Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu z FRST

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Star-Lord
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 11 pro 2022 17:47

Kontrola logu z FRST

#1 Příspěvek od Star-Lord »

Zdravím,
mohl bych požádat o kontrolu logu z FRST (x64):

FRST LOG:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2022
Ran by Kevinar (administrator) on KEVINAR-PC (ASUS All Series) (11-12-2022 17:52:41)
Running from C:\Users\Kevinar\Desktop
Loaded Profiles: Kevinar
Platform: Microsoft Windows 11 Pro Version 22H2 22621.900 (X64) Language: Čeština (Česko)
Default browser: Vivaldi
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
(Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(explorer.exe ->) (EnTech Taiwan -> EnTech Taiwan) C:\Soft\Dell Display Manager\ddm.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Soft\Total Commander\TOTALCMD64.EXE
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Soft\Vivaldi\Application\vivaldi.exe <22>
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Soft\Intel Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.25\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.23\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.55\atkexComSvc.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Soft\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Soft\Intel Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Soft\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.765.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Soft\Intel Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1706224 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix WorkSpace 2205\InstallHelper.exe [407472 2022-05-11] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2576488 2022-05-11] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2942936 2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [569816 2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2022-11-30] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [CTxfiHlp] => C:\Windows\SysWOW64\CTXFIHLP.EXE* [35552 2019-05-02] () [File not signed]
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe /background /setautostart (No File)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe /background /setautostart (No File)
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Kevinar\AppData\Local\Microsoft\Teams\Update.exe [2455248 2021-11-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3542536 2022-11-30] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\Run: [Service for Navitel Navigator Update Center] => C:\Soft\Navitel\Navigator Update Center\NavitelUpdaterService.exe [1674928 2022-05-17] (NAVITEL s.r.o. -> )
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\Run: [MicrosoftEdgeAutoLaunch_CA4A7C8AED43A8730C242A3E47BCF447] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3877280 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\Run: [CCleaner Smart Cleaning] => C:\Soft\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\Run: [upjers Home] => C:\Users\Kevinar\AppData\Local\Programs\upjers-playground2\upjers Home.exe [123847848 2022-08-23] (upjers GmbH -> upjers GmbH)
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\MountPoints2: {bbe38052-43f2-11ec-a714-08626627a548} - "I:\setup.exe"
HKU\S-1-5-18\...\Run: [RazerAxon] => C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe [165200 2022-11-24] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3542536 2022-11-30] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2044248 2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{C57B257B-3D92-4AC0-8FE8-7D6FF81AEF73}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Soft\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixWorkspaceBrowser\99.1.1.8\Installer\chrmstp.exe [2022-05-26] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2022-09-29]
ShortcutTarget: Dell Display Manager.lnk -> C:\Soft\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
Startup: C:\Users\Kevinar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SN10066.lnk [2022-02-06]
ShortcutTarget: SN10066.lnk -> C:\Users\Public\EPLAN\Common\SN10066.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {0AED1D1F-2F88-4290-AB8E-62314C48D0C0} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Soft\AI Suite III\Push Notice\PushNotifyServer.exe (No File)
Task: {0C4ED1DC-BC50-4842-9C16-7DE801107717} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DA4C7B7-A3AE-4109-A4DC-1757049BB190} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {136878CF-0169-443A-83AC-566DBD1205A3} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [94208 2022-10-30] (Microsoft Windows -> )
Task: {1BF2C304-BE26-418F-A353-6BC08F02C9EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FC8BB83-6EC3-4F08-B2A6-F58144FA712A} - System32\Tasks\CCleanerSkipUAC - Kevinar => C:\Soft\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {337FED23-2D68-4914-91CD-93FA4FE2BF0E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {39BB3CE7-348B-478F-8543-50EC79B788ED} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {405B7735-DD9B-4B02-98A2-BBCD3528C338} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4673F03F-7FFA-4A6E-B9FE-AC17F7B0FEE7} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3843200 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AB105A7-D3BD-4B66-80DE-EABF5EDDC496} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {723F2833-647A-4C2B-9B31-54828BE1A559} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8833E80B-A7BC-4FE1-AD34-4567F549EBC3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {97F8043E-DFFC-4166-A6BC-894FD1AB9193} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9AB1B87E-529E-4B24-840F-6FB534634A85} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Soft\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe (No File)
Task: {9C919B8E-9762-4900-8A34-B66EE5D7D5A7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E63FBC7-083D-4A44-847A-9C181F224153} - System32\Tasks\GarminUpdaterTask => C:\Soft\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [28048 2022-05-19] (Garmin International, Inc. -> )
Task: {9FCE9426-6D1E-4B50-9131-269FAA409C5E} - System32\Tasks\CCleaner Update => C:\Soft\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {B20B8A28-03A8-4C1A-BA1A-AD1FFED76001} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B9AED401-328C-40E8-B227-FD9A83DB7A44} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF2BC728-91C7-4334-A9A8-3DC9E91A3FDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C54C0F59-261B-4FF2-8CFC-14489731C42C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D049C494-5B86-4F51-BB16-4839D9B6F68E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DA9E558E-2B21-4FC2-B3E8-A3FDAF78EE88} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E13F0DF5-3026-4281-8C48-2FEF32B2A536} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4E3DC4A-C5D7-47DE-B71A-1A86D88B8ED8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F402BBAF-F51E-4CBD-967B-E899A34CC502} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2022-11-30] (Razer USA Ltd. -> Razer Inc.)
Task: {F57F5B29-C256-47D4-94BC-0A62150885E6} - System32\Tasks\CCleanerCrashReporting => C:\Soft\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Soft\CCleaner\LOG" --programpath "C:\Soft\CCleaner" --configpath "C:\Soft\CCleaner\Setup" --guid "c1fa26cd-36f0-4cd3-b88e-79921a94fc43" --version "6.04.10044" --silent
Task: {FBA1B52A-2B5B-4907-A6B1-AE854703381D} - System32\Tasks\VivaldiUpdateCheck-85e3e4d94f081bc6 => C:\Soft\Vivaldi\Application\update_notifier.exe [3426152 2022-12-09] (Vivaldi Technologies AS -> Vivaldi Technologies AS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Soft\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a07ed016-c090-4631-a917-6df161e2a247}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\Kevinar\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-07]
Edge Extension: (uBlock Origin) - C:\Users\Kevinar\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-12-07]
Edge Extension: (smartUp Gestures) - C:\Users\Kevinar\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elponhbfjjjihgeijofonnflefhcbckp [2022-12-04]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Soft\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Soft\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Soft\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Soft\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Soft\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3015848259-4086462040-1337814541-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3015848259-4086462040-1337814541-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3015848259-4086462040-1337814541-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Vivaldi:
=======
VIV Profile: C:\Users\Kevinar\AppData\Local\Vivaldi\User Data\Default [2022-12-11]
VIV Notifications: Default -> hxxps://web.whatsapp.com
VIV HomePage: Default -> vivaldi://startpage
VIV DefaultSearchKeyword: Default -> g
VIV Extension: (Převodník měn PRO) - C:\Users\Kevinar\AppData\Local\Vivaldi\User Data\Default\Extensions\amlcmfdiddkikfmljhdhhookgjmnpedc [2022-04-13]
VIV Extension: (uBlock Origin) - C:\Users\Kevinar\AppData\Local\Vivaldi\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-11-23]
VIV Extension: (Ad Blocker for Facebook™) - C:\Users\Kevinar\AppData\Local\Vivaldi\User Data\Default\Extensions\kinpgphmiekapnpbmobneleaiemkefag [2022-09-15]
VIV Extension: (Video DownloadHelper) - C:\Users\Kevinar\AppData\Local\Vivaldi\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2022-10-13]
VIV Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Kevinar\AppData\Local\Vivaldi\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2022-12-01]
VIV Extension: (AdFly Skipper) - C:\Users\Kevinar\AppData\Local\Vivaldi\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2022-04-13]
VIV Profile: C:\Users\Kevinar\AppData\Local\Vivaldi\User Data\System Profile [2022-05-11]
StartMenuInternet: (HKU\S-1-5-21-3015848259-4086462040-1337814541-1001) Vivaldi.4ECDIV2ULI5WEBU7HAPOUYWBVU - "C:\Soft\Vivaldi\Application\vivaldi.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.55\atkexComSvc.exe [450096 2020-12-29] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.23\aaHMSvc.exe [963536 2016-04-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.25\AsSysCtrlService.exe [1360016 2020-12-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12544456 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [588200 2022-11-30] (Razer USA Ltd. -> Razer Inc.)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [458240 2020-03-12] (Creative Technology Ltd) [File not signed]
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [59824 2022-05-11] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 FoxitReaderUpdateService; C:\Soft\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 IAStorDataMgrSvc; C:\Soft\Intel Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [46416 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Soft\OpenVPN\bin\openvpnserv.exe [64736 2022-05-31] (OpenVPN Inc. -> The OpenVPN Project)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1994664 2022-10-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [485296 2022-11-04] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354192 2022-10-13] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [362760 2022-09-21] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300560 2022-11-29] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-10-24] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249376 2022-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Start11; C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe [251240 2022-10-18] (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137552 2022-12-03] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-09-17] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [34112 2019-07-02] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [35136 2020-05-25] (ASUSTeK Computer Inc. -> )
S3 ASUSstpt; C:\WINDOWS\System32\drivers\ASUSstpt.sys [27392 2013-03-28] (MCCI Corporation -> MCCI Corporation)
S3 ASUSumsc; C:\WINDOWS\System32\drivers\ASUSumsc.sys [151808 2013-03-28] (MCCI Corporation -> MCCI Corporation)
S3 ASUSxpsp; C:\WINDOWS\System32\drivers\ASUSxpsp.sys [28416 2013-03-28] (MCCI Corporation -> MCCI Corporation)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-08-06] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-08-06] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 ctxusbm; C:\WINDOWS\system32\DRIVERS\ctxusbmon.sys [136680 2022-02-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsle69e32d7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2FC38348-6826-4ACB-A817-74C0A3772CB5}\MpKslDrv.sys [214280 2022-12-11] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0099; C:\WINDOWS\System32\drivers\RzDev_0099.sys [56152 2021-06-14] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_025a; C:\WINDOWS\System32\drivers\RzDev_025a.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_025c; C:\WINDOWS\System32\drivers\RzDev_025c.sys [55376 2021-01-21] (Razer USA Ltd. -> Razer Inc)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2022-02-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2020-08-21] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2022-02-06] (WireGuard LLC -> WireGuard LLC)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-03] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-11 17:52 - 2022-12-11 17:53 - 000035928 _____ C:\Users\Kevinar\Desktop\FRST.txt
2022-12-11 17:51 - 2022-12-11 17:53 - 000000000 ____D C:\FRST
2022-12-11 17:49 - 2022-12-11 17:49 - 002375680 _____ (Farbar) C:\Users\Kevinar\Desktop\FRST64.exe
2022-12-11 17:39 - 2022-12-11 17:41 - 000001389 _____ C:\Users\Kevinar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-11 17:39 - 2022-12-11 17:39 - 000000000 ____D C:\Users\Kevinar\AppData\Local\ESET
2022-12-11 16:42 - 2022-12-11 16:42 - 000725742 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-11 16:42 - 2022-12-11 16:42 - 000151030 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-10 13:23 - 2022-12-10 13:23 - 000000000 ____D C:\Users\Kevinar\AppData\Roaming\Goldberg UplayEmu Saves
2022-12-10 12:43 - 2022-12-10 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed Valhalla
2022-12-08 21:31 - 2022-12-06 21:49 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-12-08 21:31 - 2022-12-06 21:49 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-12-08 21:31 - 2022-12-06 21:49 - 001642568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-12-08 21:31 - 2022-12-06 21:49 - 001642568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-12-08 21:31 - 2022-12-06 21:49 - 001487352 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-12-08 21:31 - 2022-12-06 21:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-12-08 21:31 - 2022-12-06 21:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-12-08 21:31 - 2022-12-06 21:49 - 001226744 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-12-08 21:31 - 2022-12-06 21:49 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-12-08 21:31 - 2022-12-06 21:49 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-12-08 21:31 - 2022-12-06 21:44 - 000851448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-12-08 21:31 - 2022-12-06 21:44 - 000672760 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-12-08 21:31 - 2022-12-06 21:44 - 000507408 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-12-08 21:31 - 2022-12-06 21:43 - 002163712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-12-08 21:31 - 2022-12-06 21:43 - 001619432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-12-08 21:31 - 2022-12-06 21:43 - 001532456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-12-08 21:31 - 2022-12-06 21:43 - 001191912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-12-08 21:31 - 2022-12-06 21:43 - 000949784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-12-08 21:31 - 2022-12-06 21:43 - 000738344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-12-08 21:31 - 2022-12-06 21:43 - 000734720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-12-08 21:31 - 2022-12-06 21:42 - 012453400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-12-08 21:31 - 2022-12-06 21:42 - 010220584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-12-08 21:31 - 2022-12-06 21:42 - 005891072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-12-08 21:31 - 2022-12-06 21:42 - 005857328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-12-08 21:31 - 2022-12-06 21:42 - 003334656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-12-08 21:31 - 2022-12-06 21:42 - 000458280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-12-08 21:31 - 2022-12-06 21:41 - 005817880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-12-08 21:31 - 2022-12-06 21:41 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-12-08 21:31 - 2022-12-06 21:39 - 006514432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-12-08 21:31 - 2022-12-06 05:54 - 000100741 _____ C:\WINDOWS\system32\nvinfo.pb
2022-12-06 10:19 - 2022-12-06 10:19 - 000001665 _____ C:\Users\Public\Desktop\QElectroTech.lnk
2022-12-06 10:19 - 2022-12-06 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QElectroTech
2022-12-04 20:21 - 2022-12-04 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2022-12-04 18:34 - 2022-12-04 18:34 - 000000279 _____ C:\Users\Kevinar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
2022-12-04 12:15 - 2022-12-04 12:15 - 000000000 ____D C:\Users\Kevinar\AppData\Local\SquirrelTemp
2022-12-03 13:48 - 2022-12-03 13:48 - 000062816 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-12-03 13:48 - 2022-12-03 13:48 - 000016535 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-03 13:45 - 2022-12-03 13:45 - 000000000 ___HD C:\$WinREAgent
2022-12-02 10:34 - 2022-12-02 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2022-11-14 10:38 - 2022-11-14 10:42 - 000000000 ____D C:\Users\Kevinar\AppData\Roaming\upjers-playground2
2022-11-14 10:38 - 2022-11-14 10:38 - 000002445 _____ C:\Users\Kevinar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\upjers Home.lnk
2022-11-14 10:38 - 2022-11-14 10:38 - 000000000 ____D C:\Users\Kevinar\AppData\Local\upjers-playground2-updater
2022-11-14 10:38 - 2022-11-14 10:38 - 000000000 ____D C:\Users\Kevinar\.playgroundConfig
2022-11-12 21:59 - 2022-09-30 05:24 - 000050720 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ss_conn_usb_driver2.sys
2022-11-12 10:47 - 2022-11-12 10:47 - 000000000 ____D C:\Users\Kevinar\AppData\Local\Yandex

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-11 17:51 - 2022-09-24 11:11 - 000062548 _____ C:\WINDOWS\system32\BMXState-{00000004-00000000-00000001-00001102-00000005-00231102}.rfx
2022-12-11 17:51 - 2022-09-24 11:11 - 000000788 _____ C:\WINDOWS\system32\DVCState-{00000004-00000000-00000001-00001102-00000005-00231102}.rfx
2022-12-11 17:51 - 2021-11-07 15:36 - 000062548 _____ C:\WINDOWS\system32\BMXStateBkp-{00000004-00000000-00000001-00001102-00000005-00231102}.rfx
2022-12-11 17:50 - 2021-11-07 15:37 - 000000000 ____D C:\Users\Kevinar\AppData\Local\D3DSCache
2022-12-11 17:28 - 2022-10-16 17:28 - 000003344 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-11 17:28 - 2022-10-16 17:28 - 000000688 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-11 16:49 - 2022-07-29 21:18 - 000000000 ____D C:\Program Files\Cheat Engine 7.4
2022-12-11 16:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-12-11 16:42 - 2022-09-24 11:19 - 001719892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-11 16:42 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2022-12-11 16:36 - 2022-09-24 11:14 - 000003972 _____ C:\WINDOWS\system32\Tasks\RazerCortexScheduleClean
2022-12-11 16:36 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-11 16:35 - 2022-09-24 11:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-11 16:35 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-11 16:35 - 2021-11-07 18:08 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-11 16:35 - 2021-11-07 15:31 - 000012288 ___SH C:\DumpStack.log.tmp
2022-12-11 14:20 - 2022-05-07 06:17 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-12-11 10:06 - 2022-09-24 11:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-11 00:04 - 2021-11-07 19:57 - 000000000 ____D C:\Users\Kevinar\AppData\Roaming\MusicBee
2022-12-10 22:58 - 2022-05-30 19:12 - 000000000 ____D C:\Users\Kevinar\AppData\Roaming\Mp3tag
2022-12-10 21:45 - 2022-03-20 07:36 - 000000527 _____ C:\Users\Kevinar\.vivaldi_reporting_data
2022-12-10 14:52 - 2021-11-13 10:06 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-10 13:21 - 2022-08-18 19:38 - 000000000 ____D C:\Users\Kevinar\AppData\Roaming\EMPRESS
2022-12-10 12:25 - 2021-11-08 18:26 - 000000000 ____D C:\Games
2022-12-10 10:21 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-10 10:21 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-10 10:21 - 2021-11-07 15:31 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-10 10:17 - 2022-02-23 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-12-10 10:15 - 2022-02-23 15:55 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-12-09 22:41 - 2022-09-24 11:00 - 000000000 ____D C:\Users\Kevinar
2022-12-09 22:25 - 2022-01-05 19:44 - 000000000 ____D C:\Users\Kevinar\AppData\Local\CrashDumps
2022-12-09 21:01 - 2021-11-07 18:09 - 000000000 ____D C:\Users\Kevinar\AppData\Local\NVIDIA
2022-12-09 16:54 - 2022-04-13 19:00 - 000001975 _____ C:\Users\Kevinar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2022-12-09 14:32 - 2021-11-07 15:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-08 11:42 - 2021-11-07 16:38 - 000000000 ____D C:\Soft
2022-12-08 11:41 - 2021-11-07 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2022-12-07 09:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-12-07 09:23 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-06 21:39 - 2022-08-10 16:53 - 007645944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-12-05 13:08 - 2021-11-08 18:02 - 000000000 ____D C:\Users\Kevinar\AppData\Roaming\spek
2022-12-04 17:28 - 2022-04-11 18:46 - 000000775 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2022-12-04 17:28 - 2022-04-11 18:46 - 000000000 ____D C:\Users\Kevinar\AppData\Roaming\Notepad++
2022-12-04 13:23 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-04 13:23 - 2021-11-07 15:37 - 000000000 ____D C:\Users\Kevinar\AppData\Local\Packages
2022-12-04 13:23 - 2021-11-07 15:37 - 000000000 ____D C:\ProgramData\Packages
2022-12-03 19:45 - 2022-09-24 11:07 - 000538944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-03 19:44 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-12-03 19:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-03 13:48 - 2022-09-24 11:09 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-02 10:35 - 2022-07-08 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch
2022-12-02 10:34 - 2022-10-21 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Axon
2022-12-02 10:34 - 2022-04-24 15:01 - 000000000 ____D C:\Program Files (x86)\Brother
2022-12-01 11:57 - 2022-02-23 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2022-12-01 11:57 - 2022-02-23 15:56 - 000000000 ____D C:\Users\Kevinar\AppData\Local\Razer
2022-11-12 22:05 - 2021-11-07 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-12 21:59 - 2021-11-07 15:39 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-12 09:36 - 2022-09-24 11:14 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 09:36 - 2022-09-24 11:14 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2021-12-20 16:40 - 2021-12-20 16:40 - 000000600 _____ () C:\Users\Kevinar\AppData\Roaming\winscp.rnd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

ADDITION Log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022
Ran by Kevinar (11-12-2022 17:53:58)
Running from C:\Users\Kevinar\Desktop
Microsoft Windows 11 Pro Version 22H2 22621.900 (X64) (2022-09-24 10:14:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3015848259-4086462040-1337814541-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3015848259-4086462040-1337814541-503 - Limited - Disabled)
Guest (S-1-5-21-3015848259-4086462040-1337814541-501 - Limited - Disabled)
Kevinar (S-1-5-21-3015848259-4086462040-1337814541-1001 - Administrator - Enabled) => C:\Users\Kevinar
WDAGUtilityAccount (S-1-5-21-3015848259-4086462040-1337814541-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
A Plague Tale: Requiem - Protector’s Pack DLC (HKLM-x32\...\2127449931_is1) (Version: 20221017_1052 - GOG.com)
A Plague Tale: Requiem (HKLM-x32\...\1552771812_is1) (Version: 20221017_1052 - GOG.com)
ANT Drivers Installer x64 (HKLM\...\{209ECC4B-2A73-48FD-80C9-CDFFA9CA528D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Assassins Creed Valhalla (HKLM-x32\...\Assassins Creed Valhalla_is1) (Version: - )
Batman Arkham City GOTY (HKLM-x32\...\1260066469_is1) (Version: 1.1 - GOG.com)
Brother Printer Driver (HKLM-x32\...\{1F48890F-9223-42F1-BEC9-FE843E9D8BE0}) (Version: 2.3.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Setting Tool (HKLM-x32\...\{8DA2E2DC-C572-4F87-89FC-833DB588CC7B}) (Version: 1.6.0101 - Brother Industries, Ltd.)
Brother P-touch Editor 5.4 (HKLM-x32\...\{3D6B8787-51B7-45F3-B730-79875DA88764}) (Version: 5.4.0070 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{B50CA65E-A17A-490D-9BD2-03EDD3D65A27}) (Version: 1.0.0220 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.04 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.01075 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{F4C97B53-97C8-43B6-A6A1-97CE0286BAE0}) (Version: 4.10.01075 - Cisco Systems, Inc.) Hidden
Citrix Authentication Manager (HKLM-x32\...\{D030A1D6-B157-4B00-AEDA-D72803B634DD}) (Version: 22.5.1.2 - Citrix Systems, Inc.) Hidden
Citrix Screen Casting for Windows (HKLM-x32\...\{C27CC1CD-BDF6-4DB7-9F01-EA0F4A2D4CAB}) (Version: 19.11.100.52 - Citrix Systems, Inc) Hidden
Citrix Web Helper (HKLM-x32\...\{4D8E6FCE-2406-4240-AAE2-602E1C32B737}) (Version: 22.5.0.11 - Citrix Systems, Inc.) Hidden
Citrix Workspace 2205 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 22.5.0.18 - Citrix Systems, Inc.)
Citrix Workspace Inside (HKLM-x32\...\{0417C304-905A-46BB-939B-7B4D6C690237}) (Version: 22.5.0.4 - Citrix Systems, Inc.) Hidden
Citrix Workspace(DV) (HKLM-x32\...\{464CFB17-62F4-46D1-90DF-B2D2B33983BD}) (Version: 22.4.0.18 - Citrix Systems, Inc.) Hidden
Citrix Workspace(USB) (HKLM-x32\...\{757AC777-7112-447E-BF8C-102C292024AC}) (Version: 22.4.0.18 - Citrix Systems, Inc.) Hidden
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
CrystalDiskInfo 8.13.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.13.2 - Crystal Dew World)
Data Lifeguard Diagnostic version 1.37 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: 1.56.2109 - EnTech Taiwan)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
Elevated Installer (HKLM-x32\...\{3213DBEF-7413-4CC2-A3EA-2FB78177482B}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
FastStone Image Viewer 7.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.7 - FastStone Corporation)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.0.1.12430 - Foxit Software Inc.)
Garmin Express (HKLM-x32\...\{dfe973c2-d1c7-4563-8c84-595f13f8792d}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{FDE5F9F5-0C9B-4A7A-811B-C7E32195CC2B}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Intel(R) Chipset Device Software (HKLM\...\{5CA7FC9B-8508-4494-B365-6FBCBAEB8E89}) (Version: 10.0.27 - Intel Corporation) Hidden
Intel(R) Network Connections 20.1.2019.0 (HKLM\...\{3E64A1AF-7250-4BA7-A149-8EF830B3847D}) (Version: 20.1.2019.0 - Intel) Hidden
Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{205AE40D-8AD7-4F29-A430-DD2168DA562D}) (Version: 14.5.0.1081 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.15831.20190 - Microsoft Corporation)
Microsoft Access database engine 2016 (English) (HKLM-x32\...\{90160000-00D1-0409-0000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\Teams) (Version: 1.4.00.22976 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Mp3tag v3.18f (HKLM\...\Mp3tag) (Version: 3.18f - Florian Heidenreich)
MusicBee 3.4.8033 (HKLM-x32\...\MusicBee) (Version: 3.4.8033 - Steven Mayall)
Navitel DVR Player (HKLM-x32\...\Navitel DVR Player) (Version: 1.3.12.856 - Navitel s.r.o)
Navitel Navigator update center (HKLM-x32\...\Navitel Navigator update center) (Version: 2.4.0.58 - Center of Navigation Technologies)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.7 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{3CBF83F7-233C-49CB-8D06-37DB86FC20AF}) (Version: 22.4.0.18 - Citrix Systems, Inc.) Hidden
OpenVPN 2.5.7-I602 amd64 (HKLM\...\{C57B257B-3D92-4AC0-8FE8-7D6FF81AEF73}) (Version: 2.5.036 - OpenVPN, Inc.)
paint.net (HKLM\...\{E91052A0-E7C9-4462-B7B5-2C7279F7203B}) (Version: 4.3.12 - dotPDN LLC)
PDF-XChange Editor (HKLM\...\{D7DBC941-C042-4276-93C9-A91B373AF0D8}) (Version: 9.0.351.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{604944cd-f303-4436-bc7b-7a538b64c872}) (Version: 9.0.351.0 - Tracker Software Products (Canada) Ltd.)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 221102 - Kakao Corp.)
qBittorrent 4.4.3.1 (HKLM-x32\...\qBittorrent) (Version: 4.4.3.1 - The qBittorrent project)
QElectroTech (remove only) (HKLM-x32\...\QElectroTech) (Version: - )
Raspberry Pi Imager (HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\Raspberry Pi Imager) (Version: 1.7.2 - Raspberry Pi Ltd)
Razer Axon (HKLM\...\Razer Axon_is1) (Version: 1.0.25.0 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 10.4.7.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.1208.113014 - Razer Inc.)
Revo Uninstaller Pro 5.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.0.8 - VS Revo Group, Ltd.)
Self-service Plug-in (HKLM-x32\...\{E70D83C7-CFA4-4F4D-8D3B-4E0F2EF277A6}) (Version: 22.5.0.11 - Citrix Systems, Inc.) Hidden
Sound Blaster X-Fi (HKLM-x32\...\{0282C872-4B44-444B-9818-54FBD7D50ECD}) (Version: 1.0 - Creative Technology Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
Stardock Start11 (HKLM-x32\...\Stardock Start11) (Version: 1.31 - Stardock Software, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.22976 - Microsoft Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
upjers Home 2.1.104 (HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\e2446448-09eb-5b1b-84b1-6746557362e3) (Version: 2.1.104 - upjers GmbH)
Vivaldi (HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\Vivaldi) (Version: 5.6.2867.40 - Vivaldi LLC)
Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)

Packages:
=========
Mp3tag -> C:\Soft\Mp3tag [2022-12-04] (0)
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-09-27] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-11-13] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-09-24] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-12-03] (ms-resource:ProductPublisherDisplayName)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-08] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Kevinar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{40006D17-3B2D-4D1F-B486-7346981A1E13}\localserver32 -> C:\Soft\Vivaldi\Application\5.6.2867.40\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
CustomCLSID: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
CustomCLSID: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{d93ed569-3b3e-4bff-8355-3c44f6a52bb5}\InprocServer32 -> => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Soft\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Soft\Notepad++\NppShell_06.dll [2022-09-25] (Notepad++ -> )
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Soft\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Soft\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Soft\Revo Uninstaller\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-10-24 06:03 - 2022-08-09 04:52 - 001427968 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2021-11-07 17:09 - 2015-06-05 12:00 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.23\ASACPI.DLL
2022-09-24 11:40 - 2020-12-29 02:22 - 000092584 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.55\AsIO.dll
2022-09-24 11:40 - 2022-12-11 16:35 - 000035624 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.55\PEbiosinterface32.dll
2021-10-01 01:19 - 2021-10-01 01:19 - 002548736 _____ (Citrix Systems, Inc.) [File not signed] C:\Program Files (x86)\Citrix\ICA Client\sslsdk_b.dll
2021-11-07 18:42 - 2008-08-07 14:20 - 000069632 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\CTAudSeu.dll
2021-11-07 18:42 - 2009-10-21 17:36 - 000163840 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\ShareDLL\CADI\ctcadi.dll
2021-11-07 18:42 - 2009-03-18 16:00 - 000151552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll
2021-11-07 18:42 - 2013-05-06 14:47 - 000573440 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTRice.dll
2021-11-07 18:42 - 2020-03-05 05:08 - 000565248 ____N (Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\CTAudEp.dll
2021-11-07 18:42 - 2008-08-07 14:20 - 000069632 ____N (Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\CTAudSeu.dll
2021-11-07 18:42 - 2005-01-06 17:26 - 000053248 ____N (Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\CTIniFu.dll
2021-11-07 18:42 - 2007-03-07 14:07 - 000176128 ____N (Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\CTThemeU.dll
2021-11-07 18:42 - 2006-03-31 17:26 - 000335872 ____N (Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\GDICtrl.sku
2021-11-07 18:42 - 2007-03-07 14:56 - 000151552 ____N (Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\GDICtrl2.sku
2021-11-07 18:42 - 2006-05-04 17:11 - 000110592 ____N (Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\GDICtrl3.sku
2021-11-07 18:42 - 2006-03-28 16:21 - 000114757 ____N (Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\RtxCtrl.sku
2021-11-07 18:42 - 2008-12-29 11:25 - 000077824 ____N (Creative Technology Ltd) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\VolPanel.crl
2021-11-07 18:42 - 2007-12-13 17:36 - 000077824 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll
2021-11-07 18:42 - 2007-05-04 15:27 - 000233472 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\OSD\PanelSvc.dll
2021-11-07 18:42 - 2005-11-23 10:28 - 000040960 ____N (Creative Technology Ltd.) [File not signed] C:\Soft\Creative Sound Blaster X-Fi\Volume Panel\CtrlSrcU.dll
2022-10-21 20:21 - 2022-07-15 15:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Soft\7-Zip\7-zip.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Soft\Intel Rapid Storage Technology\PsiData.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Soft\Intel Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2022-04-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\cezdata.corp -> hxxps://citrix.cezdata.corp
IE trusted site: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\sharepoint.com -> hxxps://martiaul-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\Control Panel\Desktop\\Wallpaper -> d:\pictures\wallpappers\cosmic\cropped-1920-1080-594607.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "CORSAIR iCUE 4 Software"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "InstallHelper"
HKLM\...\StartupApproved\Run32: => "AnalyticsSrv"
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_CA4A7C8AED43A8730C242A3E47BCF447"
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\StartupApproved\Run: => "Service for Navitel Navigator Update Center"
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\StartupApproved\Run: => "upjers Home"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{132C3959-3F9B-4FC1-8E3C-851E30DE96E5}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.685.0_x64__cw5n1h2txyewy\dashboard\widgets.exe => No File
FirewallRules: [{228CB3C7-5DD9-4AC8-979C-D376F13FA242}] => (Allow) C:\program files\microsoft office\root\office16\msoadfsb.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{631D3994-4FC0-45A1-8F88-AC3DFB7B0407}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2207.7-0\msmpeng.exe => No File
FirewallRules: [{BF57F751-7D50-4EDF-9DAA-C84D0BF6DC77}] => (Allow) C:\program files (x86)\razer\razer services\razer central\cefsharp.browsersubprocess.exe (Razer USA Ltd. -> The CefSharp Authors)
FirewallRules: [{567E02EA-764D-474D-B3F9-F82E3BD8CB12}] => (Allow) C:\soft\garmin\express selfupdater\esu.exe (Garmin International, Inc. -> )
FirewallRules: [{FCC054D3-C3C1-407B-BCA5-BC54B1EFE7B6}] => (Allow) C:\soft\garmin\express\cefsharp.browsersubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{809D8AD6-D478-4EF0-84B5-62A6A46FBF0D}] => (Allow) C:\soft\garmin\express\express.exe (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
FirewallRules: [{AF0AF809-1666-4141-8540-AF5CB465DAAB}] => (Allow) C:\program files\microsoft office\root\office16\powerpnt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{08838887-46CF-40E1-A63D-549D340A1BA5}] => (Allow) C:\soft\foxit pdf reader\foxitupdater.exe (FOXIT SOFTWARE INC. -> Foxit Corporation)
FirewallRules: [{4A131993-0DA7-42B6-98E6-550BA9147E49}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2205.7-0\mpcmdrun.exe => No File
FirewallRules: [UDP Query User{768CAECA-8F51-4A35-B285-40892E69DF39}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{25301F54-4FB9-4A9D-87D9-05A26E1A7B20}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [{DB056C7E-0FEF-439C-B503-C388666F00E1}] => (Allow) C:\program files (x86)\razer\razer cortex\razercortex.installbigdata.exe (Razer USA Ltd. -> Razer)
FirewallRules: [{19BB0ED8-9AE9-43EE-AC19-D176BFEA6B0B}] => (Allow) E:\downloads\software\rufus\rufus (v3.20).exe (Akeo Consulting -> Akeo Consulting)
FirewallRules: [{9E307D62-1B06-4327-9126-DEED602A9521}] => (Allow) C:\windows\system32\driverstore\filerepository\nv_dispi.inf_amd64_47917a79b8c7fd22\display.nvcontainer\nvdisplay.container.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{ED11E471-0EA1-45C5-9C12-4BE454193DFA}] => (Allow) C:\users\kevinar\appdata\roaming\youtube-dlg\youtube-dl.exe () [File not signed]
FirewallRules: [{D76DB994-70B5-47C2-9F2C-9DD982D86D9B}] => (Allow) C:\program files\cheat engine 7.4\cheatengine-x86_64-sse4-avx2.exe (Cheat Engine -> Cheat Engine)
FirewallRules: [{ADA3776A-B83D-44E2-B860-D421F2B01077}] => (Allow) C:\windows\system32\wbem\wmiprvse.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF338B94-E2B5-4A85-A955-B2236768E83B}] => (Allow) E:\downloads\software\rufus\rufus (v3.19).exe (Akeo Consulting -> Akeo Consulting)
FirewallRules: [{D179B80B-76AC-4193-B282-BDF2F97BEED5}] => (Allow) \device\harddiskvolume3\users\kevinar\appdata\local\temp\is-ohgqn.tmp\countinstallation.exe => No File
FirewallRules: [{1F52C1E3-CAC5-4BEB-BA9D-E45FF0264C79}] => (Allow) C:\soft\brother\ptedit54\bfloggerc.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{3F01C655-6F8D-4857-8BC8-F429D8DAF220}] => (Allow) C:\soft\brother\ptedit54\ptedit54.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{9821BA66-0F16-46C0-B456-8C98D5ED9C28}] => (Allow) C:\program files (x86)\brother\ptupdate\ptupdater.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{066B0975-8784-468D-BED8-05F3150FFCCD}] => (Allow) C:\soft\ccleaner\ccupdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{116566BB-F335-49FF-891A-B19F2BEF1A80}] => (Allow) C:\soft\ccleaner\ccleaner64.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{27BF974A-1C4A-4AB3-8530-B01A597D79CE}] => (Allow) E:\downloads\software\ccleaner\ccsetup601.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{90ACD58F-FBE9-4484-943A-2DF150E5D349}] => (Allow) E:\downloads\software\potplayer\potplayer (v220706_x64).exe (Kakao corp. -> Kakao)
FirewallRules: [{D1E903D6-4A25-4845-B790-AF4DD1BB3922}] => (Allow) C:\soft\total commander\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{1821F025-86D0-406A-9A7D-46C2E0DB409F}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2205.7-0\msmpeng.exe => No File
FirewallRules: [{86392CD4-9A5D-407D-99C7-AE205E12880F}] => (Allow) C:\windows\system32\mrt.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E373A901-266E-4D8D-B6FD-F42F807177FE}] => (Allow) C:\windows\system32\wuauclt.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D4AA4061-7210-496B-9198-8BB5C5835AE6}] => (Allow) C:\program files (x86)\citrix\ica client\wfcrun32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{61C4EA0F-4C9C-471A-99B9-AE95AA513083}] => (Allow) C:\soft\spek\spek.exe () [File not signed]
FirewallRules: [{B710E1EB-0836-4F97-BC36-E437EB75780F}] => (Allow) C:\program files (x86)\razer\razer services\gms3\gamemanagerservice3.exe (Razer USA Ltd. -> Razer Inc)
FirewallRules: [{481D57B3-4A32-4D3F-80A7-615A67CCD9A7}] => (Allow) C:\soft\mp3tag\mp3tag.exe (Florian Heidenreich -> Florian Heidenreich)
FirewallRules: [{1A493F0C-57EF-47C8-A3E2-9E7BE52A8888}] => (Allow) C:\program files (x86)\stardock\start11\sddisplay.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation)
FirewallRules: [{6BEF297A-1D31-4F8B-BB7E-D738830E0236}] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A42386A3-9999-4957-B76C-DE9968F7F644}] => (Allow) C:\windows\system32\apphostregistrationverifier.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F2993E2E-CC35-4445-ABD1-0FF6C7E1B340}] => (Allow) C:\users\kevinar\appdata\roaming\foxit software\addon\foxit pdf reader\foxitpdfreaderupdater.exe (FOXIT SOFTWARE INC. -> Foxit Corporation)
FirewallRules: [{7D6B912D-E28A-41A5-AEF0-2AAFD6030EF8}] => (Allow) C:\windows\uus\amd64\mousocoreworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F8C5976A-EE2F-48EF-992D-F755666B2360}] => (Allow) C:\Soft\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{7BB88C08-23A5-4D47-8DAD-7E40C17EA37D}] => (Allow) C:\Soft\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{6EF925C6-2184-4D08-A8E9-CC9BA0B64A8E}] => (Allow) C:\Program Files (x86)\Citrix\ICA Client\CitrixWorkspaceBrowser\CitrixWorkspaceBrowser.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{6D0F49EC-09B4-4F0E-8E14-F37E3B0FA0A5}] => (Allow) C:\program files (x86)\citrix\ica client\receiver\updaterservice.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{07395520-F562-448A-8367-C5FC7976D17D}] => (Allow) C:\windows\system32\werfault.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ACB8C054-D594-4FC2-B811-706591C858E3}] => (Allow) C:\program files (x86)\raspberry pi imager\rpi-imager.exe (Raspberry Pi (Trading) Limited -> )
FirewallRules: [{1BE7CF35-6E9A-46AC-8439-C87C4A82B60B}] => (Allow) C:\program files\nvidia corporation\nvidia geforce experience\nvidia geforce experience.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C7839267-ADD5-48B3-8534-15D0BDFC7F57}] => (Allow) C:\program files\microsoft office\root\integration\integrator.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3220E76D-29F4-452A-AD17-188EFFF095B8}] => (Allow) C:\program files\nvidia corporation\nvidia geforce experience\nvidia notification.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FCB0AA37-93FA-40AC-A6CF-A75027AB309D}] => (Allow) C:\soft\jdownloader\jre\bin\javaw.exe
FirewallRules: [{6D3B362A-6F28-4657-B4B6-5D356C7726A8}] => (Allow) E:\downloads\software\rufus\rufus (v3.18).exe (Akeo Consulting -> Akeo Consulting)
FirewallRules: [{506E7F4B-CFB7-401A-9FF8-4D042C493A14}] => (Allow) C:\soft\navitel\navitel dvr player\video-player-ui.exe () [File not signed]
FirewallRules: [{83B560C9-ED12-4616-8A15-67A427AC7210}] => (Allow) C:\soft\navitel\navigator update center\navitelupdaterservice.exe (NAVITEL s.r.o. -> )
FirewallRules: [{5DB35AEC-8597-4CDD-B30E-84342EC0BA27}] => (Allow) C:\soft\navitel\navigator update center\navitelnavigatorupdater.exe (NAVITEL s.r.o. -> )
FirewallRules: [{3A693ACF-4801-49E0-8768-4644BE83BA33}] => (Allow) C:\soft\dell display manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
FirewallRules: [{C1ACB144-E178-4EF1-9F3D-BC59C325153B}] => (Allow) C:\program files (x86)\citrix\ica client\authmanager\authmansvr.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{4B1E5E20-7DC0-4CE6-AAA4-FE1475959CDD}] => (Allow) C:\program files\microsoft office\root\office16\msoasb.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83CF3E6E-54F6-44E0-86B6-8743337213DA}] => (Allow) C:\windows\system32\searchprotocolhost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CA9F4CEF-631D-409F-8BEE-E9359EE72A51}] => (Allow) C:\program files\microsoft office\root\office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F2F9B4B-40B4-4B2D-AE19-8A4AA2785034}] => (Allow) C:\soft\paint.net\paintdotnet.exe (DOTPDN LLC -> dotPDN LLC)
FirewallRules: [{B7711D9E-30AA-44E7-90F9-D4F9E58C0748}] => (Allow) C:\program files\microsoft office\root\office16\excel.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9D58779-3836-40A2-8411-EF92FAA01193}] => (Allow) C:\program files\microsoft office\root\office16\excel.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{486E558F-7DD2-41FF-9102-A6692D9E2EBE}] => (Allow) C:\Soft\OpenVPN\bin\openvpn.exe (OpenVPN Inc. -> The OpenVPN Project)
FirewallRules: [{E01DA2BB-C581-4F50-B80A-7A8E713F4E4B}] => (Allow) C:\Soft\OpenVPN\bin\openvpn.exe (OpenVPN Inc. -> The OpenVPN Project)
FirewallRules: [{68035F53-48C4-4EE6-BA58-3FA934330C48}] => (Allow) C:\soft\foxit pdf reader\foxitpdfreader.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
FirewallRules: [{124DC4E4-A980-4BE6-8DCC-22F7363C5FD3}] => (Allow) C:\program files\microsoft office\root\office16\winword.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B172E4F4-4A78-44ED-853B-086CA337DB5B}] => (Allow) C:\program files (x86)\citrix\ica client\receiver\receiver.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{E77313DF-6AF1-46B1-A9E7-3522725462A7}] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{1CA2286E-66A7-44FD-8D9E-A3684A405722}] => (Allow) C:\program files (x86)\citrix\ica client\webhelper.exe (Citrix Systems, Inc. -> Citrix)
FirewallRules: [{21609D42-E0E8-48B3-B0B4-30736FD12A5A}] => (Allow) C:\program files (x86)\citrix\ica client\selfserviceplugin\selfserviceplugin.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{87382CC8-BAB3-4983-9C67-EAD58F58EF00}] => (Allow) C:\program files (x86)\citrix\ica client\receiver\featureflag\cwafeatureflagupdater.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{ADD92F49-5381-4158-BAA3-82C03567C87A}] => (Allow) C:\program files (x86)\citrix\ica client\selfserviceplugin\selfservice.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{A2EE9EC1-862A-42CC-AB88-843802DF74CC}] => (Allow) C:\program files (x86)\cisco\cisco anyconnect secure mobility client\vpndownloader.exe (Cisco Systems, Inc. -> Cisco Systems, Inc.)
FirewallRules: [{FFD4E331-1B36-459A-8230-C327831D2697}] => (Allow) C:\program files (x86)\cisco\cisco anyconnect secure mobility client\vpnui.exe (Cisco Systems, Inc. -> Cisco Systems, Inc.)
FirewallRules: [{0342F90A-4716-44FA-9006-C14BFEAC3A80}] => (Allow) C:\soft\notepad++\updater\gup.exe (Notepad++ -> Don HO don.h@free.fr)
FirewallRules: [{44311D19-E5AF-4F1B-8266-0E9D5640E2EC}] => (Allow) C:\program files (x86)\stardock\start11\start11config.exe (STARDOCK SYSTEMS, INC. -> Stardock Software)
FirewallRules: [{C15E634C-AF63-45D5-B3DD-D3E9C19A4573}] => (Allow) C:\soft\revo uninstaller\revouninpro.exe (VS Revo Group Ltd. -> VS Revo Group)
FirewallRules: [{5626E8CC-0737-42AC-A32F-D51E295BADD4}] => (Allow) C:\windows\system32\compattelrunner.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B80027A6-1A39-48BB-A121-BE627880DFA9}] => (Allow) C:\windows\system32\devicecensus.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{800D0088-1A38-45D5-878C-700E949D897E}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B53FBFA-1525-4087-9B93-2AC241E08436}] => (Allow) C:\program files (x86)\nvidia corporation\nvnode\nvidia web helper.exe (Nvidia Corporation -> Node.js)
FirewallRules: [{6038349B-D402-40AA-8E4F-9B4B255FBE3D}] => (Allow) C:\program files (x86)\cisco\cisco anyconnect secure mobility client\vpnagent.exe (Cisco Systems, Inc. -> Cisco Systems, Inc.)
FirewallRules: [{30A9EE15-4A33-4DA7-9F32-6DFED8014D11}] => (Allow) C:\program files (x86)\razer\synapse3\service\razer synapse service.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [{341611D4-AE11-471D-BB53-A37F23278FC9}] => (Allow) C:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04A47FDF-C4DA-4A64-9DF5-7625AA1771C9}] => (Allow) C:\soft\musicbee\musicbee.exe (Steven Mayall) [File not signed]
FirewallRules: [{C4DDF970-2ABE-4380-A118-A769AF4234AE}] => (Allow) C:\program files (x86)\razer\razer services\gms\gamemanagerservice.exe (Razer USA Ltd. -> Razer Inc)
FirewallRules: [{FF83D759-1818-4C18-883E-5DDFCBED8C3F}] => (Allow) C:\windows\system32\sihclient.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{DECB65B3-BED2-4ECA-A764-72F17E4B710D}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A5DCFAB-E54A-4D4F-98BD-1B13DC6B0E60}] => (Allow) C:\program files (x86)\razer\synapse3\wpfui\framework\razer synapse 3 host\razer synapse 3.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [{8302E05D-99F4-45CB-8E57-202D64BA27D8}] => (Allow) C:\program files (x86)\razer\razer services\razer central\razercentralservice.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [{3F906476-2C7C-40D8-8ACA-344D4B006F74}] => (Allow) C:\program files\microsoft office\root\office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CC9AA04-012C-4217-9E01-4C115A5C1378}] => (Allow) C:\soft\potplayer\potplayermini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{FFA1E76B-CE1E-44C4-A17D-7E81F7795869}] => (Allow) C:\program files (x86)\razer\razer services\razer central\razer central.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [{8B435E41-5C67-4FF6-97B9-3CDD2E9957FE}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\officesvcmgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF539638-2CAD-4594-B92C-AE911A4AC503}] => (Allow) C:\program files\nvidia corporation\nvcontainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A7204E94-5044-4CAA-9E0D-5F6A1E77366B}] => (Allow) C:\windows\system32\taskhostw.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{71551C1C-574E-4744-84EB-60FD2FDB9DE7}] => (Allow) C:\soft\jdownloader\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{022CA6E2-C64D-40D6-8DF2-2F7FD9273743}] => (Allow) C:\windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{49113203-FEE1-4763-9F6E-D8ABA8750F15}] => (Allow) C:\Users\Kevinar\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{5D1777A6-96E0-4CF1-A272-A733ED552BBB}] => (Allow) C:\Users\Kevinar\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{37B99E28-9D8F-4263-AF5F-1D47590F177D}] => (Allow) C:\program files (x86)\razer\razer cortex\razercortex.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [{4C945BBB-E26F-4419-9C0C-70F39AE9163F}] => (Allow) C:\windows\system32\wermgr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{640B5A1D-5C6B-44C3-831F-942A0A03F6F8}] => (Allow) C:\windows\syswow64\werfault.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF206EEE-8820-4FA6-8CF9-66ACD2CAACB5}] => (Allow) C:\windows\immersivecontrolpanel\systemsettings.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7A21B794-50F4-4E04-BE42-F6462BDCDE8E}] => (Allow) C:\windows\system32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9F5D4CFC-7B64-4019-82EA-5BD4D75A6A96}] => (Allow) C:\soft\vivaldi\application\update_notifier.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [{3E875554-7138-4590-A193-C5DDC44BD517}] => (Allow) C:\soft\vivaldi\application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [UDP Query User{BB8B64B2-5B72-474F-8D4D-AD82D548CF02}C:\users\kevinar\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\kevinar\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{BE933F23-4123-4427-BE78-D4C5DFE52DC6}C:\users\kevinar\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\kevinar\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{E6F31750-F21E-4107-8E95-4DFEC161DBAD}C:\soft\vivaldi\application\vivaldi.exe] => (Allow) C:\soft\vivaldi\application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [TCP Query User{4E3E741C-6EB4-479D-969A-02D10D2F5F35}C:\soft\vivaldi\application\vivaldi.exe] => (Allow) C:\soft\vivaldi\application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [{368BB782-5374-4E67-92A3-6A17FA814891}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5A9FEF7-50E4-4C09-A101-4C35763BEA59}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEBDB6EC-4172-456F-B2F6-D797DA3B4593}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1F178BB-AE8A-4FB1-945A-3A27C1FB3418}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2183298-78EC-46F4-9E50-B904D374F585}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7EAB04BD-C4B5-4134-8C02-139E1BE76D44}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C9B73A9-34AE-4F7F-BC99-0434D28CA169}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93425851-B6A7-40E6-9BA5-016553131E5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D95BEFCB-33A0-4A9F-AA82-3305365B359C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{AF3E2461-5780-4555-94F8-1C38433C7E41}] => (Allow) C:\windows\system32\onedrivesetup.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F950C2C6-32A1-4EBF-A07F-567CA9F61876}] => (Allow) C:\windows\syswow64\appsetup.exe (Creative Technology Ltd -> Creative Technology Ltd)
FirewallRules: [{A83E2CF0-9675-49D8-A5FC-E1D874321498}] => (Allow) C:\program files\microsoft office\root\office16\msaccess.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5F5E5A1-0538-4386-B41B-2E1806D5E34F}] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [{A8E9C395-D91E-4564-9D90-66C2E19ED29F}] => (Allow) C:\users\kevinar\desktop\kingdom come deliverance trainer - fling.exe => No File
FirewallRules: [{7997DB24-82FA-4401-A7B9-933C54BCFB86}] => (Block) C:\users\kevinar\desktop\kingdom come deliverance v1.2-v1.9.2 plus 16 trainer.exe => No File
FirewallRules: [{DB390E55-20C7-437C-920A-EE4C6C9F7B56}] => (Allow) C:\windows\system32\oobe\setupplatform\setupplatform.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{096B11D6-CD35-43F3-8379-129419E94BCE}] => (Block) C:\users\kevinar\desktop\mafia iii definitive edition v1.100.0 plus 18 trainer.exe => No File
FirewallRules: [{B5749C8C-361C-4134-BD95-9A24C20AFBF6}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmd.inf_amd64_1408eaf9a25ed64f\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{7564E3D4-E3B7-4E56-AC41-CE82792E409D}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\updates\16.0.15629.20156\officeclicktorun.exe => No File
FirewallRules: [{C15EED26-B540-4FF7-9B5A-5670FA234EA6}] => (Allow) C:\users\kevinar\appdata\local\temp\nvidia\gfe\setup.exe => No File
FirewallRules: [{7298FC05-36C0-4B9D-BBA1-0A3F97A66C06}] => (Allow) C:\programdata\nvidia corporation\downloader\1865c28749ee02e086e2b505845fa1b5_extracted\setup.exe => No File
FirewallRules: [{E70854FC-47EA-4620-96E1-F2A10CCA0EE8}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_e4ca4ec4257b233d\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{65A1444B-FF3D-408E-AD7C-4E459F308C56}] => (Allow) C:\windows\system32\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{0198A24B-FA96-4929-9A51-36132A827DDE}C:\games\batman arkham city goty\binaries\win32\batmanac.exe] => (Block) C:\games\batman arkham city goty\binaries\win32\batmanac.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [UDP Query User{498AC7E8-3C65-4A62-AFA4-EBFE7183ACAB}C:\games\batman arkham city goty\binaries\win32\batmanac.exe] => (Block) C:\games\batman arkham city goty\binaries\win32\batmanac.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{D3FC4F44-27A0-420A-8C11-AF0FD0EA80F9}] => (Allow) C:\users\kevinar\appdata\local\temp\_ir_sf_temp_0\irsetup.exe => No File
FirewallRules: [{7C46F422-D972-4E8F-BE4A-797A4D587F07}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\updates\16.0.15629.20208\officeclicktorun.exe => No File
FirewallRules: [{5EF31A42-7EB8-4788-9958-B154478E48E0}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2209.7-0\msmpeng.exe => No File
FirewallRules: [{2B2A1363-C530-4303-BA8B-98818A3AEC9F}] => (Block) C:\games\batman arkham city goty\binaries\win32\bmlauncher.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd) [File not signed]
FirewallRules: [{8B2C81AB-8E56-4123-8E54-5B3ED77DD448}] => (Allow) C:\programdata\nvidia corporation\downloader\303813f3f7dc14a20c0eca25ef451650_extracted\setup.exe => No File
FirewallRules: [{15001137-A0D8-4212-A828-2EBACE860C27}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_c34732273f7dc48f\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{781CEBA5-D1A8-4B39-8EA0-7962E1B187E7}] => (Allow) C:\soft\speedfan\speedfan.exe (SOKNO S.R.L. -> )
FirewallRules: [{2E415489-CA47-4B72-8BE3-82FDA76837E2}] => (Allow) \device\harddiskvolume3\soft\ccleaner\temp_ccupdate\ccupdate604_free.exe => No File
FirewallRules: [{C3F6549B-15FE-452A-BE81-CC2E57E88526}] => (Block) D:\games\a plague tale requiem\apt2_winstore.x64.submission.exe => No File
FirewallRules: [{03697AC3-595A-48DD-9B37-3602ACE96CBF}] => (Allow) C:\soft\ccleaner\ccleanerbugreport.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{737E8847-9193-4E26-B60D-E34F255D2C03}] => (Allow) C:\program files (x86)\razer\razer axon\razeraxon.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [{5F2A47E1-1877-45A8-B42E-C15F5794F38B}] => (Block) C:\users\kevinar\desktop\a plague tale innocence v1.0-v20190528 plus 4 trainer.exe => No File
FirewallRules: [{7735968C-8190-45A7-88FB-71856495D04D}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.695.0_x64__cw5n1h2txyewy\dashboard\widgets.exe => No File
FirewallRules: [{56F9F31F-F859-4A16-A7C1-9F6BC9240541}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.715.0_x64__cw5n1h2txyewy\dashboard\widgets.exe => No File
FirewallRules: [{93738DC1-8B75-4E29-9195-E0EA0CCE0EDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CECEB249-08F2-48D4-8C0B-A62412C2B430}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B83E4AEC-09DF-41E9-9650-68D006F08E76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4FBA0D91-5A9C-44EC-8E25-DAB8077CE8F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{35049287-BEDC-4F7C-9DF3-22EDEAD17B93}] => (Allow) C:\programdata\nvidia corporation\downloader\997d28d054cade0d6c7b982efe928dca_extracted\setup.exe => No File
FirewallRules: [{83937D88-DC0A-48C0-BF86-2FB2B80AEA9E}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_6d6835b9cb8bee82\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{A50155A7-7DF7-4581-A0E8-9D0A3DDB36D7}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\updates\16.0.15726.20174\officeclicktorun.exe => No File
FirewallRules: [{86DDACD9-04D7-4CC7-9B1A-ADE22DB3FDBB}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2210.4-0\msmpeng.exe => No File
FirewallRules: [{97D0575E-166C-442D-BAFA-374397166D52}] => (Allow) E:\downloads\software\potplayer\potplayer (v221102_x64).exe (Kakao corp. -> Kakao)
FirewallRules: [{36A8CA53-2356-4311-9062-F1919111045E}] => (Allow) D:\games\a plague tale requiem\aplaguetalerequiem_x64.exe (Focus Home Interactive S.A -> Asobo Studio)
FirewallRules: [{A34161D7-0E8F-41C5-9173-82302F7F5918}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.765.0_x64__cw5n1h2txyewy\dashboard\widgets.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B8475F81-DC15-4389-8115-34B23100DCF5}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2210.5-0\msmpeng.exe => No File
FirewallRules: [{A4F786BC-02F8-4CD2-94B7-3C4370E14DE0}] => (Allow) C:\programdata\nvidia corporation\downloader\bb55bbcdd2768381d5acfa114537d7d2_extracted\setup.exe => No File
FirewallRules: [{759F70AC-BEE7-4427-9ACB-0E685295BD9D}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2210.6-0\msmpeng.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{9F75B5DC-86F6-43E7-BFF7-A4004C6B7567}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_e313fb53fe7f3d0f\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{4E8088EF-EC89-44BA-B268-F41C9C8529D7}] => (Allow) C:\windows\microsoft.net\framework\v4.0.30319\installutil.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1EF07916-E855-49DB-B499-825383E6FD17}] => (Allow) C:\users\kevinar\desktop\68568_promo_chaio\a_plague_tale_requiem_1210.exe => No File
FirewallRules: [{9168961F-01EA-4F60-B1B9-423BA1347A2A}] => (Allow) C:\users\kevinar\desktop\cheatevolution\cheatevolution.exe => No File
FirewallRules: [{0ACDEE18-4BB3-4BAF-851C-3483499E13B1}] => (Block) C:\users\kevinar\desktop\a plague tale requiem v20221018 6 trainer.exe => No File
FirewallRules: [{FC13A681-53EC-4BCA-A593-2124907525B3}] => (Allow) C:\users\kevinar\desktop\uptasia-homeedition-setup.exe => No File
FirewallRules: [{80E5C936-0FB4-49B7-A7A5-52AB60AE6D9B}] => (Allow) C:\users\kevinar\appdata\local\programs\upjers-playground2\upjers home.exe (upjers GmbH -> upjers GmbH)
FirewallRules: [{0F8E84EC-55A1-4FCA-876A-7EB8558C4F54}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\updates\16.0.15726.20202\officeclicktorun.exe => No File
FirewallRules: [{61882600-05C9-4086-84DD-467D09045791}] => (Allow) C:\programdata\nvidia corporation\downloader\c0648fecba04f805f2121a26ad7e40ec_extracted\setup.exe => No File
FirewallRules: [{14E0B3BC-1CF5-4D33-8462-B48268F88E52}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_ccc0ac530b9c1dc5\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{287F3803-DC5C-4FF5-B3BF-309160FBEC86}] => (Allow) C:\programdata\nvidia corporation\downloader\50bbd411d00493f56fc8c73056d10cde_extracted\setup.exe => No File
FirewallRules: [{81AA88B5-9C09-4BE9-A21D-FCB91E11D13C}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_6692a0f51b62daa3\display.nvcontainer\nvdisplay.container.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{915DFD7F-234D-4256-9476-C759CDA05AFC}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\3a48be45-f123-410f-8176-cc8bde6b431f\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{2155A6CD-B57B-4BEF-BDFC-7BE90783A39E}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\ffcb6335-707c-491a-9cf0-55f258ee4004\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{B0B1A08A-8D8E-4F2B-8371-0EDFE40F29E0}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\c687a818-d993-455a-a4b5-65630f6537ee\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{B1B96024-40D3-42CB-A1C6-934EB1B2AD75}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\2b27dde6-7197-4e72-ae01-2deffb1e7b45\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{F45B59E2-DC71-4082-9044-8B2C21EAD7B1}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\08e8aa76-dab8-4a1b-a0d9-5ad98eb6aef1\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{45FBA4DC-1370-4660-8735-F33197193F4D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

08-12-2022 11:42:24 Removed VeraCrypt 1.25.9

==================== Faulty Device Manager Devices ============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/11/2022 02:20:58 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: GameManagerService3.exe, verze: 3.2.0.282, časové razítko: 0x622f7973
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.900, časové razítko: 0x496cd83f
Kód výjimky: 0xe0434352
Posun chyby: 0x00147402
ID chybujícího procesu: 0x0x1604
Čas spuštění chybující aplikace: 0x0x1d90d3fcce440c1
Cesta k chybující aplikaci: C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: b1d8ee44-1aa5-4950-9a7a-755af3bd5583
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/11/2022 12:04:17 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: GameManagerService3.exe, verze: 3.2.0.282, časové razítko: 0x622f7973
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.900, časové razítko: 0x496cd83f
Kód výjimky: 0xe0434352
Posun chyby: 0x00147402
ID chybujícího procesu: 0x0x1474
Čas spuštění chybující aplikace: 0x0x1d90c77b8107b3e
Cesta k chybující aplikaci: C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 75c804c6-8cae-4280-8f62-c84d42674e25
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/09/2022 10:41:08 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: GameManagerService3.exe, verze: 3.2.0.282, časové razítko: 0x622f7973
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.900, časové razítko: 0x496cd83f
Kód výjimky: 0xe0434352
Posun chyby: 0x00147402
ID chybujícího procesu: 0x0x14d8
Čas spuštění chybující aplikace: 0x0x1d90be642e96fd5
Cesta k chybující aplikaci: C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f83c6aec-ac36-452c-a619-ea8ab51f6328
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/09/2022 10:25:38 PM) (Source: Application Error) (EventID: 1000) (User: Kevinar-PC)
Description: Název chybující aplikace: setup.tmp, verze: 51.1052.0.0, časové razítko: 0x506a75b5
Název chybujícího modulu: unarc.dll, verze: 0.0.0.0, časové razítko: 0x5f14f59e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00002d45
ID chybujícího procesu: 0x0x3bc4
Čas spuštění chybující aplikace: 0x0x1d90c14aa8bc96f
Cesta k chybující aplikaci: C:\Users\Kevinar\AppData\Local\Temp\is-TLS1N.tmp\setup.tmp
Cesta k chybujícímu modulu: C:\Users\Kevinar\AppData\Local\Temp\is-J2CQK.tmp\unarc.dll
ID zprávy: 0fd86c96-7715-4437-8b2b-41efa8b94692
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/09/2022 09:47:52 PM) (Source: Application Error) (EventID: 1000) (User: Kevinar-PC)
Description: Název chybující aplikace: setup.tmp, verze: 51.1052.0.0, časové razítko: 0x506a75b5
Název chybujícího modulu: unarc.dll, verze: 0.0.0.0, časové razítko: 0x5f14f59e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00002d45
ID chybujícího procesu: 0x0x3fa4
Čas spuštění chybující aplikace: 0x0x1d90c0f0c6ddb1c
Cesta k chybující aplikaci: C:\Users\Kevinar\AppData\Local\Temp\is-HLK64.tmp\setup.tmp
Cesta k chybujícímu modulu: C:\Users\Kevinar\AppData\Local\Temp\is-VQ474.tmp\unarc.dll
ID zprávy: 857c727f-72b8-45d7-bedf-3fbc1436c3bf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/09/2022 09:06:10 PM) (Source: Application Error) (EventID: 1000) (User: Kevinar-PC)
Description: Název chybující aplikace: setup.tmp, verze: 51.1052.0.0, časové razítko: 0x506a75b5
Název chybujícího modulu: unarc.dll, verze: 0.0.0.0, časové razítko: 0x5f14f59e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00002d45
ID chybujícího procesu: 0x0x2bb0
Čas spuštění chybující aplikace: 0x0x1d90c098ff8f626
Cesta k chybující aplikaci: C:\Users\Kevinar\AppData\Local\Temp\is-VUO89.tmp\setup.tmp
Cesta k chybujícímu modulu: C:\Users\Kevinar\AppData\Local\Temp\is-I121J.tmp\unarc.dll
ID zprávy: e369dc02-b835-420f-99fb-4d5faf1c8803
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/09/2022 09:04:45 PM) (Source: Application Error) (EventID: 1000) (User: Kevinar-PC)
Description: Název chybující aplikace: setup.tmp, verze: 51.1052.0.0, časové razítko: 0x506a75b5
Název chybujícího modulu: unarc.dll, verze: 0.0.0.0, časové razítko: 0x5f14f59e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00002d45
ID chybujícího procesu: 0x0x3e38
Čas spuštění chybující aplikace: 0x0x1d90c07d1f96e94
Cesta k chybující aplikaci: C:\Users\Kevinar\AppData\Local\Temp\is-UKD5L.tmp\setup.tmp
Cesta k chybujícímu modulu: C:\Users\Kevinar\AppData\Local\Temp\is-TB5CQ.tmp\unarc.dll
ID zprávy: 34617a57-aa5a-4614-a1c2-fd5324679066
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/09/2022 04:54:56 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.52.0.0 programu TOTALCMD64.EXE ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.


System errors:
=============
Error: (12/11/2022 05:42:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/11/2022 05:42:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Kevinar\AppData\Local\Temp\ehdrv.sys

Error: (12/11/2022 05:41:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/11/2022 05:41:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Kevinar\AppData\Local\Temp\ehdrv.sys

Error: (12/11/2022 05:41:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/11/2022 05:41:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Kevinar\AppData\Local\Temp\ehdrv.sys

Error: (12/11/2022 05:41:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/11/2022 05:41:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Kevinar\AppData\Local\Temp\ehdrv.sys


Windows Defender:
================
Date: 2022-12-11 17:50:37
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {D30AD703-E77D-4405-AF3A-B9276BEB52A4}
Typ prohledávání: Antimalware
Parametry prohledávání: Full Scan
Uživatel: Kevinar-PC\Kevinar

Date: 2022-12-11 16:47:16
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {BB5FC508-A097-4600-BCD4-7CABFB86785F}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-10 20:55:28
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {50DD8238-B3C6-45B3-A89A-04B71652292E}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-10 13:14:19
Description:
Řízený přístup ke složkám zablokoval pro C:\Soft\JDownloader\JDownloader2.exe možnost upravit G:\Video\Hudební\New Folder.
Čas detekce: 2022-12-10T12:14:19.733Z
Uživatel: Kevinar-PC\Kevinar
Cesta: G:\Video\Hudební\New Folder
Název procesu: C:\Soft\JDownloader\JDownloader2.exe
Verze bezpečnostních informací: 1.381.218.0
Verze modulu: 1.1.19900.2
Verze produktu: 4.18.2211.5

Date: 2022-12-10 10:47:37
Description:
Řízený přístup ke složkám zablokoval pro C:\Soft\Vivaldi\Application\vivaldi.exe možnost upravit F:\Music\_Download_\Hard Rock\Kiss\.
Čas detekce: 2022-12-10T09:47:37.730Z
Uživatel: Kevinar-PC\Kevinar
Cesta: F:\Music\_Download_\Hard Rock\Kiss\
Název procesu: C:\Soft\Vivaldi\Application\vivaldi.exe
Verze bezpečnostních informací: 1.381.218.0
Verze modulu: 1.1.19900.2
Verze produktu: 4.18.2211.5

CodeIntegrity:
===============
Date: 2022-12-11 16:46:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-12-11 16:35:32
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\iqvw64e.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2022-12-11 16:35:32
Description:
The driver \Device\HarddiskVolume3\Windows\System32\drivers\iqvw64e.sys is blocked from loading as the driver has been revoked by Microsoft.

Date: 2022-12-11 16:35:22
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\drivers\AsIO.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2022-12-11 16:35:22
Description:
The driver \Device\HarddiskVolume3\Windows\SysWOW64\drivers\AsIO.sys is blocked from loading as the driver has been revoked by Microsoft.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2203 02/26/2016
Motherboard: ASUSTeK COMPUTER INC. Z97-PRO GAMER
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 32%
Total physical RAM: 16326.12 MB
Available physical RAM: 11008.47 MB
Total Virtual: 19398.12 MB
Available Virtual: 11495.75 MB

==================== Drives ================================

Drive c: (Win11) (Fixed) (Total:232.12 GB) (Free:64.9 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS
Drive d: (Dokumenty) (Fixed) (Total:931.51 GB) (Free:813.11 GB) (Model: ST1000DM003-1ER162) NTFS
Drive e: (Downloads) (Fixed) (Total:298.09 GB) (Free:56.37 GB) (Model: WDC WD3200AAKS-00L9A0) NTFS
Drive f: (Audio) (Fixed) (Total:4657.51 GB) (Free:2234.01 GB) (Model: TOSHIBA HDWE150) NTFS
Drive g: (Video) (Fixed) (Total:7452.02 GB) (Free:2346.58 GB) (Model: TOSHIBA HDWR180) NTFS
Drive h: (Games) (Fixed) (Total:298.09 GB) (Free:116.53 GB) (Model: SAMSUNG HD321KJ) NTFS

\\?\Volume{759fe2e9-6220-4409-954a-19f6342bdd56}\ () (Fixed) (Total:0.65 GB) (Free:0.08 GB) NTFS
\\?\Volume{689fa20e-9cdc-4178-8539-b16f4b962356}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: E1559082)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0FDB6FB5)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 00028D68)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Protective MBR) (Size: 4657.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 7452 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 5 (Size: 298.1 GB) (Disk ID: 5D697123)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Děkuji

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu z FRST

#2 Příspěvek od Rudy »

Zdravím"
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\MountPoints2: {bbe38052-43f2-11ec-a714-08626627a548} - "I:\setup.exe"
ShortcutTarget: SN10066.lnk -> C:\Users\Public\EPLAN\Common\SN10066.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {0AED1D1F-2F88-4290-AB8E-62314C48D0C0} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Soft\AI Suite III\Push Notice\PushNotifyServer.exe (No File)
Task: {9AB1B87E-529E-4B24-840F-6FB534634A85} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Soft\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
CustomCLSID: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{d93ed569-3b3e-4bff-8355-3c44f6a52bb5}\InprocServer32 -> => No File
FirewallRules: [{132C3959-3F9B-4FC1-8E3C-851E30DE96E5}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.685.0_x64__cw5n1h2txyewy\dashboard\widgets.exe => No File
FirewallRules: [{631D3994-4FC0-45A1-8F88-AC3DFB7B0407}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2207.7-0\msmpeng.exe => No File
FirewallRules: [{4A131993-0DA7-42B6-98E6-550BA9147E49}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2205.7-0\mpcmdrun.exe => No File
FirewallRules: [UDP Query User{768CAECA-8F51-4A35-B285-40892E69DF39}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{25301F54-4FB9-4A9D-87D9-05A26E1A7B20}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [{D179B80B-76AC-4193-B282-BDF2F97BEED5}] => (Allow) \device\harddiskvolume3\users\kevinar\appdata\local\temp\is-ohgqn.tmp\countinstallation.exe => No File
FirewallRules: [{1821F025-86D0-406A-9A7D-46C2E0DB409F}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2205.7-0\msmpeng.exe => No File
FirewallRules: [{C5F5E5A1-0538-4386-B41B-2E1806D5E34F}] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [{A8E9C395-D91E-4564-9D90-66C2E19ED29F}] => (Allow) C:\users\kevinar\desktop\kingdom come deliverance trainer - fling.exe => No File
FirewallRules: [{7997DB24-82FA-4401-A7B9-933C54BCFB86}] => (Block) C:\users\kevinar\desktop\kingdom come deliverance v1.2-v1.9.2 plus 16 trainer.exe => No File
FirewallRules: [{096B11D6-CD35-43F3-8379-129419E94BCE}] => (Block) C:\users\kevinar\desktop\mafia iii definitive edition v1.100.0 plus 18 trainer.exe => No File
FirewallRules: [{B5749C8C-361C-4134-BD95-9A24C20AFBF6}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmd.inf_amd64_1408eaf9a25ed64f\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{7564E3D4-E3B7-4E56-AC41-CE82792E409D}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\updates\16.0.15629.20156\officeclicktorun.exe => No File
FirewallRules: [{C15EED26-B540-4FF7-9B5A-5670FA234EA6}] => (Allow) C:\users\kevinar\appdata\local\temp\nvidia\gfe\setup.exe => No File
FirewallRules: [{7298FC05-36C0-4B9D-BBA1-0A3F97A66C06}] => (Allow) C:\programdata\nvidia corporation\downloader\1865c28749ee02e086e2b505845fa1b5_extracted\setup.exe => No File
FirewallRules: [{E70854FC-47EA-4620-96E1-F2A10CCA0EE8}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_e4ca4ec4257b233d\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{2E415489-CA47-4B72-8BE3-82FDA76837E2}] => (Allow) \device\harddiskvolume3\soft\ccleaner\temp_ccupdate\ccupdate604_free.exe => No File
FirewallRules: [{C3F6549B-15FE-452A-BE81-CC2E57E88526}] => (Block) D:\games\a plague tale requiem\apt2_winstore.x64.submission.exe => No File
FirewallRules: [{03697AC3-595A-48DD-9B37-3602ACE96CBF}] => (Allow) C:\soft\ccleaner\ccleanerbugreport.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{5F2A47E1-1877-45A8-B42E-C15F5794F38B}] => (Block) C:\users\kevinar\desktop\a plague tale innocence v1.0-v20190528 plus 4 trainer.exe => No File
FirewallRules: [{7735968C-8190-45A7-88FB-71856495D04D}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.695.0_x64__cw5n1h2txyewy\dashboard\widgets.exe => No File
FirewallRules: [{56F9F31F-F859-4A16-A7C1-9F6BC9240541}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.715.0_x64__cw5n1h2txyewy\dashboard\widgets.exe => No File
FirewallRules: [{35049287-BEDC-4F7C-9DF3-22EDEAD17B93}] => (Allow) C:\programdata\nvidia corporation\downloader\997d28d054cade0d6c7b982efe928dca_extracted\setup.exe => No File
FirewallRules: [{83937D88-DC0A-48C0-BF86-2FB2B80AEA9E}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_6d6835b9cb8bee82\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{A50155A7-7DF7-4581-A0E8-9D0A3DDB36D7}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\updates\16.0.15726.20174\officeclicktorun.exe => No File
FirewallRules: [{86DDACD9-04D7-4CC7-9B1A-ADE22DB3FDBB}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2210.4-0\msmpeng.exe => No File
FirewallRules: [{B8475F81-DC15-4389-8115-34B23100DCF5}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2210.5-0\msmpeng.exe => No File
FirewallRules: [{A4F786BC-02F8-4CD2-94B7-3C4370E14DE0}] => (Allow) C:\programdata\nvidia corporation\downloader\bb55bbcdd2768381d5acfa114537d7d2_extracted\setup.exe => No File
FirewallRules: [{759F70AC-BEE7-4427-9ACB-0E685295BD9D}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2210.6-0\msmpeng.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{9F75B5DC-86F6-43E7-BFF7-A4004C6B7567}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_e313fb53fe7f3d0f\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{1EF07916-E855-49DB-B499-825383E6FD17}] => (Allow) C:\users\kevinar\desktop\68568_promo_chaio\a_plague_tale_requiem_1210.exe => No File
FirewallRules: [{9168961F-01EA-4F60-B1B9-423BA1347A2A}] => (Allow) C:\users\kevinar\desktop\cheatevolution\cheatevolution.exe => No File
FirewallRules: [{0ACDEE18-4BB3-4BAF-851C-3483499E13B1}] => (Block) C:\users\kevinar\desktop\a plague tale requiem v20221018 6 trainer.exe => No File
FirewallRules: [{FC13A681-53EC-4BCA-A593-2124907525B3}] => (Allow) C:\users\kevinar\desktop\uptasia-homeedition-setup.exe => No File
FirewallRules: [{915DFD7F-234D-4256-9476-C759CDA05AFC}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\3a48be45-f123-410f-8176-cc8bde6b431f\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{2155A6CD-B57B-4BEF-BDFC-7BE90783A39E}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\ffcb6335-707c-491a-9cf0-55f258ee4004\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{B0B1A08A-8D8E-4F2B-8371-0EDFE40F29E0}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\c687a818-d993-455a-a4b5-65630f6537ee\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{B1B96024-40D3-42CB-A1C6-934EB1B2AD75}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\2b27dde6-7197-4e72-ae01-2deffb1e7b45\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{F45B59E2-DC71-4082-9044-8B2C21EAD7B1}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\08e8aa76-dab8-4a1b-a0d9-5ad98eb6aef1\eset_smart_security_premium_live_installer.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Star-Lord
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 11 pro 2022 17:47

Re: Kontrola logu z FRST

#3 Příspěvek od Star-Lord »

Zde je log po Fix procesu:

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022
Ran by Kevinar (11-12-2022 19:12:06) Run:1
Running from C:\Users\Kevinar\Desktop
Loaded Profiles: Kevinar
Boot Mode: Normal
==============================================

fixlist content:
*****************
tart

CloseProcesses:
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\...\MountPoints2: {bbe38052-43f2-11ec-a714-08626627a548} - "I:\setup.exe"
ShortcutTarget: SN10066.lnk -> C:\Users\Public\EPLAN\Common\SN10066.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {0AED1D1F-2F88-4290-AB8E-62314C48D0C0} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Soft\AI Suite III\Push Notice\PushNotifyServer.exe (No File)
Task: {9AB1B87E-529E-4B24-840F-6FB534634A85} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Soft\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
CustomCLSID: HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{d93ed569-3b3e-4bff-8355-3c44f6a52bb5}\InprocServer32 -> => No File
FirewallRules: [{132C3959-3F9B-4FC1-8E3C-851E30DE96E5}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.685.0_x64__cw5n1h2txyewy\dashboard\widgets.exe => No File
FirewallRules: [{631D3994-4FC0-45A1-8F88-AC3DFB7B0407}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2207.7-0\msmpeng.exe => No File
FirewallRules: [{4A131993-0DA7-42B6-98E6-550BA9147E49}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2205.7-0\mpcmdrun.exe => No File
FirewallRules: [UDP Query User{768CAECA-8F51-4A35-B285-40892E69DF39}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{25301F54-4FB9-4A9D-87D9-05A26E1A7B20}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [{D179B80B-76AC-4193-B282-BDF2F97BEED5}] => (Allow) \device\harddiskvolume3\users\kevinar\appdata\local\temp\is-ohgqn.tmp\countinstallation.exe => No File
FirewallRules: [{1821F025-86D0-406A-9A7D-46C2E0DB409F}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2205.7-0\msmpeng.exe => No File
FirewallRules: [{C5F5E5A1-0538-4386-B41B-2E1806D5E34F}] => (Block) D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [{A8E9C395-D91E-4564-9D90-66C2E19ED29F}] => (Allow) C:\users\kevinar\desktop\kingdom come deliverance trainer - fling.exe => No File
FirewallRules: [{7997DB24-82FA-4401-A7B9-933C54BCFB86}] => (Block) C:\users\kevinar\desktop\kingdom come deliverance v1.2-v1.9.2 plus 16 trainer.exe => No File
FirewallRules: [{096B11D6-CD35-43F3-8379-129419E94BCE}] => (Block) C:\users\kevinar\desktop\mafia iii definitive edition v1.100.0 plus 18 trainer.exe => No File
FirewallRules: [{B5749C8C-361C-4134-BD95-9A24C20AFBF6}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmd.inf_amd64_1408eaf9a25ed64f\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{7564E3D4-E3B7-4E56-AC41-CE82792E409D}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\updates\16.0.15629.20156\officeclicktorun.exe => No File
FirewallRules: [{C15EED26-B540-4FF7-9B5A-5670FA234EA6}] => (Allow) C:\users\kevinar\appdata\local\temp\nvidia\gfe\setup.exe => No File
FirewallRules: [{7298FC05-36C0-4B9D-BBA1-0A3F97A66C06}] => (Allow) C:\programdata\nvidia corporation\downloader\1865c28749ee02e086e2b505845fa1b5_extracted\setup.exe => No File
FirewallRules: [{E70854FC-47EA-4620-96E1-F2A10CCA0EE8}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_e4ca4ec4257b233d\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{2E415489-CA47-4B72-8BE3-82FDA76837E2}] => (Allow) \device\harddiskvolume3\soft\ccleaner\temp_ccupdate\ccupdate604_free.exe => No File
FirewallRules: [{C3F6549B-15FE-452A-BE81-CC2E57E88526}] => (Block) D:\games\a plague tale requiem\apt2_winstore.x64.submission.exe => No File
FirewallRules: [{03697AC3-595A-48DD-9B37-3602ACE96CBF}] => (Allow) C:\soft\ccleaner\ccleanerbugreport.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{5F2A47E1-1877-45A8-B42E-C15F5794F38B}] => (Block) C:\users\kevinar\desktop\a plague tale innocence v1.0-v20190528 plus 4 trainer.exe => No File
FirewallRules: [{7735968C-8190-45A7-88FB-71856495D04D}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.695.0_x64__cw5n1h2txyewy\dashboard\widgets.exe => No File
FirewallRules: [{56F9F31F-F859-4A16-A7C1-9F6BC9240541}] => (Allow) C:\program files\windowsapps\microsoftwindows.client.webexperience_421.20070.715.0_x64__cw5n1h2txyewy\dashboard\widgets.exe => No File
FirewallRules: [{35049287-BEDC-4F7C-9DF3-22EDEAD17B93}] => (Allow) C:\programdata\nvidia corporation\downloader\997d28d054cade0d6c7b982efe928dca_extracted\setup.exe => No File
FirewallRules: [{83937D88-DC0A-48C0-BF86-2FB2B80AEA9E}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_6d6835b9cb8bee82\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{A50155A7-7DF7-4581-A0E8-9D0A3DDB36D7}] => (Allow) C:\program files\common files\microsoft shared\clicktorun\updates\16.0.15726.20174\officeclicktorun.exe => No File
FirewallRules: [{86DDACD9-04D7-4CC7-9B1A-ADE22DB3FDBB}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2210.4-0\msmpeng.exe => No File
FirewallRules: [{B8475F81-DC15-4389-8115-34B23100DCF5}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2210.5-0\msmpeng.exe => No File
FirewallRules: [{A4F786BC-02F8-4CD2-94B7-3C4370E14DE0}] => (Allow) C:\programdata\nvidia corporation\downloader\bb55bbcdd2768381d5acfa114537d7d2_extracted\setup.exe => No File
FirewallRules: [{759F70AC-BEE7-4427-9ACB-0E685295BD9D}] => (Allow) C:\programdata\microsoft\windows defender\platform\4.18.2210.6-0\msmpeng.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{9F75B5DC-86F6-43E7-BFF7-A4004C6B7567}] => (Allow) C:\windows\system32\driverstore\filerepository\nvmdi.inf_amd64_e313fb53fe7f3d0f\display.nvcontainer\nvdisplay.container.exe => No File
FirewallRules: [{1EF07916-E855-49DB-B499-825383E6FD17}] => (Allow) C:\users\kevinar\desktop\68568_promo_chaio\a_plague_tale_requiem_1210.exe => No File
FirewallRules: [{9168961F-01EA-4F60-B1B9-423BA1347A2A}] => (Allow) C:\users\kevinar\desktop\cheatevolution\cheatevolution.exe => No File
FirewallRules: [{0ACDEE18-4BB3-4BAF-851C-3483499E13B1}] => (Block) C:\users\kevinar\desktop\a plague tale requiem v20221018 6 trainer.exe => No File
FirewallRules: [{FC13A681-53EC-4BCA-A593-2124907525B3}] => (Allow) C:\users\kevinar\desktop\uptasia-homeedition-setup.exe => No File
FirewallRules: [{915DFD7F-234D-4256-9476-C759CDA05AFC}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\3a48be45-f123-410f-8176-cc8bde6b431f\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{2155A6CD-B57B-4BEF-BDFC-7BE90783A39E}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\ffcb6335-707c-491a-9cf0-55f258ee4004\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{B0B1A08A-8D8E-4F2B-8371-0EDFE40F29E0}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\c687a818-d993-455a-a4b5-65630f6537ee\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{B1B96024-40D3-42CB-A1C6-934EB1B2AD75}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\2b27dde6-7197-4e72-ae01-2deffb1e7b45\eset_smart_security_premium_live_installer.exe => No File
FirewallRules: [{F45B59E2-DC71-4082-9044-8B2C21EAD7B1}] => (Allow) C:\users\kevinar\appdata\local\temp\eset\bts.session\08e8aa76-dab8-4a1b-a0d9-5ad98eb6aef1\eset_smart_security_premium_live_installer.exe => No File

EmptyTemp:
End
*****************

tart => Error: No automatic fix found for this entry.
Processes closed successfully.
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bbe38052-43f2-11ec-a714-08626627a548} => removed successfully
"C:\Users\Public\EPLAN\Common\SN10066.exe" => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0AED1D1F-2F88-4290-AB8E-62314C48D0C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AED1D1F-2F88-4290-AB8E-62314C48D0C0}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS\Push Notice Server Execute => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\Push Notice Server Execute" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9AB1B87E-529E-4B24-840F-6FB534634A85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AB1B87E-529E-4B24-840F-6FB534634A85}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS\USB 3.0 Boost Service => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\USB 3.0 Boost Service" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2} => removed successfully
HKU\S-1-5-21-3015848259-4086462040-1337814541-1001_Classes\CLSID\{d93ed569-3b3e-4bff-8355-3c44f6a52bb5} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{132C3959-3F9B-4FC1-8E3C-851E30DE96E5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{631D3994-4FC0-45A1-8F88-AC3DFB7B0407}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A131993-0DA7-42B6-98E6-550BA9147E49}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{768CAECA-8F51-4A35-B285-40892E69DF39}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{25301F54-4FB9-4A9D-87D9-05A26E1A7B20}D:\games\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D179B80B-76AC-4193-B282-BDF2F97BEED5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1821F025-86D0-406A-9A7D-46C2E0DB409F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5F5E5A1-0538-4386-B41B-2E1806D5E34F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A8E9C395-D91E-4564-9D90-66C2E19ED29F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7997DB24-82FA-4401-A7B9-933C54BCFB86}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{096B11D6-CD35-43F3-8379-129419E94BCE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5749C8C-361C-4134-BD95-9A24C20AFBF6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7564E3D4-E3B7-4E56-AC41-CE82792E409D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C15EED26-B540-4FF7-9B5A-5670FA234EA6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7298FC05-36C0-4B9D-BBA1-0A3F97A66C06}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E70854FC-47EA-4620-96E1-F2A10CCA0EE8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E415489-CA47-4B72-8BE3-82FDA76837E2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3F6549B-15FE-452A-BE81-CC2E57E88526}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{03697AC3-595A-48DD-9B37-3602ACE96CBF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F2A47E1-1877-45A8-B42E-C15F5794F38B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7735968C-8190-45A7-88FB-71856495D04D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{56F9F31F-F859-4A16-A7C1-9F6BC9240541}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35049287-BEDC-4F7C-9DF3-22EDEAD17B93}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{83937D88-DC0A-48C0-BF86-2FB2B80AEA9E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A50155A7-7DF7-4581-A0E8-9D0A3DDB36D7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86DDACD9-04D7-4CC7-9B1A-ADE22DB3FDBB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8475F81-DC15-4389-8115-34B23100DCF5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4F786BC-02F8-4CD2-94B7-3C4370E14DE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{759F70AC-BEE7-4427-9ACB-0E685295BD9D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F75B5DC-86F6-43E7-BFF7-A4004C6B7567}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1EF07916-E855-49DB-B499-825383E6FD17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9168961F-01EA-4F60-B1B9-423BA1347A2A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0ACDEE18-4BB3-4BAF-851C-3483499E13B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC13A681-53EC-4BCA-A593-2124907525B3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{915DFD7F-234D-4256-9476-C759CDA05AFC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2155A6CD-B57B-4BEF-BDFC-7BE90783A39E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B0B1A08A-8D8E-4F2B-8371-0EDFE40F29E0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1B96024-40D3-42CB-A1C6-934EB1B2AD75}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F45B59E2-DC71-4082-9044-8B2C21EAD7B1}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61610849 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 122382766 B
Edge => 0 B
Vivaldi => 1303085678 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 262620 B
systemprofile32 => 312992 B
LocalService => 320586 B
NetworkService => 545188 B
Kevinar => 300793612 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-12-2022 19:14:08)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 19:14:08 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu z FRST

#4 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Star-Lord
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 11 pro 2022 17:47

Re: Kontrola logu z FRST

#5 Příspěvek od Star-Lord »

Občas se mi stává, že mi některé aplikace hlásí, že se nelze připojit k internetu či nejdou aktualizovat, např. právě třeba FRST či online verze Eset. Proto jsem požádal o preventivní kontrolu logu.

Ještě jednou děkuji.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu z FRST

#6 Příspěvek od Rudy »

Nemáte zač. Teď se něco změnilo?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Star-Lord
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 11 pro 2022 17:47

Re: Kontrola logu z FRST

#7 Příspěvek od Star-Lord »

Vyzkoušel jsem znovu poslední zmiňované programy a situace je bohužel stále stejná.

Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu z FRST

#8 Příspěvek od Rudy »

OK. Spusťte tutop utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Star-Lord
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 11 pro 2022 17:47

Re: Kontrola logu z FRST

#9 Příspěvek od Star-Lord »

Provedl jsem sken, zde je log:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-12-2022
# Duration: 00:00:04
# OS: Windows 11 (Build 22621.900)
# Scanned: 32097
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1419 octets] - [12/12/2022 18:27:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Sken byl velmi rychlý a nabídnuta byla pouze možnost "Spustit základní opravu". Mám ji provést?

Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu z FRST

#10 Příspěvek od Rudy »

Toto je OK. Zkuste vypnout antivir a firewall a vyzkoušjte, zda se něco změní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Star-Lord
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 11 pro 2022 17:47

Re: Kontrola logu z FRST

#11 Příspěvek od Star-Lord »

Vyzkoušel jsem Vaši radu a nakonec je to způsobeno zapnutím firewallu pro privátní síť. Pokud jej deaktivuji, programy se spustí bez jakýchkoliv chybových hlášek.
Kdysi jsem používal pro nastavování firewallu "nástavbu" Windows Firewall Control. Zřejmě by vyřešila tyto budoucí problémy, vzhledem k možnostem manuální kontroly povolení/zakázaní programů ve firewallu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu z FRST

#12 Příspěvek od Rudy »

Asi ano. Win 11 má poměrně kvalitní FW. Bude to určitě rychlejší, než FW Esetu nastavovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Star-Lord
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 11 pro 2022 17:47

Re: Kontrola logu z FRST

#13 Příspěvek od Star-Lord »

Ještě jednou Vám děkuji za kontrolu logů a pomoc.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu z FRST

#14 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno