Zdravím! Prosím o kontrolu logu.
FRST.TXT
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Ran by PC (administrator) on DESKTOP-VNNSM0S (ATComputers CZC) (09-09-2023 06:22:58)
Running from C:\Users\PC\OneDrive\Plocha\FRST64.exe
Loaded Profiles: PC
Platform: Microsoft Windows 10 Home Version 22H2 19045.3393 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Discord Inc. -> Discord Inc.) C:\Users\PC\AppData\Local\Discord\app-1.0.9017\Discord.exe <6>
(explorer.exe ->) () [File not signed] C:\Program Files\BakkesMod\BakkesMod.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25>
(Rémi Mercier) [File not signed] D:\!!!!!FAN CONTROL\FanControl.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2335.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21548.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21548.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [256408 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [tvncontrol] => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [BakkesMod] => C:\Program Files\BakkesMod\BakkesMod.exe [16066560 2021-05-05] () [File not signed]
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [CustomCursor] => "C:\Users\PC\AppData\Local\Blife\CustomCursor\CustomCursor.exe" "/tray" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [it.remote.desktop] => C:\Program Files\remoteit\remoteit.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" --hidden (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [820960 2022-05-31] (OpenVPN Inc. -> )
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\PC\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Discord] => C:\Users\PC\AppData\Local\Discord\Update.exe [1525032 2022-08-08] (Discord Inc. -> GitHub)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Krisp] => "C:\Program Files\Krisp\Krisp.exe" -s (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\PC\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [157858648 2023-03-23] (Bluestack Systems, Inc -> now.gg, Inc.)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [whatpulse] => "C:\Program Files\WhatPulse\WhatPulse.exe" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [electron.app.Pi Network] => C:\Users\PC\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [280880 2023-05-25] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter\nlclientapp.exe [607576 2023-06-30] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\PC\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [1990000 2023-06-09] (ZONER a.s. -> ZONER a.s.)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {7665429a-90dd-11ec-abeb-244bfe775eb1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {ea3aec86-83ed-11eb-ab32-244bfe775eb1} - "E:\LenovoUsbDriver.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [820960 2022-05-31] (OpenVPN Inc. -> )
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\Theinka\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\116.0.5845.180\Installer\chrmstp.exe [2023-09-08] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\Installer\chrmstp.exe [2023-09-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{C57B257B-3D92-4AC0-8FE8-7D6FF81AEF73}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2023-08-27]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Portmaster Notifier.lnk [2023-08-20]
ShortcutTarget: Portmaster Notifier.lnk -> C:\ProgramData\Safing\Portmaster\portmaster-start.exe (Safing ICS Technologies GmbH -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {56F1AD4F-9F1E-429E-AF33-C15F6ED39252} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4947352 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
Task: {C1100914-8E9A-40F8-89E4-2AF6D4403183} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {946CEBA4-CF06-4DC0-96F2-1B8917D103ED} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-06-06] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {CE8401EF-7040-4F4B-9684-E06622436A14} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{E3A4EA60-93D4-4413-9B2B-6FFF17780773} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-12] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {D77CF0FF-44E9-4418-9FA7-DD12716DD721} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{EBFB8447-A147-4518-923D-95424DBBDEB7} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-12] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {247CB7D0-F019-4164-A7AB-58D93D753602} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F9C77B1D-C5BB-43F7-B7A0-D51C171BDDDC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "db0e3690-912b-4fd4-a1ed-f236f8382075" --version "6.15.10623" --silent
Task: {96134779-19F9-4E7A-B9C7-48BA239B34E5} - System32\Tasks\CCleanerSkipUAC - PC => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {276D1DE8-7E7F-4B07-97F3-736ABB898765} - System32\Tasks\FanControl => C:\Windows\system32\cmd.exe [289792 2021-01-24] (Microsoft Windows -> Microsoft Corporation) -> /C start /B FanControl.exe
Task: {BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {D51B55CD-FD32-45C3-B42F-745D0FEFFDD2} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {B0596E80-4F68-4178-9CFE-B4C7AD887460} - System32\Tasks\iTop Christmas Task (One-Time) => "C:\Program Files\iTop Screen Recorder\itopxmas.exe" /isr (No File)
Task: {63B894C7-1AAD-4D8A-A051-C9B6246F6414} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {236C5820-77C5-4653-8084-51C54D87D30C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3745018-141C-4518-8ACF-AD7BE03A8F40} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124352 2023-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F691BFC-D6E5-4A2C-96EC-25457ADDB3D6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124352 2023-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9ACB9B02-7B6B-4907-86A8-6BB2C41BBAE6} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-04] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3E06DEC1-BAEA-463D-8481-60CCE4133B72} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {771FF85C-31AC-42DA-A850-DBCC306A2827} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2463840 2023-04-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {8C6291E7-FDE9-4521-B3AF-7570D64BE9E8} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {51F56D84-B2B8-4E7D-9DCF-BA1D257B23A3} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [File not signed]
Task: {9D302B69-C10B-49DA-9BCC-379062CE79D4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3C97DE6B-EC69-4FE6-A453-6DEE2565A1FA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0F1A9AD-0550-4B37-B012-06B6D2926168} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1659715826 => C:\Users\PC\AppData\Local\Programs\Opera GX\launcher.exe [2673056 2023-08-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PC\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {39AD0263-0A55-40EE-8E38-B514451B1464} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1687623853 => C:\Users\Theinka\AppData\Local\Programs\Opera GX\launcher.exe [2646424 2023-06-14] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Theinka\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {3BD950D2-D0A1-4B9F-A2E0-09D49C8BB732} - System32\Tasks\Opera GX scheduled Autoupdate 1657886657 => C:\Users\PC\AppData\Local\Programs\Opera GX\launcher.exe [2673056 2023-08-23] (Opera Norway AS -> Opera Software)
Task: {2C266ACF-26F8-41DF-BE27-F3A4FAE21601} - System32\Tasks\Opera GX scheduled Autoupdate 1670345292 => C:\Users\Theinka\AppData\Local\Programs\Opera GX\launcher.exe [2646424 2023-06-14] (Opera Norway AS -> Opera Software)
Task: {F91A1D3E-2497-4AC4-AD8C-3F688C921D60} - System32\Tasks\StartRPCService => C:\Windows\system32\NET.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {3E1302F4-A7DB-47F4-938B-486E88F3A128} - System32\Tasks\Zoner.Updater.S-1-5-21-321179341-2139502707-572524282-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1615168 2023-09-08] (ZONER a.s. -> ZONER a.s.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Intel PTT EK Recertification.job => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{41999a4b-53eb-4196-bde0-197c68011fdf}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{db69e62a-0ccc-480d-89fd-964a5e327c4e}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Edge:
=======
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-08]
Edge Extension: (Edge relevant text changes) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-15]
Edge Extension: (Microsoft Edge DevTools Enhancements) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfbdpdaobnofkbopebjglnaadopfikhh [2023-04-09]
FireFox:
========
FF DefaultProfile: 2hjvx19l.default
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\2hjvx19l.default [2021-09-01]
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\spf2f3e4.default-release-1676222568285 [2023-09-07]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-03-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-03-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2023-09-09]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://meet.google.com; hxxps://web.whatsapp.com; hxxps://www.youtube.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-09-08]
CHR Extension: (uBlock Origin) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-07-29]
CHR Extension: (Adblock na Youtube™) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-25]
CHR Extension: (change-language) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-09-06]
CHR Extension: (HTTPS Everywhere) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-05-25]
CHR Extension: (Return YouTube Dislike) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-08-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-27]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-01-13]
CHR Extension: (Amazing css color picker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclbckmnpbnkcpemopdngipibdagmjei [2023-07-29]
CHR Extension: (Page Refresh) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmooaemjmediafeacjplpbpenjnpcneg [2022-12-24]
CHR Extension: (MetaMask) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-09-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-17]
CHR Extension: (ChatGPT File Uploader) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaogphgfdbdbmhkiplemgehihiiececj [2023-07-28]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-26]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-06-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-08-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-18]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-18]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-321179341-2139502707-572524282-1001) Opera GXStable - "C:\Users\PC\AppData\Local\Programs\Opera GX\Launcher.exe"
StartMenuInternet: (HKU\S-1-5-21-321179341-2139502707-572524282-1002) Opera GXStable - "C:\Users\Theinka\AppData\Local\Programs\Opera GX\Launcher.exe"
Brave:
=======
BRA Profile: C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-09-08]
BRA Extension: (Brave Ad Block Updater (Exception-exceptions (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-09-08]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-09-08]
BRA Extension: (Brave NTP background images) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-08-20]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-09-08]
BRA Extension: (Wallet Data Files Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-09-04]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-09-08]
BRA Extension: (Brave NTP sponsored images) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-09-08]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-09-03]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-09-08]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-09-03]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-08-16]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-09-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [4040776 2023-09-08] (philandro Software GmbH -> AnyDesk Software GmbH)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8904088 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [587672 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [588184 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-03-10] (BattlEye Innovations e.K. -> )
S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-12] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-12] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\brave_vpn_helper.exe [3171864 2023-09-06] (Brave Software, Inc. -> Brave Software, Inc.)
S4 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [2183192 2023-09-06] (Brave Software, Inc. -> Brave Software, Inc.)
S4 brlapi; C:\Windows\brltty\bin\brltty.exe [847886 2019-10-15] (Microsoft Windows -> )
S4 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817440 2023-08-19] (Microsoft Corporation -> Microsoft Corporation)
S4 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [19792 2023-05-25] (Docker Inc -> Docker Inc.)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S4 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-05-17] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-24] (Epic Games Inc. -> Epic Games, Inc.)
S4 JumpConnect; C:\Program Files (x86)\Phase Five Systems\Jump Desktop Connect\6.10.11.0\JumpConnect.exe [154032 2023-05-02] (PhaseFive Systems LLC -> Phase Five Systems)
S4 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S4 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [73824 2023-04-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S4 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150176 2022-08-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S4 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S4 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S4 nlsvc; C:\Program Files\Locktime Software\NetLimiter\NLSvc.exe [24920 2023-06-30] (Locktime Software s.r.o. -> Locktime Software)
S4 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64736 2022-05-31] (OpenVPN Inc. -> The OpenVPN Project)
S4 PortmasterCore; C:\ProgramData\Safing\Portmaster\portmaster-start.exe [12975896 2023-06-01] (Safing ICS Technologies GmbH -> )
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20802872 2023-08-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746728 2022-03-23] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\elevation_service.exe" [X]
S4 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [238496 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392880 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297880 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39648 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [272576 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559184 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [946160 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [705480 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212680 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [53904 2021-10-01] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319568 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2022-02-21] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [310688 2023-06-06] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 Capsax64Drv; C:\Windows\System32\Drivers\Capsax64Drv.sys [53600 2019-01-23] (成都科来软件有限公司 -> Colasoft Co., Ltd.)
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [608464 2022-12-24] (Intel Corporation -> Intel Corporation)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [15693768 2023-05-08] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
S1 gvm; C:\Windows\system32\DRIVERS\gvm.sys [390144 2023-07-30] (Google LLC -> Google LLC)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 KrispAudioS; C:\Windows\System32\drivers\KrispAudio.sys [60384 2022-12-16] (Krisp Technologies, Inc -> Krisp Technologies, Inc)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [91888 2022-07-26] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net)
S3 libusb0_dji; C:\Windows\system32\DRIVERS\libusb0_dji.sys [73240 2022-07-26] (Microsoft Windows Hardware Compatibility Publisher -> hxxp://libusb-win32.sourceforge.net)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [196696 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Locktime Software)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [28480 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 R0FanControl; D:\!!!!!FAN CONTROL\FanControl.sys [14544 2023-09-09] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2022-07-25] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [240704 2022-03-22] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1046392 2022-03-22] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [175800 2022-03-22] (Oracle Corporation -> Oracle Corporation)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [48136 2021-02-25] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49544 2021-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [420088 2021-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72952 2021-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [38176 2022-07-25] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)
U1 aswbdisk; no ImagePath
S3 GPUZ-v2; \??\C:\Windows\TEMP\GPUZ-v2.sys [X]
U4 npcap_wifi; no ImagePath
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S3 WacHidRouter; \SystemRoot\System32\drivers\wachidrouter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-09-08 06:35 - 2023-09-08 06:35 - 000000000 ___HD C:\$SysReset
2023-09-07 16:39 - 2023-09-07 16:39 - 012160512 _____ (Tim Kosse) C:\Users\PC\Downloads\FileZilla_3.65.0_win64-setup.exe
2023-09-04 16:44 - 2023-09-06 16:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-02 07:40 - 2023-09-02 07:40 - 000000000 ____D C:\Users\PC\OneDrive\Dokumenty\FeedbackHub
2023-08-31 15:36 - 2023-08-31 15:36 - 000000000 ____D C:\Users\PC\AppData\Local\node-gyp
2023-08-27 17:21 - 2023-09-08 05:57 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-08-27 17:21 - 2023-08-29 10:31 - 000000000 ____D C:\ProgramData\AnyDesk
2023-08-27 17:21 - 2023-08-27 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2023-08-27 16:56 - 2023-08-27 16:57 - 000000000 ___HD C:\$WinREAgent
2023-08-27 14:00 - 2023-08-27 14:00 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-08-21 17:34 - 2023-08-21 17:34 - 000000000 ____D C:\Users\PC\AppData\Roaming\Colasoft
2023-08-21 17:34 - 2023-08-21 17:34 - 000000000 ____D C:\Program Files\Common Files\Colasoft Shared
2023-08-21 17:33 - 2023-08-21 17:34 - 000000000 ____D C:\Program Files\Colasoft Packet Player 2.1
2023-08-21 17:33 - 2023-08-21 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Colasoft Packet Player
2023-08-21 17:33 - 2019-01-23 09:55 - 000053600 _____ (Colasoft Co., Ltd.) C:\Windows\system32\Drivers\Capsax64Drv.sys
2023-08-21 17:18 - 2023-08-21 17:24 - 000000000 ____D C:\Users\PC\AppData\Local\PacketSender
2023-08-21 12:59 - 2023-08-21 12:59 - 000001090 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyenaeFE.lnk
2023-08-21 12:45 - 2023-08-21 13:26 - 000000000 ____D C:\Program Files (x86)\Hyenae
2023-08-21 10:44 - 2023-08-21 10:44 - 000000218 _____ C:\Users\PC\AppData\Local\recently-used.xbel
2023-08-20 18:18 - 2023-08-20 18:18 - 000000000 ____D C:\Users\PC\AppData\Roaming\Locktime
2023-08-20 18:18 - 2023-08-20 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter
2023-08-20 18:18 - 2023-08-20 18:18 - 000000000 ____D C:\ProgramData\Locktime
2023-08-20 18:18 - 2023-08-20 18:18 - 000000000 ____D C:\Program Files\Locktime Software
2023-08-20 18:10 - 2023-09-04 15:33 - 000000000 ____D C:\Users\PC\AppData\Roaming\Portmaster
2023-08-20 18:10 - 2023-08-20 18:10 - 000002067 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portmaster.lnk
2023-08-20 18:09 - 2023-08-20 18:09 - 000000000 ____D C:\ProgramData\Safing
2023-08-20 18:09 - 2023-08-20 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portmaster
2023-08-20 18:09 - 2023-08-20 18:09 - 000000000 ____D C:\Program Files\Safing
2023-08-18 14:21 - 2023-08-21 16:55 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2023-08-18 14:21 - 2023-08-18 14:21 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2023-08-15 19:53 - 2023-08-15 19:53 - 000000128 _____ C:\Users\PC\AppData\Roaming\PUTTY.RND
2023-08-15 19:41 - 2023-08-15 19:41 - 012140960 _____ (Tim Kosse) C:\Users\PC\Downloads\FileZilla_3.64.0_win64-setup.exe
2023-08-14 09:19 - 2023-08-14 10:30 - 000000000 ____D C:\ESD
2023-08-14 09:16 - 2023-08-14 09:16 - 000000000 ___HD C:\$Windows.~WS
2023-08-14 09:16 - 2023-08-14 09:16 - 000000000 ____D C:\$WINDOWS.~BT
2023-08-12 19:32 - 2023-08-12 19:32 - 000000000 ____D C:\Users\PC\AppData\Local\Backup
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-09-09 06:23 - 2021-12-16 21:02 - 000000000 ____D C:\Windows\SystemTemp
2023-09-09 06:23 - 2021-02-12 18:46 - 000000000 ____D C:\FRST
2023-09-09 06:23 - 2021-01-24 20:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-09 06:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-09 06:20 - 2022-09-13 16:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\discord
2023-09-09 06:20 - 2022-09-13 16:22 - 000000000 ____D C:\Users\PC\AppData\Local\Discord
2023-09-08 20:00 - 2023-06-24 18:24 - 000003798 _____ C:\Windows\system32\Tasks\Opera GX scheduled assistant Autoupdate 1687623853
2023-09-08 20:00 - 2023-05-31 17:43 - 000002266 _____ C:\Windows\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2023-09-08 20:00 - 2023-05-08 18:22 - 000002160 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-09-08 20:00 - 2023-02-12 19:40 - 000003500 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{EBFB8447-A147-4518-923D-95424DBBDEB7}
2023-09-08 20:00 - 2023-02-12 19:40 - 000003276 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{E3A4EA60-93D4-4413-9B2B-6FFF17780773}
2023-09-08 20:00 - 2023-01-30 08:30 - 000003136 _____ C:\Windows\system32\Tasks\MSIAfterburner
2023-09-08 20:00 - 2022-12-24 13:25 - 000002704 _____ C:\Windows\system32\Tasks\iTop Christmas Task (One-Time)
2023-09-08 20:00 - 2022-12-06 18:48 - 000003534 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1670345292
2023-09-08 20:00 - 2022-11-20 18:05 - 000002658 _____ C:\Windows\system32\Tasks\FanControl
2023-09-08 20:00 - 2022-10-11 16:31 - 000002954 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-09-08 20:00 - 2022-09-27 13:29 - 000003044 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-09-08 20:00 - 2022-09-27 13:29 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-09-08 20:00 - 2022-08-05 18:10 - 000003758 _____ C:\Windows\system32\Tasks\Opera GX scheduled assistant Autoupdate 1659715826
2023-09-08 20:00 - 2022-07-15 14:04 - 000003594 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1657886657
2023-09-08 20:00 - 2021-11-25 19:29 - 000003194 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-09-08 20:00 - 2021-11-25 19:29 - 000002244 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - PC
2023-09-08 20:00 - 2021-09-17 16:20 - 000003410 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-08 20:00 - 2021-09-17 16:20 - 000003186 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-08 20:00 - 2021-09-15 17:36 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-08 20:00 - 2021-09-15 17:36 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-08 20:00 - 2021-07-28 15:04 - 000003150 _____ C:\Windows\system32\Tasks\Zoner.Updater.S-1-5-21-321179341-2139502707-572524282-1001
2023-09-08 20:00 - 2021-04-01 09:57 - 000002532 _____ C:\Windows\system32\Tasks\StartRPCService
2023-09-08 20:00 - 2021-01-24 20:13 - 000003220 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2023-09-08 20:00 - 2020-09-27 09:53 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-08 20:00 - 2020-09-27 09:53 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-08 19:58 - 2021-07-18 17:05 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2023-09-08 19:47 - 2021-02-04 13:20 - 000000000 ____D C:\ProgramData\Zoner
2023-09-08 19:02 - 2023-02-06 16:56 - 000000000 ____D C:\Program Files (x86)\ROKLauncher
2023-09-08 18:32 - 2021-07-29 09:12 - 000000572 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2023-09-08 18:30 - 2021-01-24 20:05 - 001693140 _____ C:\Windows\system32\PerfStringBackup.INI
2023-09-08 18:30 - 2019-12-07 16:41 - 000716770 _____ C:\Windows\system32\perfh005.dat
2023-09-08 18:30 - 2019-12-07 16:41 - 000144948 _____ C:\Windows\system32\perfc005.dat
2023-09-08 18:30 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-09-08 18:26 - 2021-03-06 19:11 - 000000000 ____D C:\ProgramData\Avast Software
2023-09-08 18:23 - 2020-09-27 09:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-08 18:23 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2023-09-08 18:21 - 2022-04-09 21:24 - 000000000 ____D C:\MSI
2023-09-08 18:21 - 2021-01-24 20:08 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-08 18:10 - 2022-02-25 15:09 - 000000000 ____D C:\Program Files\TeamViewer
2023-09-08 17:53 - 2023-02-06 17:43 - 000000000 ____D C:\Users\PC\.lim
2023-09-08 17:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-08 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-09-08 06:35 - 2021-01-22 16:52 - 000000000 ____D C:\Windows\Panther
2023-09-08 06:34 - 2022-10-09 16:14 - 000095848 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-09-08 06:34 - 2022-10-09 16:14 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-09-08 06:34 - 2022-05-06 18:19 - 000000000 ____D C:\XboxGames
2023-09-08 06:34 - 2022-02-27 10:04 - 002688512 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-09-08 06:34 - 2022-02-27 10:04 - 000483328 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-09-08 06:34 - 2022-02-27 10:04 - 000210536 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-09-08 06:34 - 2022-02-27 10:04 - 000181864 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-09-08 06:34 - 2022-02-27 10:04 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-09-08 06:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2023-09-08 05:59 - 2021-01-25 11:22 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2023-09-08 05:57 - 2021-09-17 16:20 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-07 20:07 - 2021-01-25 09:18 - 000002382 ____H C:\Users\PC\OneDrive\Dokumenty\Default.rdp
2023-09-07 19:43 - 2022-01-03 18:32 - 000000000 ____D C:\Users\PC\AppData\Local\RealVNC
2023-09-07 19:11 - 2021-12-07 16:26 - 000000000 ____D C:\Users\PC\AppData\Roaming\FileZilla
2023-09-07 15:53 - 2023-02-12 19:41 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-09-07 15:36 - 2021-03-13 09:48 - 000000000 ____D C:\Users\PC\AppData\Roaming\Code
2023-09-07 15:01 - 2020-09-27 07:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-06 18:33 - 2022-04-02 16:38 - 000000128 _____ C:\Users\PC\AppData\Local\PUTTY.RND
2023-09-06 16:44 - 2021-01-22 16:56 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2023-09-06 16:41 - 2023-02-12 19:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-06 15:21 - 2021-01-28 10:59 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2023-09-06 06:52 - 2021-02-27 18:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-05 19:06 - 2021-07-12 17:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Word
2023-09-05 15:47 - 2023-02-12 19:22 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-04 18:23 - 2021-07-13 06:51 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Excel
2023-09-04 16:45 - 2023-02-12 19:22 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-04 13:12 - 2021-09-13 15:47 - 000000000 ____D C:\Users\PC\AppData\Local\UnrealEngine
2023-09-04 06:58 - 2021-08-20 07:03 - 000000000 ____D C:\Users\PC\AppData\Local\Avast Software
2023-09-03 17:35 - 2023-02-03 23:00 - 000000000 ____D C:\Users\PC\.coding-tracker
2023-09-03 16:18 - 2021-06-15 15:12 - 000000000 ____D C:\Users\PC\AppData\Roaming\.tlauncher
2023-09-03 16:14 - 2022-05-04 18:34 - 000000000 ____D C:\Users\PC\AppData\Roaming\GitHub Desktop
2023-09-02 18:21 - 2020-09-27 09:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-02 07:51 - 2021-08-20 07:02 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-09-02 07:40 - 2021-02-11 09:58 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2023-08-31 17:30 - 2022-05-04 17:25 - 000000000 ____D C:\Users\PC\AppData\Roaming\npm
2023-08-31 15:36 - 2022-05-04 17:34 - 000000000 ____D C:\Users\PC\AppData\Local\npm-cache
2023-08-30 23:29 - 2021-06-06 14:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-08-30 08:59 - 2022-07-15 14:04 - 000001425 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2023-08-27 17:21 - 2022-10-28 17:14 - 000000000 ____D C:\Users\PC\AppData\Roaming\AnyDesk
2023-08-27 17:12 - 2021-01-22 16:56 - 000000000 ___SD C:\Users\PC\AppData\Roaming\Microsoft\Credentials
2023-08-27 17:07 - 2020-09-27 07:50 - 000474056 _____ C:\Windows\system32\FNTCACHE.DAT
2023-08-27 17:06 - 2021-09-15 17:42 - 000000000 ___SD C:\Windows\system32\lxss
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-08-27 17:05 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-08-27 17:02 - 2020-09-27 09:53 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-08-27 14:00 - 2023-01-19 16:48 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000946160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000705480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000559184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000392880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000319568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000297880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000272576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000238496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000095960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000039648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-08-27 14:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-08-27 13:57 - 2022-10-28 17:03 - 000000000 ___HD C:\avast! sandbox
2023-08-27 13:57 - 2021-11-25 19:29 - 000000000 ____D C:\Program Files\CCleaner
2023-08-22 07:58 - 2023-05-25 17:00 - 000000000 ____D C:\Users\PC\AppData\Roaming\Docker Desktop
2023-08-22 07:58 - 2023-05-24 19:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\Docker
2023-08-22 07:49 - 2023-05-24 19:42 - 000000000 ____D C:\Users\PC\AppData\Local\Docker
2023-08-21 15:40 - 2021-01-24 20:16 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2023-08-21 15:10 - 2022-10-11 16:31 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-08-21 08:28 - 2021-12-25 09:57 - 000000000 ____D C:\Users\PC\.ssh
2023-08-21 08:12 - 2022-04-29 06:23 - 000000000 ____D C:\Users\PC\.VirtualBox
2023-08-21 07:35 - 2021-01-28 11:31 - 000000000 ____D C:\ProgramData\VirtualBox
2023-08-21 06:57 - 2020-09-27 09:55 - 000000000 ____D C:\ProgramData\Packages
2023-08-20 07:38 - 2022-03-02 07:42 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-08-19 11:12 - 2022-05-14 10:06 - 000000000 ____D C:\Users\PC\AppData\Local\pip
2023-08-18 14:22 - 2022-10-11 16:32 - 000000000 ____D C:\Users\PC\AppData\Local\BlueStacks X
2023-08-18 14:21 - 2021-01-28 17:11 - 000000000 ____D C:\Users\Public\BlueStacks
2023-08-18 14:21 - 2021-01-28 17:11 - 000000000 ____D C:\Users\PC\AppData\Local\Bluestacks
2023-08-18 14:17 - 2022-10-11 16:29 - 000000000 ____D C:\Program Files (x86)\BlueStacks X
2023-08-16 07:44 - 2022-04-02 14:05 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2023-08-16 07:44 - 2021-12-07 16:26 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2023-08-14 13:37 - 2022-10-02 18:01 - 000000000 ____D C:\Users\PC\OneDrive\Dokumenty\DRLSim
2023-08-13 15:47 - 2021-09-07 15:33 - 000000000 ____D C:\Program Files (x86)\Steam
2023-08-13 07:21 - 2023-04-28 13:46 - 000000000 ____D C:\Users\PC\.BigNox
2023-08-13 07:21 - 2021-01-29 11:38 - 000000000 ____D C:\Users\PC\AppData\Local\Nox
2023-08-13 07:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Registration
2023-08-13 07:19 - 2021-09-27 14:38 - 000000000 ____D C:\Users\PC\vmlogs
2023-08-13 07:19 - 2021-09-27 14:38 - 000000000 ____D C:\Users\PC\AppData\Local\NoxSrv
2023-08-13 07:19 - 2021-01-22 16:56 - 000000000 ____D C:\Users\PC
2023-08-12 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-08-12 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-08-12 09:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
==================== Files in the root of some directories ========
2022-06-08 16:49 - 2022-06-08 16:49 - 000000068 _____ () C:\Users\PC\AppData\Roaming\changzhi_leidian.data
2022-06-08 16:49 - 2022-06-08 16:49 - 000000154 _____ () C:\Users\PC\AppData\Roaming\changzhi_leidianmac.data
2021-01-29 09:16 - 2022-04-22 19:15 - 000000016 _____ () C:\Users\PC\AppData\Roaming\obs-virtualcam.txt
2023-08-15 19:53 - 2023-08-15 19:53 - 000000128 _____ () C:\Users\PC\AppData\Roaming\PUTTY.RND
2023-03-02 15:18 - 2023-03-02 15:18 - 001065984 _____ () C:\Users\PC\AppData\Local\file__0.localstorage
2021-07-19 06:57 - 2022-08-05 18:14 - 000474917 _____ () C:\Users\PC\AppData\Local\parallels_toolbox.log
2022-04-02 16:38 - 2023-09-06 18:33 - 000000128 _____ () C:\Users\PC\AppData\Local\PUTTY.RND
2023-08-21 10:44 - 2023-08-21 10:44 - 000000218 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2021-02-04 14:06 - 2021-04-18 17:04 - 000007602 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2022-02-22 08:11 - 2022-08-05 18:14 - 000004323 _____ () C:\Users\PC\AppData\Local\toolbox_report.xml
2022-12-16 19:51 - 2022-12-20 18:32 - 000000293 _____ () C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219}
2022-12-16 19:51 - 2022-12-20 18:32 - 000000000 _____ () C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
V příloze Addition.txt.
Děkuji!
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Preventivní kontrola
- Přílohy
-
- Addition.zip
- (25.52 KiB) Staženo 48 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Zdravím!
Otevřte poznámkový blok a zkopírujte do ně:
Otevřte poznámkový blok a zkopírujte do ně:
Uložte do C:\Users\PC\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\...\Run: [tvncontrol] => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [CustomCursor] => "C:\Users\PC\AppData\Local\Blife\CustomCursor\CustomCursor.exe" "/tray" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [it.remote.desktop] => C:\Program Files\remoteit\remoteit.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" --hidden (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Krisp] => "C:\Program Files\Krisp\Krisp.exe" -s (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [whatpulse] => "C:\Program Files\WhatPulse\WhatPulse.exe" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [electron.app.Pi Network] => C:\Users\PC\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {7665429a-90dd-11ec-abeb-244bfe775eb1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {ea3aec86-83ed-11eb-ab32-244bfe775eb1} - "E:\LenovoUsbDriver.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B0596E80-4F68-4178-9CFE-B4C7AD887460} - System32\Tasks\iTop Christmas Task (One-Time) => "C:\Program Files\iTop Screen Recorder\itopxmas.exe" /isr (No File)
Task: {BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
U1 aswbdisk; no ImagePath
S3 GPUZ-v2; \??\C:\Windows\TEMP\GPUZ-v2.sys [X]
U4 npcap_wifi; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219}
C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB}
ContextMenuHandlers1_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
ContextMenuHandlers4_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3822]
AlternateDataStreams: C:\Users\Theinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
FirewallRules: [{D6B2DDEC-CDAA-47E3-A4B1-76F4F796F4CE}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [{9164A233-E972-4DD5-87A4-2E58C35BE0A3}] => (Block) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{7DEC9534-C4D1-470E-9CF5-0F0D4D68469A}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{41745206-C875-4416-B4DA-3A8C7BCB604D}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [{D42FCE2F-7C76-4A1D-9807-16BBAC743B4E}] => (Allow) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [{2D1992FC-2EF1-4633-8E63-B657E8383687}] => (Block) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{FB7696CA-0355-4F93-8627-7C676E971429}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{A3607866-AA9F-4711-A456-CD7F735D3EEB}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{850527CA-7E10-4A60-A157-DA31238F470A}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [UDP Query User{40DF6F46-1BDD-4E1A-9A4A-59B934723E7E}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [TCP Query User{76726584-9B12-4E8E-AD98-6C81D78002E6}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [UDP Query User{2E4F8C5D-1055-4BDD-8112-AF92C3BDD202}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [{B0BA8790-C5C3-4F31-BDB8-E89BBDC41BE0}] => (Allow) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [{A7EDE7AF-3BF6-4F29-BD1E-8F3865775A5A}] => (Block) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{435F5444-55F8-4CB3-B07F-85489BD23F04}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{727089F1-649E-44C0-9D64-F7F9EED22CFF}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{79F31AA6-2889-4FC2-B830-EB18E6E94E5B}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [UDP Query User{0B55E600-A68E-4600-A3E5-4A3A1E33F700}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [TCP Query User{598957E1-198B-47B9-A87F-9946B0F81C08}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [UDP Query User{BFF11645-C50B-4AE6-8197-9A8F7EDB0601}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [TCP Query User{7A6434FF-8223-4AE8-80A8-24FE893A6056}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{BEDB4263-094A-4E4E-A6D9-333652C726F6}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [TCP Query User{5EBC4863-A02F-49C1-943C-9462A315BF31}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [UDP Query User{5A6F61DE-73E7-4312-9C25-264BCE0F4F2B}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [TCP Query User{989F3D25-11B2-4DC6-B964-CAEA3AC32CC4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [UDP Query User{9C5098D8-A8FB-475B-90EB-9BA9E6E151FF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [TCP Query User{3D9F2682-D267-47FF-94A7-BE61577CCBD2}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{4CF07270-C9D1-449E-A53C-EF549879A94E}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [{713AAD50-5E04-48F6-9E0E-FACC0F1D8F1E}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{1205D16F-F998-4801-96D1-61265C148880}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{d0da6e51-4aa6-4d9c-93f5-b6f4f2bcd173}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{F0A7CCE3-ADBD-4EB4-98C0-B228380DFCD6}] => (Allow) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{5A8267A5-9FA4-4B71-A3DA-B0B43F62D765}] => (Block) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{2FE36E53-195D-4DBF-84A1-96F71572D700}] => (Allow) D:\UNITY\2018.3.0f2\Editor\Unity.exe => No File
FirewallRules: [{FA6E7E8A-6DC3-4DAE-B37B-98FB89DA11FF}] => (Allow) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{7796DE29-1AF8-4D14-9678-7481C6D658AD}] => (Block) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{4DB11C3E-638D-4DE4-8828-C205A9AB3939}] => (Allow) D:\UNITY\2018.4.17f1\Editor\Unity.exe => No File
FirewallRules: [{FE34CF34-E65B-435A-870C-3DBA5E32D714}] => (Allow) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{A38C15BF-A9D5-45B7-9E58-C0CC9644DE4E}] => (Block) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{EA95C2D1-7AC3-44B4-97F2-58384E64EE7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ACAE7889-338D-409D-862A-AE6EF35C66BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{01EF38A0-E623-452C-A9B6-D2AF952B41EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{CA8DB1AE-0B7B-40F9-B4FC-9EB3A938A132}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D7AB57EC-9A34-42A0-9C0A-5F1AFCC760B0}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [{70FFFEB4-461F-425D-992A-4EC0F05C59D1}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [TCP Query User{4D16858A-3C72-4EA4-A674-319552EBC97E}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [UDP Query User{46C23E71-4AC5-4989-A327-725FD5B80BEF}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{A55FFAD8-E7C0-4085-8DEF-30EDD2E1A29C}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{CE368BA2-4E9D-446A-BCCA-314310B13FDE}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{D0CB2737-9CD2-4654-AF7E-1EBD34AA2825}] => (Allow) D:\davinci resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [TCP Query User{8107F2F7-4F48-4CAD-B699-4F6A4B152330}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [UDP Query User{0B521A51-CE7C-4833-8074-1F6DA06CE8F2}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{D63F56A1-0591-41CC-882F-D19A2CE09A2F}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{9D80C5DD-C491-418A-B3B4-9A9F19ECACC5}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{A0779E56-5E42-4119-A7E1-CD8097FDEC41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{38A10CCE-7A28-4D97-BF6B-A1BE549A48D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C2CFBE4A-8AF4-4D81-BC12-10492BCE54F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{00E46D47-1EE2-4821-82A2-AAFBDEA34238}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{22D126AE-E2A8-4E1A-88B6-F590C3CA50C3}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [UDP Query User{E0F29BB6-2AEA-4C96-9A18-696FC99A36C1}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [TCP Query User{390E1E54-3935-4956-AF95-44BAB94EF215}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [UDP Query User{7353B879-B0CA-42FD-8C02-DD38E55BFA6E}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A1FD5305-77B3-4D4C-A344-13E4D0A7EB0A}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{47891DE2-CE61-4B4C-B549-87E31E489FE0}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A7C461C2-952D-4B19-9578-B706B8D4DE0B}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{18F5F9B9-64CE-4B86-8BA5-546DE07D9C70}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{948C9C87-8DA3-4EFB-8C6C-0C984DBD113E}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [{672FD62C-6846-4B93-B04E-41556F9677C1}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{30C17B4A-5376-40AE-B262-77879F2B4F4F}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [UDP Query User{A2152938-40AE-41BE-B4FC-ACF10BB4725C}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [TCP Query User{D61E56F8-5110-40F9-827D-9520558AE9F9}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [UDP Query User{EB726475-5695-4BAE-A585-94FFDB6CB473}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{107CA2EE-DE37-436A-B200-ED5C28079C14}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{D72C1201-39CB-463E-B570-D1EEFA94FAD6}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{289D1C3F-23EB-43A9-A0A1-CAADBC22F8C5}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{7FED9405-0F58-4BA5-ABB9-0AC1C0C462EE}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{A28D5B99-42DF-4D2F-99E0-72EAF9E51AC4}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{426895DB-37F0-48B7-9EBF-43DB0B9E449A}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{6C6ADBEB-BF53-4328-8F71-11EA62EE332F}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{8D66A43E-9869-4478-A9C8-D1028E028355}] => (Allow) D:\AnyDesk.exe => No File
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola
Omlouvám se za pozdní odpověď.
fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-09-2023
Ran by PC (18-09-2023 18:37:37) Run:5
Running from D:\
Loaded Profiles: PC & Theinka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [tvncontrol] => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [CustomCursor] => "C:\Users\PC\AppData\Local\Blife\CustomCursor\CustomCursor.exe" "/tray" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [it.remote.desktop] => C:\Program Files\remoteit\remoteit.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" --hidden (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Krisp] => "C:\Program Files\Krisp\Krisp.exe" -s (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [whatpulse] => "C:\Program Files\WhatPulse\WhatPulse.exe" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [electron.app.Pi Network] => C:\Users\PC\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {7665429a-90dd-11ec-abeb-244bfe775eb1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {ea3aec86-83ed-11eb-ab32-244bfe775eb1} - "E:\LenovoUsbDriver.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B0596E80-4F68-4178-9CFE-B4C7AD887460} - System32\Tasks\iTop Christmas Task (One-Time) => "C:\Program Files\iTop Screen Recorder\itopxmas.exe" /isr (No File)
Task: {BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
U1 aswbdisk; no ImagePath
S3 GPUZ-v2; \??\C:\Windows\TEMP\GPUZ-v2.sys [X]
U4 npcap_wifi; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219}
C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB}
ContextMenuHandlers1_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
ContextMenuHandlers4_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3822]
AlternateDataStreams: C:\Users\Theinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
FirewallRules: [{D6B2DDEC-CDAA-47E3-A4B1-76F4F796F4CE}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [{9164A233-E972-4DD5-87A4-2E58C35BE0A3}] => (Block) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{7DEC9534-C4D1-470E-9CF5-0F0D4D68469A}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{41745206-C875-4416-B4DA-3A8C7BCB604D}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [{D42FCE2F-7C76-4A1D-9807-16BBAC743B4E}] => (Allow) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [{2D1992FC-2EF1-4633-8E63-B657E8383687}] => (Block) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{FB7696CA-0355-4F93-8627-7C676E971429}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{A3607866-AA9F-4711-A456-CD7F735D3EEB}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{850527CA-7E10-4A60-A157-DA31238F470A}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [UDP Query User{40DF6F46-1BDD-4E1A-9A4A-59B934723E7E}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [TCP Query User{76726584-9B12-4E8E-AD98-6C81D78002E6}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [UDP Query User{2E4F8C5D-1055-4BDD-8112-AF92C3BDD202}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [{B0BA8790-C5C3-4F31-BDB8-E89BBDC41BE0}] => (Allow) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [{A7EDE7AF-3BF6-4F29-BD1E-8F3865775A5A}] => (Block) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{435F5444-55F8-4CB3-B07F-85489BD23F04}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{727089F1-649E-44C0-9D64-F7F9EED22CFF}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{79F31AA6-2889-4FC2-B830-EB18E6E94E5B}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [UDP Query User{0B55E600-A68E-4600-A3E5-4A3A1E33F700}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [TCP Query User{598957E1-198B-47B9-A87F-9946B0F81C08}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [UDP Query User{BFF11645-C50B-4AE6-8197-9A8F7EDB0601}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [TCP Query User{7A6434FF-8223-4AE8-80A8-24FE893A6056}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{BEDB4263-094A-4E4E-A6D9-333652C726F6}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [TCP Query User{5EBC4863-A02F-49C1-943C-9462A315BF31}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [UDP Query User{5A6F61DE-73E7-4312-9C25-264BCE0F4F2B}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [TCP Query User{989F3D25-11B2-4DC6-B964-CAEA3AC32CC4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [UDP Query User{9C5098D8-A8FB-475B-90EB-9BA9E6E151FF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [TCP Query User{3D9F2682-D267-47FF-94A7-BE61577CCBD2}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{4CF07270-C9D1-449E-A53C-EF549879A94E}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [{713AAD50-5E04-48F6-9E0E-FACC0F1D8F1E}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{1205D16F-F998-4801-96D1-61265C148880}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{d0da6e51-4aa6-4d9c-93f5-b6f4f2bcd173}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{F0A7CCE3-ADBD-4EB4-98C0-B228380DFCD6}] => (Allow) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{5A8267A5-9FA4-4B71-A3DA-B0B43F62D765}] => (Block) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{2FE36E53-195D-4DBF-84A1-96F71572D700}] => (Allow) D:\UNITY\2018.3.0f2\Editor\Unity.exe => No File
FirewallRules: [{FA6E7E8A-6DC3-4DAE-B37B-98FB89DA11FF}] => (Allow) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{7796DE29-1AF8-4D14-9678-7481C6D658AD}] => (Block) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{4DB11C3E-638D-4DE4-8828-C205A9AB3939}] => (Allow) D:\UNITY\2018.4.17f1\Editor\Unity.exe => No File
FirewallRules: [{FE34CF34-E65B-435A-870C-3DBA5E32D714}] => (Allow) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{A38C15BF-A9D5-45B7-9E58-C0CC9644DE4E}] => (Block) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{EA95C2D1-7AC3-44B4-97F2-58384E64EE7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ACAE7889-338D-409D-862A-AE6EF35C66BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{01EF38A0-E623-452C-A9B6-D2AF952B41EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{CA8DB1AE-0B7B-40F9-B4FC-9EB3A938A132}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D7AB57EC-9A34-42A0-9C0A-5F1AFCC760B0}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [{70FFFEB4-461F-425D-992A-4EC0F05C59D1}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [TCP Query User{4D16858A-3C72-4EA4-A674-319552EBC97E}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [UDP Query User{46C23E71-4AC5-4989-A327-725FD5B80BEF}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{A55FFAD8-E7C0-4085-8DEF-30EDD2E1A29C}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{CE368BA2-4E9D-446A-BCCA-314310B13FDE}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{D0CB2737-9CD2-4654-AF7E-1EBD34AA2825}] => (Allow) D:\davinci resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [TCP Query User{8107F2F7-4F48-4CAD-B699-4F6A4B152330}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [UDP Query User{0B521A51-CE7C-4833-8074-1F6DA06CE8F2}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{D63F56A1-0591-41CC-882F-D19A2CE09A2F}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{9D80C5DD-C491-418A-B3B4-9A9F19ECACC5}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{A0779E56-5E42-4119-A7E1-CD8097FDEC41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{38A10CCE-7A28-4D97-BF6B-A1BE549A48D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C2CFBE4A-8AF4-4D81-BC12-10492BCE54F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{00E46D47-1EE2-4821-82A2-AAFBDEA34238}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{22D126AE-E2A8-4E1A-88B6-F590C3CA50C3}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [UDP Query User{E0F29BB6-2AEA-4C96-9A18-696FC99A36C1}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [TCP Query User{390E1E54-3935-4956-AF95-44BAB94EF215}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [UDP Query User{7353B879-B0CA-42FD-8C02-DD38E55BFA6E}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A1FD5305-77B3-4D4C-A344-13E4D0A7EB0A}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{47891DE2-CE61-4B4C-B549-87E31E489FE0}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A7C461C2-952D-4B19-9578-B706B8D4DE0B}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{18F5F9B9-64CE-4B86-8BA5-546DE07D9C70}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{948C9C87-8DA3-4EFB-8C6C-0C984DBD113E}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [{672FD62C-6846-4B93-B04E-41556F9677C1}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{30C17B4A-5376-40AE-B262-77879F2B4F4F}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [UDP Query User{A2152938-40AE-41BE-B4FC-ACF10BB4725C}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [TCP Query User{D61E56F8-5110-40F9-827D-9520558AE9F9}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [UDP Query User{EB726475-5695-4BAE-A585-94FFDB6CB473}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{107CA2EE-DE37-436A-B200-ED5C28079C14}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{D72C1201-39CB-463E-B570-D1EEFA94FAD6}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{289D1C3F-23EB-43A9-A0A1-CAADBC22F8C5}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{7FED9405-0F58-4BA5-ABB9-0AC1C0C462EE}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{A28D5B99-42DF-4D2F-99E0-72EAF9E51AC4}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{426895DB-37F0-48B7-9EBF-43DB0B9E449A}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{6C6ADBEB-BF53-4328-8F71-11EA62EE332F}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{8D66A43E-9869-4478-A9C8-D1028E028355}] => (Allow) D:\AnyDesk.exe => No File
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\tvncontrol" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CustomCursor" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\it.remote.desktop" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Salad" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Krisp" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\whatpulse" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\electron.app.Pi Network" => removed successfully
HKU\S-1-5-21-321179341-2139502707-572524282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7665429a-90dd-11ec-abeb-244bfe775eb1} => removed successfully
HKU\S-1-5-21-321179341-2139502707-572524282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea3aec86-83ed-11eb-ab32-244bfe775eb1} => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Salad" => removed successfully
"C:\Windows\system32\GroupPolicy\Machine" folder move:
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B0596E80-4F68-4178-9CFE-B4C7AD887460}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0596E80-4F68-4178-9CFE-B4C7AD887460}" => removed successfully
C:\Windows\System32\Tasks\iTop Christmas Task (One-Time) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iTop Christmas Task (One-Time)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\GPUZ-v2 => removed successfully
GPUZ-v2 => service removed successfully
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219} => moved successfully
C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB} => moved successfully
HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\ kwpsshellext => not found
HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ kwpsshellext => not found
C:\ProgramData\DP45977C.lfl => ":677104FCAA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk => ":09A0A90EF3" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9 => ": Legends.lnk" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\Theinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9 => ": Legends.lnk" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6B2DDEC-CDAA-47E3-A4B1-76F4F796F4CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9164A233-E972-4DD5-87A4-2E58C35BE0A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7DEC9534-C4D1-470E-9CF5-0F0D4D68469A}C:\program files\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{41745206-C875-4416-B4DA-3A8C7BCB604D}C:\program files\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D42FCE2F-7C76-4A1D-9807-16BBAC743B4E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D1992FC-2EF1-4633-8E63-B657E8383687}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FB7696CA-0355-4F93-8627-7C676E971429}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3607866-AA9F-4711-A456-CD7F735D3EEB}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{850527CA-7E10-4A60-A157-DA31238F470A}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{40DF6F46-1BDD-4E1A-9A4A-59B934723E7E}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{76726584-9B12-4E8E-AD98-6C81D78002E6}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2E4F8C5D-1055-4BDD-8112-AF92C3BDD202}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B0BA8790-C5C3-4F31-BDB8-E89BBDC41BE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7EDE7AF-3BF6-4F29-BD1E-8F3865775A5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{435F5444-55F8-4CB3-B07F-85489BD23F04}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{727089F1-649E-44C0-9D64-F7F9EED22CFF}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{79F31AA6-2889-4FC2-B830-EB18E6E94E5B}C:\program files\android\android studio\bin\studio64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B55E600-A68E-4600-A3E5-4A3A1E33F700}C:\program files\android\android studio\bin\studio64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{598957E1-198B-47B9-A87F-9946B0F81C08}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BFF11645-C50B-4AE6-8197-9A8F7EDB0601}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7A6434FF-8223-4AE8-80A8-24FE893A6056}C:\program files\blackmagic design\davinci resolve\resolve.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BEDB4263-094A-4E4E-A6D9-333652C726F6}C:\program files\blackmagic design\davinci resolve\resolve.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5EBC4863-A02F-49C1-943C-9462A315BF31}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A6F61DE-73E7-4312-9C25-264BCE0F4F2B}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{989F3D25-11B2-4DC6-B964-CAEA3AC32CC4}C:\program files\blackmagic design\davinci resolve\fuscript.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9C5098D8-A8FB-475B-90EB-9BA9E6E151FF}C:\program files\blackmagic design\davinci resolve\fuscript.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D9F2682-D267-47FF-94A7-BE61577CCBD2}D:\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4CF07270-C9D1-449E-A53C-EF549879A94E}D:\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{713AAD50-5E04-48F6-9E0E-FACC0F1D8F1E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1205D16F-F998-4801-96D1-61265C148880}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{d0da6e51-4aa6-4d9c-93f5-b6f4f2bcd173}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0A7CCE3-ADBD-4EB4-98C0-B228380DFCD6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A8267A5-9FA4-4B71-A3DA-B0B43F62D765}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2FE36E53-195D-4DBF-84A1-96F71572D700}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FA6E7E8A-6DC3-4DAE-B37B-98FB89DA11FF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7796DE29-1AF8-4D14-9678-7481C6D658AD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DB11C3E-638D-4DE4-8828-C205A9AB3939}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE34CF34-E65B-435A-870C-3DBA5E32D714}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A38C15BF-A9D5-45B7-9E58-C0CC9644DE4E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA95C2D1-7AC3-44B4-97F2-58384E64EE7E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACAE7889-338D-409D-862A-AE6EF35C66BF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01EF38A0-E623-452C-A9B6-D2AF952B41EA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA8DB1AE-0B7B-40F9-B4FC-9EB3A938A132}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7AB57EC-9A34-42A0-9C0A-5F1AFCC760B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70FFFEB4-461F-425D-992A-4EC0F05C59D1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4D16858A-3C72-4EA4-A674-319552EBC97E}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{46C23E71-4AC5-4989-A327-725FD5B80BEF}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A55FFAD8-E7C0-4085-8DEF-30EDD2E1A29C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE368BA2-4E9D-446A-BCCA-314310B13FDE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0CB2737-9CD2-4654-AF7E-1EBD34AA2825}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8107F2F7-4F48-4CAD-B699-4F6A4B152330}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B521A51-CE7C-4833-8074-1F6DA06CE8F2}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D63F56A1-0591-41CC-882F-D19A2CE09A2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D80C5DD-C491-418A-B3B4-9A9F19ECACC5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0779E56-5E42-4119-A7E1-CD8097FDEC41}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38A10CCE-7A28-4D97-BF6B-A1BE549A48D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2CFBE4A-8AF4-4D81-BC12-10492BCE54F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00E46D47-1EE2-4821-82A2-AAFBDEA34238}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{22D126AE-E2A8-4E1A-88B6-F590C3CA50C3}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E0F29BB6-2AEA-4C96-9A18-696FC99A36C1}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{390E1E54-3935-4956-AF95-44BAB94EF215}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7353B879-B0CA-42FD-8C02-DD38E55BFA6E}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1FD5305-77B3-4D4C-A344-13E4D0A7EB0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47891DE2-CE61-4B4C-B549-87E31E489FE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7C461C2-952D-4B19-9578-B706B8D4DE0B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18F5F9B9-64CE-4B86-8BA5-546DE07D9C70}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{948C9C87-8DA3-4EFB-8C6C-0C984DBD113E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{672FD62C-6846-4B93-B04E-41556F9677C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30C17B4A-5376-40AE-B262-77879F2B4F4F}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2152938-40AE-41BE-B4FC-ACF10BB4725C}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D61E56F8-5110-40F9-827D-9520558AE9F9}C:\program files\packetsender\packetsender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EB726475-5695-4BAE-A585-94FFDB6CB473}C:\program files\packetsender\packetsender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{107CA2EE-DE37-436A-B200-ED5C28079C14}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D72C1201-39CB-463E-B570-D1EEFA94FAD6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{289D1C3F-23EB-43A9-A0A1-CAADBC22F8C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FED9405-0F58-4BA5-ABB9-0AC1C0C462EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A28D5B99-42DF-4D2F-99E0-72EAF9E51AC4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{426895DB-37F0-48B7-9EBF-43DB0B9E449A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C6ADBEB-BF53-4328-8F71-11EA62EE332F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D66A43E-9869-4478-A9C8-D1028E028355}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 2097152 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 181614395 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 884297214 B
Windows/system/drivers => 7225567 B
Edge => 0 B
Chrome => 864097708 B
Brave => 268457554 B
Firefox => 204808810 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 112016844 B
systemprofile32 => 194908251 B
LocalService => 195202095 B
NetworkService => 195214315 B
PC => 580292324 B
Theinka => 1067327259 B
RecycleBin => 0 B
EmptyTemp: => 4.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-09-2023 18:40:22)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
==== End of Fixlog 18:40:23 ====
fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-09-2023
Ran by PC (18-09-2023 18:37:37) Run:5
Running from D:\
Loaded Profiles: PC & Theinka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [tvncontrol] => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [CustomCursor] => "C:\Users\PC\AppData\Local\Blife\CustomCursor\CustomCursor.exe" "/tray" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [it.remote.desktop] => C:\Program Files\remoteit\remoteit.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" --hidden (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Krisp] => "C:\Program Files\Krisp\Krisp.exe" -s (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [whatpulse] => "C:\Program Files\WhatPulse\WhatPulse.exe" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [electron.app.Pi Network] => C:\Users\PC\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {7665429a-90dd-11ec-abeb-244bfe775eb1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {ea3aec86-83ed-11eb-ab32-244bfe775eb1} - "E:\LenovoUsbDriver.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B0596E80-4F68-4178-9CFE-B4C7AD887460} - System32\Tasks\iTop Christmas Task (One-Time) => "C:\Program Files\iTop Screen Recorder\itopxmas.exe" /isr (No File)
Task: {BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
U1 aswbdisk; no ImagePath
S3 GPUZ-v2; \??\C:\Windows\TEMP\GPUZ-v2.sys [X]
U4 npcap_wifi; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219}
C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB}
ContextMenuHandlers1_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
ContextMenuHandlers4_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3822]
AlternateDataStreams: C:\Users\Theinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
FirewallRules: [{D6B2DDEC-CDAA-47E3-A4B1-76F4F796F4CE}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [{9164A233-E972-4DD5-87A4-2E58C35BE0A3}] => (Block) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{7DEC9534-C4D1-470E-9CF5-0F0D4D68469A}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{41745206-C875-4416-B4DA-3A8C7BCB604D}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [{D42FCE2F-7C76-4A1D-9807-16BBAC743B4E}] => (Allow) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [{2D1992FC-2EF1-4633-8E63-B657E8383687}] => (Block) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{FB7696CA-0355-4F93-8627-7C676E971429}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{A3607866-AA9F-4711-A456-CD7F735D3EEB}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{850527CA-7E10-4A60-A157-DA31238F470A}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [UDP Query User{40DF6F46-1BDD-4E1A-9A4A-59B934723E7E}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [TCP Query User{76726584-9B12-4E8E-AD98-6C81D78002E6}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [UDP Query User{2E4F8C5D-1055-4BDD-8112-AF92C3BDD202}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [{B0BA8790-C5C3-4F31-BDB8-E89BBDC41BE0}] => (Allow) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [{A7EDE7AF-3BF6-4F29-BD1E-8F3865775A5A}] => (Block) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{435F5444-55F8-4CB3-B07F-85489BD23F04}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{727089F1-649E-44C0-9D64-F7F9EED22CFF}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{79F31AA6-2889-4FC2-B830-EB18E6E94E5B}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [UDP Query User{0B55E600-A68E-4600-A3E5-4A3A1E33F700}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [TCP Query User{598957E1-198B-47B9-A87F-9946B0F81C08}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [UDP Query User{BFF11645-C50B-4AE6-8197-9A8F7EDB0601}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [TCP Query User{7A6434FF-8223-4AE8-80A8-24FE893A6056}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{BEDB4263-094A-4E4E-A6D9-333652C726F6}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [TCP Query User{5EBC4863-A02F-49C1-943C-9462A315BF31}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [UDP Query User{5A6F61DE-73E7-4312-9C25-264BCE0F4F2B}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [TCP Query User{989F3D25-11B2-4DC6-B964-CAEA3AC32CC4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [UDP Query User{9C5098D8-A8FB-475B-90EB-9BA9E6E151FF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [TCP Query User{3D9F2682-D267-47FF-94A7-BE61577CCBD2}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{4CF07270-C9D1-449E-A53C-EF549879A94E}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [{713AAD50-5E04-48F6-9E0E-FACC0F1D8F1E}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{1205D16F-F998-4801-96D1-61265C148880}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{d0da6e51-4aa6-4d9c-93f5-b6f4f2bcd173}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{F0A7CCE3-ADBD-4EB4-98C0-B228380DFCD6}] => (Allow) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{5A8267A5-9FA4-4B71-A3DA-B0B43F62D765}] => (Block) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{2FE36E53-195D-4DBF-84A1-96F71572D700}] => (Allow) D:\UNITY\2018.3.0f2\Editor\Unity.exe => No File
FirewallRules: [{FA6E7E8A-6DC3-4DAE-B37B-98FB89DA11FF}] => (Allow) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{7796DE29-1AF8-4D14-9678-7481C6D658AD}] => (Block) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{4DB11C3E-638D-4DE4-8828-C205A9AB3939}] => (Allow) D:\UNITY\2018.4.17f1\Editor\Unity.exe => No File
FirewallRules: [{FE34CF34-E65B-435A-870C-3DBA5E32D714}] => (Allow) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{A38C15BF-A9D5-45B7-9E58-C0CC9644DE4E}] => (Block) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{EA95C2D1-7AC3-44B4-97F2-58384E64EE7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ACAE7889-338D-409D-862A-AE6EF35C66BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{01EF38A0-E623-452C-A9B6-D2AF952B41EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{CA8DB1AE-0B7B-40F9-B4FC-9EB3A938A132}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D7AB57EC-9A34-42A0-9C0A-5F1AFCC760B0}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [{70FFFEB4-461F-425D-992A-4EC0F05C59D1}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [TCP Query User{4D16858A-3C72-4EA4-A674-319552EBC97E}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [UDP Query User{46C23E71-4AC5-4989-A327-725FD5B80BEF}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{A55FFAD8-E7C0-4085-8DEF-30EDD2E1A29C}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{CE368BA2-4E9D-446A-BCCA-314310B13FDE}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{D0CB2737-9CD2-4654-AF7E-1EBD34AA2825}] => (Allow) D:\davinci resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [TCP Query User{8107F2F7-4F48-4CAD-B699-4F6A4B152330}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [UDP Query User{0B521A51-CE7C-4833-8074-1F6DA06CE8F2}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{D63F56A1-0591-41CC-882F-D19A2CE09A2F}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{9D80C5DD-C491-418A-B3B4-9A9F19ECACC5}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{A0779E56-5E42-4119-A7E1-CD8097FDEC41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{38A10CCE-7A28-4D97-BF6B-A1BE549A48D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C2CFBE4A-8AF4-4D81-BC12-10492BCE54F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{00E46D47-1EE2-4821-82A2-AAFBDEA34238}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{22D126AE-E2A8-4E1A-88B6-F590C3CA50C3}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [UDP Query User{E0F29BB6-2AEA-4C96-9A18-696FC99A36C1}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [TCP Query User{390E1E54-3935-4956-AF95-44BAB94EF215}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [UDP Query User{7353B879-B0CA-42FD-8C02-DD38E55BFA6E}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A1FD5305-77B3-4D4C-A344-13E4D0A7EB0A}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{47891DE2-CE61-4B4C-B549-87E31E489FE0}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A7C461C2-952D-4B19-9578-B706B8D4DE0B}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{18F5F9B9-64CE-4B86-8BA5-546DE07D9C70}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{948C9C87-8DA3-4EFB-8C6C-0C984DBD113E}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [{672FD62C-6846-4B93-B04E-41556F9677C1}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{30C17B4A-5376-40AE-B262-77879F2B4F4F}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [UDP Query User{A2152938-40AE-41BE-B4FC-ACF10BB4725C}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [TCP Query User{D61E56F8-5110-40F9-827D-9520558AE9F9}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [UDP Query User{EB726475-5695-4BAE-A585-94FFDB6CB473}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{107CA2EE-DE37-436A-B200-ED5C28079C14}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{D72C1201-39CB-463E-B570-D1EEFA94FAD6}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{289D1C3F-23EB-43A9-A0A1-CAADBC22F8C5}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{7FED9405-0F58-4BA5-ABB9-0AC1C0C462EE}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{A28D5B99-42DF-4D2F-99E0-72EAF9E51AC4}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{426895DB-37F0-48B7-9EBF-43DB0B9E449A}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{6C6ADBEB-BF53-4328-8F71-11EA62EE332F}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{8D66A43E-9869-4478-A9C8-D1028E028355}] => (Allow) D:\AnyDesk.exe => No File
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\tvncontrol" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CustomCursor" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\it.remote.desktop" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Salad" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Krisp" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\whatpulse" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\electron.app.Pi Network" => removed successfully
HKU\S-1-5-21-321179341-2139502707-572524282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7665429a-90dd-11ec-abeb-244bfe775eb1} => removed successfully
HKU\S-1-5-21-321179341-2139502707-572524282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea3aec86-83ed-11eb-ab32-244bfe775eb1} => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Salad" => removed successfully
"C:\Windows\system32\GroupPolicy\Machine" folder move:
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B0596E80-4F68-4178-9CFE-B4C7AD887460}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0596E80-4F68-4178-9CFE-B4C7AD887460}" => removed successfully
C:\Windows\System32\Tasks\iTop Christmas Task (One-Time) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iTop Christmas Task (One-Time)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\GPUZ-v2 => removed successfully
GPUZ-v2 => service removed successfully
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219} => moved successfully
C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB} => moved successfully
HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\ kwpsshellext => not found
HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ kwpsshellext => not found
C:\ProgramData\DP45977C.lfl => ":677104FCAA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk => ":09A0A90EF3" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9 => ": Legends.lnk" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\Theinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9 => ": Legends.lnk" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6B2DDEC-CDAA-47E3-A4B1-76F4F796F4CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9164A233-E972-4DD5-87A4-2E58C35BE0A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7DEC9534-C4D1-470E-9CF5-0F0D4D68469A}C:\program files\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{41745206-C875-4416-B4DA-3A8C7BCB604D}C:\program files\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D42FCE2F-7C76-4A1D-9807-16BBAC743B4E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D1992FC-2EF1-4633-8E63-B657E8383687}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FB7696CA-0355-4F93-8627-7C676E971429}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3607866-AA9F-4711-A456-CD7F735D3EEB}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{850527CA-7E10-4A60-A157-DA31238F470A}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{40DF6F46-1BDD-4E1A-9A4A-59B934723E7E}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{76726584-9B12-4E8E-AD98-6C81D78002E6}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2E4F8C5D-1055-4BDD-8112-AF92C3BDD202}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B0BA8790-C5C3-4F31-BDB8-E89BBDC41BE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7EDE7AF-3BF6-4F29-BD1E-8F3865775A5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{435F5444-55F8-4CB3-B07F-85489BD23F04}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{727089F1-649E-44C0-9D64-F7F9EED22CFF}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{79F31AA6-2889-4FC2-B830-EB18E6E94E5B}C:\program files\android\android studio\bin\studio64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B55E600-A68E-4600-A3E5-4A3A1E33F700}C:\program files\android\android studio\bin\studio64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{598957E1-198B-47B9-A87F-9946B0F81C08}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BFF11645-C50B-4AE6-8197-9A8F7EDB0601}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7A6434FF-8223-4AE8-80A8-24FE893A6056}C:\program files\blackmagic design\davinci resolve\resolve.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BEDB4263-094A-4E4E-A6D9-333652C726F6}C:\program files\blackmagic design\davinci resolve\resolve.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5EBC4863-A02F-49C1-943C-9462A315BF31}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A6F61DE-73E7-4312-9C25-264BCE0F4F2B}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{989F3D25-11B2-4DC6-B964-CAEA3AC32CC4}C:\program files\blackmagic design\davinci resolve\fuscript.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9C5098D8-A8FB-475B-90EB-9BA9E6E151FF}C:\program files\blackmagic design\davinci resolve\fuscript.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D9F2682-D267-47FF-94A7-BE61577CCBD2}D:\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4CF07270-C9D1-449E-A53C-EF549879A94E}D:\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{713AAD50-5E04-48F6-9E0E-FACC0F1D8F1E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1205D16F-F998-4801-96D1-61265C148880}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{d0da6e51-4aa6-4d9c-93f5-b6f4f2bcd173}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0A7CCE3-ADBD-4EB4-98C0-B228380DFCD6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A8267A5-9FA4-4B71-A3DA-B0B43F62D765}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2FE36E53-195D-4DBF-84A1-96F71572D700}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FA6E7E8A-6DC3-4DAE-B37B-98FB89DA11FF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7796DE29-1AF8-4D14-9678-7481C6D658AD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DB11C3E-638D-4DE4-8828-C205A9AB3939}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE34CF34-E65B-435A-870C-3DBA5E32D714}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A38C15BF-A9D5-45B7-9E58-C0CC9644DE4E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA95C2D1-7AC3-44B4-97F2-58384E64EE7E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACAE7889-338D-409D-862A-AE6EF35C66BF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01EF38A0-E623-452C-A9B6-D2AF952B41EA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA8DB1AE-0B7B-40F9-B4FC-9EB3A938A132}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7AB57EC-9A34-42A0-9C0A-5F1AFCC760B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70FFFEB4-461F-425D-992A-4EC0F05C59D1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4D16858A-3C72-4EA4-A674-319552EBC97E}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{46C23E71-4AC5-4989-A327-725FD5B80BEF}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A55FFAD8-E7C0-4085-8DEF-30EDD2E1A29C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE368BA2-4E9D-446A-BCCA-314310B13FDE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0CB2737-9CD2-4654-AF7E-1EBD34AA2825}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8107F2F7-4F48-4CAD-B699-4F6A4B152330}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B521A51-CE7C-4833-8074-1F6DA06CE8F2}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D63F56A1-0591-41CC-882F-D19A2CE09A2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D80C5DD-C491-418A-B3B4-9A9F19ECACC5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0779E56-5E42-4119-A7E1-CD8097FDEC41}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38A10CCE-7A28-4D97-BF6B-A1BE549A48D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2CFBE4A-8AF4-4D81-BC12-10492BCE54F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00E46D47-1EE2-4821-82A2-AAFBDEA34238}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{22D126AE-E2A8-4E1A-88B6-F590C3CA50C3}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E0F29BB6-2AEA-4C96-9A18-696FC99A36C1}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{390E1E54-3935-4956-AF95-44BAB94EF215}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7353B879-B0CA-42FD-8C02-DD38E55BFA6E}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1FD5305-77B3-4D4C-A344-13E4D0A7EB0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47891DE2-CE61-4B4C-B549-87E31E489FE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7C461C2-952D-4B19-9578-B706B8D4DE0B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18F5F9B9-64CE-4B86-8BA5-546DE07D9C70}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{948C9C87-8DA3-4EFB-8C6C-0C984DBD113E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{672FD62C-6846-4B93-B04E-41556F9677C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30C17B4A-5376-40AE-B262-77879F2B4F4F}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2152938-40AE-41BE-B4FC-ACF10BB4725C}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D61E56F8-5110-40F9-827D-9520558AE9F9}C:\program files\packetsender\packetsender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EB726475-5695-4BAE-A585-94FFDB6CB473}C:\program files\packetsender\packetsender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{107CA2EE-DE37-436A-B200-ED5C28079C14}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D72C1201-39CB-463E-B570-D1EEFA94FAD6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{289D1C3F-23EB-43A9-A0A1-CAADBC22F8C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FED9405-0F58-4BA5-ABB9-0AC1C0C462EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A28D5B99-42DF-4D2F-99E0-72EAF9E51AC4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{426895DB-37F0-48B7-9EBF-43DB0B9E449A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C6ADBEB-BF53-4328-8F71-11EA62EE332F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D66A43E-9869-4478-A9C8-D1028E028355}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 2097152 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 181614395 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 884297214 B
Windows/system/drivers => 7225567 B
Edge => 0 B
Chrome => 864097708 B
Brave => 268457554 B
Firefox => 204808810 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 112016844 B
systemprofile32 => 194908251 B
LocalService => 195202095 B
NetworkService => 195214315 B
PC => 580292324 B
Theinka => 1067327259 B
RecycleBin => 0 B
EmptyTemp: => 4.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-09-2023 18:40:22)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
==== End of Fixlog 18:40:23 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Nic se neděje. Bylo smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola
Díky moc!
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?