED0-B789-A40B9F0B20A6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AABF2D1A-09F2-4882-AAAD-DC5E1EC111C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14E30772-165C-41F1-A24E-6A7DFA1DD18D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EB98F9F-4151-4849-AC88-1DB55533DD04}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C0037907-110B-4A82-BF33-8CDECF27A863}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B68F9569-8BEA-4689-8F25-8E74F46EC4E1}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman legends\rayman legends.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0886375-7455-4BB1-8D10-28AF6F29F7E2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1871025-C426-4D70-8181-AD1559F3CE67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{601751A2-309C-462D-85AC-37F991543AB4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF59E245-A4EA-46A5-8CF0-9C16D87F3149}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE5CBB66-EA40-40C3-994A-78996B384EBB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A953CD17-6CD3-4719-AA3E-BD9711876B09}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B318E390-D719-4C3E-AE68-9F82AA92A412}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7318A089-85D2-4F08-A78C-5925E5C644FF}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{423B898E-7C13-4176-A84E-52C2163A690A}F:\programs\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6F978A95-0AEC-4058-A504-61E92E396C68}F:\programs\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{78345FDA-95D4-4889-8026-6264C6D8CD46}C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9BC72191-165E-48CB-963A-4A9547432A1B}C:\program files (x86)\gog.com\jagged alliance - deadly games\dosbox\dosbox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F083A62-27F5-44DA-86B3-01F271063377}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C14953E-59FD-4DFC-9CC3-A34009AE791C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0E4A2F2-1BC2-4219-A088-F311F2F03E8C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78A90A20-0BA2-4551-95BB-8759F3A8F85C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F33A7660-FBCA-4370-87A8-8ECC1C6DD045}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C87870E-0ED2-4420-9833-CDB7EB228E55}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5142DA43-88D4-4221-8744-3C8C80870706}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD1C788F-D7E6-4001-B9D5-BF9BC619BBB3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0352037B-C1E5-4272-A7BD-9DBABF071B04}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C51CA9FC-C47E-404A-810E-3D9D4F1514AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E7B7FF08-F06F-4A7D-A131-5CEDF0E4C7DC}F:\programs\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A05738E-16FF-4636-8565-9CE31F4C897A}F:\programs\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8ADEAF48-A1F1-487B-B2F1-7AC41002A1B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62CEB4CA-221B-41D0-8718-956406385F58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DDE0F64E-6683-4B36-9161-336871B7B063}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{496DA94F-BC89-4BA1-B954-8C0392AD3363}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8C49F893-D5B6-42A5-8154-8C45B36967E4}C:\games\wolfenstein the new order\wolfneworder_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C8C8F646-B5B5-40D7-A840-DAE5A903DB2E}C:\games\wolfenstein the new order\wolfneworder_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{748206B6-2958-43C5-B28C-75BA7A54F0ED}C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EBE56445-7B6E-4910-97A7-FEF03798E355}C:\games\wolfenstein the new order\wolfneworder_x64+com_skipintrovideo 1.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8FB3359C-6E24-4AD5-818F-D3EAB60B5570}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9FB6FC54-C0C3-4416-868D-4DD88298B1C2}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{338B7FFB-71E2-4EFA-BCA4-C5A8C222F241}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F1252D3-3011-4674-BA4D-5A75E2FF4022}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE81E23D-005D-40B1-AAD0-064438A06A54}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6112E1E-4C10-4197-B547-49B27286D99E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{762710D2-E5E3-4B37-BA43-1E0AB196A647}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3245EE1D-0977-463A-AE1A-EFFEC8E0F352}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{853E9069-1A9E-4A64-A4B0-ED77649A3415}G:\aoe3\age of empires iii\age3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AC27A8E8-FA9F-4322-91DA-1DA0D6C975AE}G:\aoe3\age of empires iii\age3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{09E41FA3-2371-4069-A2F9-3B492BBB8D4F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F406992-1EEE-4D38-80F8-A25A21CA3C48}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0DA0060-E5CE-4E12-BF2B-873029FF0C74}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E8D1D4E-0178-4541-AC88-DC51A725B2D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2056C653-A6D8-4A18-BBD0-615F91619858}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D8709DD9-41AE-4CD8-BB77-2592290FD143}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{42847116-C2F9-4F90-80E8-DC7AA45C1B10}E:\games\epic games\totalwarsagatroy\troy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{217BB144-0B43-4F33-92CF-E14058E07E58}E:\games\epic games\totalwarsagatroy\troy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A581AA71-3AF3-4838-8BB2-02748CA24D7F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D1BB0E92-04AE-4F86-8579-3F5798804292}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ED46BDB8-0A2E-4E32-BB8E-89B645E3CCB0}E:\games\ottd\openttd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{63BD3995-3953-4073-8B48-01A662C96632}E:\games\ottd\openttd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6BCD41F3-E1C4-4AEA-9BD9-E61B451462E3}E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CEAC53EF-0453-4A73-B594-56685C6E57D1}E:\games\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 366655993 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 446633224 B
Windows/system/drivers => 9587700 B
Edge => 17897141 B
Chrome => 57633755 B
Firefox => 1770472932 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1344578 B
Ondřej => 143729526 B
Péťa => 143747986 B
Administrator => 143764669 B

RecycleBin => 0 B
EmptyTemp: => 2.9 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:32:34 ====

#8 Příspěvek od **Rudy** » 28 lis 2022 21:07

Smazáno. Nastala nějaká změna?

Ulenius · #9 Příspěvek od **Ulenius** » 28 lis 2022 21:37

Zatím to vypadá dobře. Jedna klávesnice ale přestala fungovat úplně, nevím jestli to s tím souviselo. Díky za kontroly!

#10 Příspěvek od **Rudy** » 28 lis 2022 22:01

Možná něco bylo v dočasných souborech. Jinek to byly samé zbytečnosti. Nemáte zač!

VIRY.CZ

Prosím o konrolu logu - divné chování klávesnice

Prosím o konrolu logu - divné chování klávesnice

Re: Prosím o konrolu logu - divné chování klávesnice

Re: Prosím o konrolu logu - divné chování klávesnice

Re: Prosím o konrolu logu - divné chování klávesnice

Re: Prosím o konrolu logu - divné chování klávesnice

Re: Prosím o konrolu logu - divné chování klávesnice

Re: Prosím o konrolu logu - divné chování klávesnice

Re: Prosím o konrolu logu - divné chování klávesnice

Re: Prosím o konrolu logu - divné chování klávesnice

Re: Prosím o konrolu logu - divné chování klávesnice