Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zavirovaný PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
swenik
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 14 čer 2011 15:42

Zavirovaný PC

#1 Příspěvek od swenik »

Zdravím,
Mozilla FF mne upozorňuje na vir a vnucuje antivirus Norton.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-02-2025
Ran by PcPraha (administrator) on DESKTOP-HU04FB6 (17-02-2025 16:52:23)
Running from C:\Users\PcPraha\OneDrive\Desktop\FRST64.exe
Loaded Profiles: PcPraha
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5487 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Moonsworth, LLC -> Moonsworth LLC) C:\Users\PcPraha\AppData\Local\Programs\lunarclient\Lunar Client.exe <5>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <35>
(services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1e8724cced6e93d4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5425_none_7e0bb22e7c8f7e0e\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (No File) <==== ATTENTION
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3472480 2025-02-15] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [Lunar Client] => C:\Users\PcPraha\AppData\Local\Programs\lunarclient\Lunar Client.exe [182282800 2025-02-16] (Moonsworth, LLC -> Moonsworth LLC)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [MicrosoftEdgeAutoLaunch_8CE5AAD05CAC65E64F950DFBE614B880] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088384 2025-02-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\MountPoints2: {cad718f8-a689-11eb-a12d-3c7c3f7ed0e4} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\MountPoints2: {eaba97c3-9fef-11ed-a16e-3c7c3f7ed0e4} - "E:\autorun.exe"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [154112 2024-05-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\132.0.6834.197\Installer\chrmstp.exe [2025-02-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2024-08-08]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {DF6BCD8F-95F7-450C-8982-343AAE3277BB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{B2752B1C-B5C9-401A-BCF0-33B8C8D8B66D} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe [5672544 2025-01-28] (Google LLC -> Google LLC)
Task: {C89D5A96-9E97-4E3C-B3C5-B829A4ECC807} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-01-12] (HP Inc. -> HP Inc.)
Task: {A82948D4-CA64-431E-96B0-A6F255397AD1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-01-12] (HP Inc. -> HP Inc.)
Task: {D93F831C-B5E4-4E8A-B290-BF3ED579AA22} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {FA04D82A-D7D6-4FD3-B796-79AD30F2F307} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBC69D90-AA2E-4072-87E0-8D49C76EE48B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4C0C0B4-96B7-4B7B-832C-241624D82469} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F01BF5FB-AE34-40C7-BA52-E2748AA218C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E10A533-C075-4DAD-B685-CD397CA70A5F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8080914-EB2B-4809-9037-05873BDB0C30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7305F3C5-A743-4E9F-AAA1-3EADA99922A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6E3E5A0-0807-4FE3-AE8F-D59C3883D81D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [683072 2025-02-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {19B43353-52BE-4302-947D-3AE6F086AB1A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1442323326-1954309007-2077260644-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [683072 2025-02-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {397B6588-D7FE-4FDB-AC0D-B93BBC4CA214} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-02-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {50961B07-14EA-432D-9C3B-0D2C125A845E} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3287080 2025-01-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F41F506D-61F6-43CA-8C76-08AF66962F27} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1442323326-1954309007-2077260644-1001 => C:\Users\PcPraha\AppData\Local\Microsoft\OneDrive\25.005.0112.0003\OneDriveLauncher.exe [447032 2025-02-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{07eac8c4-c1b6-44a9-8fd1-e1d00057acff}: [DhcpNameServer] 192.168.31.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PcPraha\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-17]
Edge DownloadDir: Default -> C:\Users\PcPraha\Downloads
Edge HomePage: Default -> hxxp://acer13.msn.com/?pc=ACJB
Edge Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-07]
Edge Extension: (Edge relevant text changes) - C:\Users\PcPraha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]

FireFox:
========
FF DefaultProfile: 6fd9xe6w.default
FF ProfilePath: C:\Users\PcPraha\AppData\Roaming\Mozilla\Firefox\Profiles\6fd9xe6w.default [2020-12-25]
FF ProfilePath: C:\Users\PcPraha\AppData\Roaming\Mozilla\Firefox\Profiles\5wzi1l4b.default-release [2025-02-17]
FF DownloadDir: D:\Stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\5wzi1l4b.default-release -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\5wzi1l4b.default-release -> hxxps://cdshq6hqwnl1qg.enhanceconnection.co.in
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\PcPraha\AppData\Roaming\Mozilla\Firefox\Profiles\5wzi1l4b.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-20]
FF Extension: (Video DownloadHelper) - C:\Users\PcPraha\AppData\Roaming\Mozilla\Firefox\Profiles\5wzi1l4b.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-01-31]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Default [2025-01-11]
CHR Notifications: Default -> hxxps://www.tipsport.cz
CHR Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-30]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-02-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-31]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-02-17]
CHR Notifications: Profile 2 -> hxxps://www.svetandroida.cz; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-28]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-12-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-12]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\System Profile [2025-02-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5367624 2024-08-08] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [768408 2020-11-04] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-11-09] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19147360 2025-02-15] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1137904 2024-10-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [367064 2024-12-14] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-01-12] (HP Inc. -> HP Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1e8724cced6e93d4\Display.NvContainer\NVDisplay.Container.exe [1275536 2025-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [7499752 2024-11-09] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2022-01-30] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 UsbNcm; C:\WINDOWS\System32\drivers\UsbNcm.sys [114176 2019-12-07] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2018-06-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 atillk64; \??\E:\BIOSY\atiflash_293\atillk64.sys [X]
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-02-17 16:52 - 2025-02-17 16:53 - 000022112 _____ C:\Users\PcPraha\OneDrive\Desktop\FRST.txt
2025-02-17 16:52 - 2025-02-17 16:53 - 000000000 ____D C:\FRST
2025-02-17 16:50 - 2025-02-17 16:48 - 002403840 _____ (Farbar) C:\Users\PcPraha\OneDrive\Desktop\FRST64.exe
2025-02-15 23:14 - 2025-02-15 23:14 - 000000000 ___HD C:\$WinREAgent
2025-02-06 17:14 - 2025-02-06 17:14 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1442323326-1954309007-2077260644-1001
2025-02-01 21:46 - 2025-01-26 19:36 - 000125048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2025-02-01 21:33 - 2025-01-27 05:45 - 002072440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-02-01 21:33 - 2025-01-27 05:45 - 002072440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-02-01 21:33 - 2025-01-27 05:45 - 001614192 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-02-01 21:33 - 2025-01-27 05:45 - 001614192 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-02-01 21:33 - 2025-01-27 05:45 - 001576840 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 001576840 _____ C:\WINDOWS\system32\vulkan-1.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 001389960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 001389960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 000477832 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 000374408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2025-02-01 21:33 - 2025-01-27 05:41 - 001183392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2025-02-01 21:33 - 2025-01-27 05:41 - 000670352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2025-02-01 21:33 - 2025-01-27 05:41 - 000506008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 025643168 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2025-02-01 21:33 - 2025-01-27 05:40 - 002194088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 001641120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 001563784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 001215624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 001046168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 000903856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2025-02-01 21:33 - 2025-01-27 05:40 - 000804528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 019904168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 019329200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 007225008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 005500064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 003944616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 000462496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2025-02-01 21:33 - 2025-01-27 05:38 - 005913248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2025-02-01 21:33 - 2025-01-27 05:38 - 000853656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2025-02-01 21:33 - 2025-01-27 05:37 - 005552256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2025-02-01 21:33 - 2025-01-27 05:37 - 004856992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2025-02-01 21:33 - 2025-01-26 19:36 - 000137640 _____ C:\WINDOWS\system32\nvinfo.pb
2025-01-26 21:51 - 2025-01-26 21:54 - 000000000 ____D C:\Users\PcPraha\OneDrive\Desktop\Football Life 2025
2025-01-26 13:00 - 2025-01-26 13:00 - 000000027 _____ C:\Users\PcPraha\OneDrive\Desktop\smazaný sider z Football life 2025.txt
2025-01-24 17:30 - 2025-02-01 19:26 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-01-24 17:30 - 2025-01-25 13:25 - 003108904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2025-01-24 17:30 - 2025-01-25 13:25 - 002398760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2025-01-24 17:30 - 2025-01-24 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2025-01-24 17:26 - 2025-02-16 17:27 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-02-17 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-17 16:51 - 2020-12-25 01:09 - 000000000 ____D C:\Program Files (x86)\Steam
2025-02-17 16:39 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-02-17 16:38 - 2022-02-11 14:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-02-17 16:36 - 2021-06-12 16:45 - 000000000 ____D C:\Users\PcPraha\AppData\Roaming\lunarclient
2025-02-17 00:12 - 2020-12-01 20:28 - 000000000 ____D C:\ProgramData\NVIDIA
2025-02-16 23:56 - 2020-09-27 06:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-02-16 17:55 - 2020-11-25 16:11 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-02-16 17:55 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2025-02-16 17:55 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2025-02-16 17:48 - 2020-11-13 09:19 - 000000000 ____D C:\Intel
2025-02-16 17:48 - 2020-09-27 08:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-02-16 17:48 - 2020-06-22 17:45 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-16 17:47 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-02-16 17:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-02-16 17:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-02-16 17:27 - 2021-12-16 20:53 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-02-16 17:27 - 2020-12-25 03:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-02-16 17:27 - 2020-09-27 06:55 - 000434288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-02-16 17:26 - 2024-07-09 20:28 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-02-16 17:26 - 2023-12-14 21:59 - 000000000 ____D C:\WINDOWS\InboxApps
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-02-16 17:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-02-16 15:20 - 2020-09-27 08:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-15 23:22 - 2020-09-27 08:58 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-02-15 23:14 - 2020-03-04 15:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-15 23:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-15 23:11 - 2020-03-04 15:27 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-02-15 23:05 - 2021-01-07 20:30 - 000000000 ____D C:\Users\PcPraha\AppData\Local\ElevatedDiagnostics
2025-02-15 22:55 - 2020-04-03 11:45 - 000000000 ____D C:\Users\PcPraha\AppData\Local\NVIDIA
2025-02-15 22:49 - 2023-03-10 18:13 - 000000000 ____D C:\ProgramData\EA Desktop
2025-02-15 22:47 - 2020-12-04 18:18 - 000000000 ____D C:\Users\PcPraha\AppData\Local\NVIDIA Corporation
2025-02-15 18:17 - 2020-12-25 00:39 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-02-07 16:07 - 2021-10-10 12:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-02-07 16:07 - 2020-12-25 03:19 - 000001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-02-06 17:14 - 2022-08-23 16:04 - 000002387 _____ C:\Users\PcPraha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-06 17:14 - 2021-12-13 16:26 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1442323326-1954309007-2077260644-1001
2025-02-06 17:14 - 2020-11-25 16:07 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1442323326-1954309007-2077260644-1001
2025-02-05 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-02-01 21:49 - 2024-10-14 13:23 - 000000000 ____D C:\Users\PcPraha\AppData\LocalLow\NVIDIA
2025-02-01 21:47 - 2020-12-04 18:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-02-01 21:47 - 2020-03-04 14:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-02-01 21:39 - 2020-05-14 09:33 - 000000000 ____D C:\Users\PcPraha\AppData\Local\Battle.net
2025-02-01 21:39 - 2020-05-14 09:33 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-02-01 20:51 - 2020-12-27 02:07 - 000000000 ____D C:\Users\PcPraha\AppData\Roaming\vlc
2025-01-25 13:25 - 2020-12-04 18:17 - 000271912 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2025-01-25 13:25 - 2020-12-04 18:17 - 000245800 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2025-01-25 13:05 - 2020-12-04 18:17 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2025-01-25 13:05 - 2020-12-04 18:16 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2025-01-25 13:05 - 2020-12-04 18:16 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2025-01-24 21:19 - 2021-01-07 14:58 - 000000000 ____D C:\Users\PcPraha\AppData\Local\CrashDumps
2025-01-24 17:32 - 2020-03-04 15:30 - 000000000 ____D C:\Users\PcPraha\AppData\Local\D3DSCache
2025-01-24 17:30 - 2020-12-04 18:14 - 000000000 ____D C:\NVIDIA
2025-01-24 17:30 - 2020-03-04 14:53 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-01-24 17:11 - 2020-12-25 01:10 - 000000000 ____D C:\Users\PcPraha\AppData\Local\Steam

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-02-2025
Ran by PcPraha (17-02-2025 16:54:23)
Running from C:\Users\PcPraha\OneDrive\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5487 (X64) (2020-11-25 15:08:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1442323326-1954309007-2077260644-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1442323326-1954309007-2077260644-503 - Limited - Disabled)
Guest (S-1-5-21-1442323326-1954309007-2077260644-501 - Limited - Disabled)
PcPraha (S-1-5-21-1442323326-1954309007-2077260644-1001 - Administrator - Enabled) => C:\Users\PcPraha
WDAGUtilityAccount (S-1-5-21-1442323326-1954309007-2077260644-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.12 - AnyDesk Software GmbH)
Aplikace NVIDIA 11.0.2.312 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.2.312 - NVIDIA Corporation)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.6.4 - Badlion)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2037 - Disc Soft Ltd)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.396.0.5909 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{e731fa20-93d0-45c0-9e70-54f690fe087e}) (Version: 13.396.0.5909 - Electronic Arts)
Eclipse Temurin JDK with Hotspot 21.0.1+12 (x64) (HKLM\...\{CB5F7F9C-C87C-4DA7-ADE3-71CBC7EE8E24}) (Version: 21.0.1.12 - Eclipse Adoptium)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 132.0.6834.197 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.3351.0 - Rockstar Games)
IntelliJ IDEA Community Edition 2023.3 (HKLM-x32\...\IntelliJ IDEA Community Edition 2023.3) (Version: 233.11799.241 - JetBrains s.r.o.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Access MUI (Czech) 2016 (HKLM\...\{90160000-0015-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2016 (HKLM\...\{90160000-0090-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 133.0.3065.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.69 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Czech) 2016 (HKLM\...\{90160000-0016-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Groove MUI (Czech) 2016 (HKLM\...\{90160000-00BA-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2016 (HKLM\...\{90160000-0044-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM\...\{90160000-00E1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM\...\{90160000-00E2-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM\...\{90160000-002C-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2016 (HKLM\...\{90160000-00C1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM\...\{90160000-006E-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\OneDriveSetup.exe) (Version: 25.005.0112.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM\...\{90160000-00A1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM\...\{90160000-001A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM\...\{90160000-0018-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM\...\{90160000-0019-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (Czech) 2016 (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.82.2 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2016 (HKLM\...\{90160000-001B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 135.0 (x64 cs)) (Version: 135.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 84.0.1 - Mozilla)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSI Kombustor 4.1.5.0 (64-bit) (HKLM\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version: - MSI / Geeks3D)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Niceboy ORYX M200 Gaming Mouse (HKLM-x32\...\Niceboy ORYX M200 Gaming Mouse) (Version: 1.0 - Niceboy)
Noutee (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\{b1d14dfb-e1c2-4567-aa09-141f795b0fed}) (Version: 0.6.6 - Noutee Music)
NVIDIA FrameView SDK 1.5.10819.35301613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10819.35301613 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.16 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
paint.net (HKLM\...\{9108ED9C-43BD-44DF-83AF-6DB198556920}) (Version: 4.3.7 - dotPDN LLC)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8184 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Roblox Player for PcPraha (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for PcPraha (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\roblox-studio) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.97.2200 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.7.8 - Rockstar Games)
SP Football Life 2025 (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\SP Football Life 2025) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 146.0.10945 - Ubisoft)
Uninstall Lunar Client (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 3.3.4-ow - Moonsworth LLC)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Wargaming.net Game Center) (Version: 21.7.0.6827 - Wargaming.net)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)

Packages:
=========
Code of War -> C:\Program Files\WindowsApps\CND4528B94-2EA2-4D85-B0B7.CodeofWar_3.17.0.0_x64__zxxvj7ezs5pcc [2024-11-09] (Extreme Developers)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-25] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-12] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-04] (Microsoft Corporation) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_2.1.3.0_x64__8wekyb3d8bbwe [2024-11-02] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-02-01] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-09] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2020-05-13] (Realtek Semiconductor Corp)
Remote Play - Remote Console from PC -> C:\Program Files\WindowsApps\54249Leo.D.PSRemotePlayforDesktop_1.0.10.0_x64__pjn0gf28w9awp [2022-09-23] (Leo.D)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.659.473.0_x64__55nm5eh3cm0pr [2025-02-07] (Roblox Corporation)
Robot Shadow Fight -> C:\Program Files\WindowsApps\14448GoodGamesMedia-Famil.RobotShadowFight_10.5.0.0_x64__fwwqg5m9heagm [2021-12-11] (Good Games Media - Family, Kids, Boys, Girls Games) [MS Ad]
SpongeBob: Krusty Cook-Off -> C:\Program Files\WindowsApps\TiltingPoint.SpongeBobKrustyCook-Off_1.26.234.0_x64__85kh3h6wfjavg [2021-09-17] (Tilting Point)
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0 [2025-02-15] (Spotify AB) [Startup Task]
Wings of War: Modern Warplanes -> C:\Program Files\WindowsApps\23866ExtremeDevelopers.WingsofWar_3.30.4.0_x64__zxxvj7ezs5pcc [2024-11-09] (Extreme Developers)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\PcPraha\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1e8724cced6e93d4\nvshext.dll [2025-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PcPraha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Kristián (zak.zus-hostivar.cz) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2024-11-29 15:40 - 2025-02-16 15:20 - 000275456 _____ () [File not signed] \\?\C:\Users\PcPraha\AppData\Local\Programs\lunarclient\resources\app.asar.unpacked\node_modules\@lunarclient\bsdiff-node\build\Release\bsdiff.node
2024-11-29 15:40 - 2025-02-16 15:20 - 000108544 _____ () [File not signed] \\?\C:\Users\PcPraha\AppData\Local\Programs\lunarclient\resources\app.asar.unpacked\node_modules\native-is-elevated\build\Release\iselevated.node
2021-06-12 16:45 - 2025-02-16 15:20 - 002682880 _____ () [File not signed] C:\Users\PcPraha\AppData\Local\Programs\lunarclient\ffmpeg.dll
2021-06-12 16:45 - 2025-02-16 15:20 - 000481280 _____ () [File not signed] C:\Users\PcPraha\AppData\Local\Programs\lunarclient\libegl.dll
2021-06-12 16:45 - 2025-02-16 15:20 - 008058368 _____ () [File not signed] C:\Users\PcPraha\AppData\Local\Programs\lunarclient\libglesv2.dll
2021-06-12 16:45 - 2025-02-16 15:20 - 005475328 _____ () [File not signed] C:\Users\PcPraha\AppData\Local\Programs\lunarclient\vk_swiftshader.dll
2024-11-08 20:50 - 2024-12-03 21:40 - 005378048 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-11-08 20:50 - 2024-12-03 21:40 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-11-08 20:50 - 2024-12-03 21:40 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-11-08 20:50 - 2024-12-03 21:40 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-11-08 20:50 - 2024-12-03 21:40 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-11-08 20:50 - 2024-12-03 21:40 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll
2025-02-01 19:26 - 2025-02-01 19:26 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\PlugIns\NVIDIA app\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2025-01-24 17:30 - 2025-02-01 19:26 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2025-02-15 18:18 - 2025-02-15 18:18 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2025-02-15 18:18 - 2025-02-15 18:18 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2025-02-15 18:18 - 2025-02-15 18:18 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2025-02-15 18:18 - 2025-02-15 18:18 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2025-02-15 18:18 - 2025-02-15 18:18 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2025-02-15 18:18 - 2025-02-15 18:18 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10440]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\vfn.cz -> hxxps://app.vfn.cz
IE trusted site: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2023-10-29 13:34 - 000001272 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 activation.acronis.com
0.0.0.0 web-api-tih.acronis.com
0.0.0.0 web-api-tie.acronis.com
0.0.0.0 web-api-vmp.acronis.com
0.0.0.0 cloud-rs-ru2.acronis.com
0.0.0.0 cloud-fes-ru2.acronis.com
0.0.0.0 rpc.acronis.com
0.0.0.0 liveupdate.acronis.com
0.0.0.0 download.acronis.com
0.0.0.0 orders.acronis.com
0.0.0.0 ns1.acronis.com
0.0.0.0 ns2.acronis.com
0.0.0.0 ns3.acronis.com
0.0.0.0 account.acronis.com
0.0.0.0 gateway.acronis.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Eclipse Adoptium\jdk-21.0.1.12-hotspot\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\2020\8 Srpen\IMG_4612a.jpg
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AB569B4D-0F55-4CA1-ADCF-86E928913DB5}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{CCDBC088-FEF0-4721-93BE-905D278E36D2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EA8CAF3E-2CFA-4494-BC39-87C869A2434C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7512E99B-4407-463B-8DCC-DFD4737957F8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{971B38DB-9156-44B1-AC8D-B09141D26CA0}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5659CF4-B71D-47C0-8D80-AF56B100A6A3}] => (Allow) C:\Users\PcPraha\AppData\Local\Temp\53CDD8FC-1CF9-4284-8F0A-B6BC321B4F44\ga_service.exe => No File
FirewallRules: [{178168FF-5794-4E2A-B306-0DC37B44477B}] => (Allow) C:\Users\PcPraha\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{D69DD256-4414-4062-BC3F-E252FF3A87E3}] => (Allow) C:\Users\PcPraha\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{60ECC128-98A4-4503-81B9-3EF5F43CDAF0}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageHomeService.exe => No File
FirewallRules: [{743844E4-C93F-4389-B9BE-5D0DD55C89AE}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe => No File
FirewallRules: [{69487DEC-0E9E-4A6A-B867-0B4506C0E9FC}] => (Allow) C:\Users\PcPraha\AppData\Local\Temp\E6D043A8-B395-46DB-88E9-1C807D911AAC\ga_service.exe => No File
FirewallRules: [{DC1F2AF6-EF4D-436B-9C02-02B9EA9DABD8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3FDE8F7-0E51-43A9-8BE0-00F7F6A6AC8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CDABF4CC-858A-4BF4-B0C4-19976680AE90}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2553AF79-51CF-4824-8A2F-1E1D26570524}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D86771C1-914A-4162-A0AF-24174A2648A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{975AC477-FD12-478D-805D-23893A6F45ED}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{43E053E0-93D9-4867-ACAB-71A5B032132C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\pc\Mafia2Launcher\Launcher.exe (2K Games) [File not signed]
FirewallRules: [{C1B9366F-15D2-4063-85E4-A173FD84B683}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\pc\Mafia2Launcher\Launcher.exe (2K Games) [File not signed]
FirewallRules: [{8A91C301-7ABD-4F49-BB92-09120D9E2F4D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{B4CCE11D-5118-4EC7-82C8-87F15FF2F5BD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{7A334DB2-9C26-41BD-B8A1-10D4A559BE27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bomber Dudes\Bomb2019.exe () [File not signed]
FirewallRules: [{5861D151-2577-4B27-83A1-6D9FBA4F5356}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bomber Dudes\Bomb2019.exe () [File not signed]
FirewallRules: [{630E6D0A-9B00-45EF-901C-5CB7A293D2CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\REKT Crash Test\REKT Crash Test.exe () [File not signed]
FirewallRules: [{076FA5EB-63D1-473F-B857-DE091E920F61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\REKT Crash Test\REKT Crash Test.exe () [File not signed]
FirewallRules: [TCP Query User{CDB3FE8F-557F-49B6-8A08-A12629E9DA91}D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{B2F25F2F-B189-40AC-A06F-2BBA889BDF7C}D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{59BEEE86-873D-409F-ABBB-400E65787BAC}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{FA0F03B3-26B6-4ED7-9EA2-9BC6B756A950}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{F57D8EB6-A780-4BA2-AB85-F47DC90E8041}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{15607A79-D6DD-4D3F-AFA7-2412EA8ECCFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{49C995A8-DEF8-4CA8-94C4-05DA21CA278A}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{1D8F3CDD-9D2E-467F-8BEC-810C36AD4882}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{DE36C633-9708-4253-BD17-54D36BB363BA}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1925BFB0-A5D4-4C92-B39E-7352B63BEA67}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{4DC83B2A-67FE-4F39-B457-5D7DAAE7285F}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{C36145A4-AA83-4ADB-8439-31F22D98389B}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [UDP Query User{3BF3F0A2-D3FD-4B39-A9E5-BB0931BC9F4E}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [TCP Query User{742D8A82-4EB0-4E81-BE50-5C625E9FD529}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe
FirewallRules: [UDP Query User{FA571E44-133E-4131-A54D-617C224CFFBF}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe
FirewallRules: [TCP Query User{407C235D-6A77-43C1-8CC5-4278F01ED16E}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{1045A00E-1E8C-421C-A7B8-96759D62F5C4}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{ADC9FA54-59AB-43E3-AC9D-D31C2EFA8173}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{00BE0084-50B2-4EE4-B59F-8C02E4EAE8EA}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{15435E0A-0B3D-4D77-BF2A-143AD2C7C505}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{4945E669-B6EE-47F3-AFB7-9D54E6733F1A}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{699D6868-86B3-45D1-8C6F-B74D15FB9BD1}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{013E1C91-23A6-4981-9AFA-42E56D4FB526}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{51E1D300-C3EF-4BE5-BCB4-31D027183C50}C:\users\pcpraha\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{9858B37B-BC3C-4E67-B6E4-F66C35B8BB4C}C:\users\pcpraha\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{68E72241-EB74-4F69-ADEA-504F21503A2A}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{4B9FA2E7-A125-4D61-993A-918AD2928045}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{A84EB0EC-05E8-4990-A674-349AAE94BB7F}C:\users\pcpraha\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{8F691061-0BF2-4CE2-A57B-3B5E22738C45}C:\users\pcpraha\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{8A957B4B-12C4-4C83-BEE7-FB4E48C84B1B}C:\users\pcpraha\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{EEB2C241-F8DF-49F7-951F-E506D51BAA9C}C:\users\pcpraha\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{709F3473-0097-4068-BACD-57FBB4B4F71C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{94D01904-BFA1-447A-9BDB-91B3B6B495F7}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1FB1FF3F-9C38-496F-8089-F83D8AC4EB0A}] => (Allow) D:\GTA\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{16C7E1B0-0138-4FEA-BD44-8E30B9EBCFFF}] => (Allow) D:\GTA\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{F62916BA-18DC-4249-8C6C-787605D4196B}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.7.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.7.0_x64__pjn0gf28w9awp\chiaki.exe => No File
FirewallRules: [UDP Query User{A9C8AA92-CA48-45C9-BD3E-FA79E7913B63}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.7.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.7.0_x64__pjn0gf28w9awp\chiaki.exe => No File
FirewallRules: [TCP Query User{F4C0D14F-E157-49CB-BCC9-C334F2B243BC}C:\users\pcpraha\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{0A11A432-4640-40AD-909A-FC742308FE7C}C:\users\pcpraha\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [{D2103220-CB91-4708-8F1A-E4406A80DEB1}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe () [File not signed]
FirewallRules: [{169057BD-804A-47F3-81CA-B5A697A85717}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe () [File not signed]
FirewallRules: [{544E379D-CDB5-4F14-A89F-E5972777EB8D}] => (Allow) D:\SteamLibrary\steamapps\common\Castle Defender\Castledefender.exe (Adobe Systems, Inc.) [File not signed]
FirewallRules: [{66583335-84B5-4EFE-82FA-713DB7FECBF4}] => (Allow) D:\SteamLibrary\steamapps\common\Castle Defender\Castledefender.exe (Adobe Systems, Inc.) [File not signed]
FirewallRules: [{03F61C04-F8EB-47C7-9355-8BCD015EE60D}] => (Allow) D:\SteamLibrary\steamapps\common\Space Redemption\Space Redemption.exe (The NWJS Community) [File not signed]
FirewallRules: [{46D4BE93-8E63-4BF4-8752-7D0AE28C95CC}] => (Allow) D:\SteamLibrary\steamapps\common\Space Redemption\Space Redemption.exe (The NWJS Community) [File not signed]
FirewallRules: [{667EAFC8-E4A2-40C3-ABA2-3F520101824D}] => (Allow) D:\FIFA 21\FIFA 21\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{42199C10-D100-433F-8337-D1AC3561B3B8}] => (Allow) D:\FIFA 21\FIFA 21\FIFASetup\fifaconfig.exe => No File
FirewallRules: [TCP Query User{0A55DC7B-CE30-446B-8FE6-0FB73DB4B2B3}D:\fifa 21\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{D81AECF7-9D68-429A-9BD1-30A0D9D7F073}D:\fifa 21\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [{927FF381-0242-4181-9126-183E54C6D258}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{29E08C03-DA83-4605-BE51-9DA9F7CD2793}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{BCB19116-E294-4E9F-B5B8-3D1EAED35EA5}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{ED30C744-18CF-48D7-85BF-B98362B65CD3}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [TCP Query User{29F6070C-B190-4210-965F-4E56AF853AAA}C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{932335D0-9E88-4BD5-A15C-DE0AA9D94C65}C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{72FA5ED6-C79A-417E-A612-676489176DF2}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.9.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.9.0_x64__pjn0gf28w9awp\chiaki.exe => No File
FirewallRules: [UDP Query User{719B5BC6-D273-427B-83F8-2944D64C1486}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.9.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.9.0_x64__pjn0gf28w9awp\chiaki.exe => No File
FirewallRules: [TCP Query User{3CBB0E08-FDC9-4DF7-8F7B-8DB9FC8F68D1}D:\rocketleague\binaries\win64\rocketleague.exe] => (Block) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [UDP Query User{C03409F2-D64C-4337-8D08-7C6AA1C08957}D:\rocketleague\binaries\win64\rocketleague.exe] => (Block) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [TCP Query User{98F6C095-5CE8-4170-B83E-F660D89FCE0F}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe => No File
FirewallRules: [UDP Query User{84BB4C37-ADAA-41AA-A260-23B7B0BEE2E5}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe => No File
FirewallRules: [TCP Query User{7DE7C502-C475-4B2E-81A0-F0A3AFAD42BC}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe (8DED9880-6887-4B01-9BBF-43FF9D2F9B3A -> )
FirewallRules: [UDP Query User{7925C79A-C07F-4903-97C6-A77EC84009CC}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe (8DED9880-6887-4B01-9BBF-43FF9D2F9B3A -> )
FirewallRules: [TCP Query User{98C73681-B387-4739-B886-45B892987E40}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe (8DED9880-6887-4B01-9BBF-43FF9D2F9B3A -> )
FirewallRules: [UDP Query User{4A6E4FD8-FA68-4D5E-B100-18FDE56C3033}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe (8DED9880-6887-4B01-9BBF-43FF9D2F9B3A -> )
FirewallRules: [{03D61195-F57B-4EC7-9088-7D7DB5AE793E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{77C7778F-B8AB-4B6F-A2E5-496639C764E8}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{362FD18D-89C0-4FC2-9E40-01B2068BD6A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{906D28D0-DC25-4E3D-A480-11C38D9EF479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{9A78F9D3-1588-4DDE-BDFB-8D3FA5847B71}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E934767A-28C1-46C5-8960-3EEA7BB2B079}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{35D3BED6-47CD-4475-960C-386521AA0DC0}D:\fifa 21\fifa 21\fifa21.exe] => (Block) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{230BFC37-70EA-4BFF-A12F-6C30844ADA1D}D:\fifa 21\fifa 21\fifa21.exe] => (Block) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [{20C53195-0631-43EF-A6C2-00D1BC7792DD}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F90106FA-733D-48D0-9386-27A87119E1A8}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [TCP Query User{29CDF4FF-F69E-4D52-8C2A-F53BF82399E4}D:\gta\grand theft auto v\gta5.exe] => (Allow) D:\gta\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{BF96E490-E518-4290-848E-726598ECCF77}D:\gta\grand theft auto v\gta5.exe] => (Allow) D:\gta\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{8EE00ACC-1296-4809-B880-140D2544EEAE}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{86DAA3BD-9639-4C5E-BAC3-80ECFC98BF0B}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4CCEE9E4-45B5-4D4F-AE55-F8E73E1A36DD}C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{55F12519-3F22-4692-AEF6-B43063E5FFA1}C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{440F03A3-ED5A-4C71-BDA0-3B3079752115}C:\program files\badlion client\badlion client.exe] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [UDP Query User{1CB9889D-7BC9-46D4-937B-BB29E5696D20}C:\program files\badlion client\badlion client.exe] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [TCP Query User{D744905A-62CB-4B7A-957A-AF9A7C5562F3}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{079536F1-0CB6-4B0F-85FE-F0DB5A8B8B2C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{0F7CC21D-3AC3-4A1F-ADA0-A318146FE62C}] => (Allow) D:\SteamLibrary\steamapps\common\House Flipper\HouseFlipper.exe () [File not signed]
FirewallRules: [{7239173C-2F23-46C4-82C9-2B5256FC5BED}] => (Allow) D:\SteamLibrary\steamapps\common\House Flipper\HouseFlipper.exe () [File not signed]
FirewallRules: [{B5CEC09B-37EF-4502-B9C9-79A27BB162F2}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{F71E1442-9F04-4C6F-BC76-C7589B544AA4}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [TCP Query User{ADCCD939-960A-40F8-8050-B5B651C87092}C:\users\pcpraha\appdata\local\programs\lunarclient\lunar client.exe] => (Allow) C:\users\pcpraha\appdata\local\programs\lunarclient\lunar client.exe (Moonsworth, LLC -> Moonsworth LLC)
FirewallRules: [UDP Query User{EA56B988-6265-4B6C-9C9F-80CDA9A62CFB}C:\users\pcpraha\appdata\local\programs\lunarclient\lunar client.exe] => (Allow) C:\users\pcpraha\appdata\local\programs\lunarclient\lunar client.exe (Moonsworth, LLC -> Moonsworth LLC)
FirewallRules: [{25BFD375-EFAC-4D10-AC1F-648AD2A36C52}] => (Allow) D:\ACMTrial\ACMirage_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{31A3EE8E-D598-4AA6-9674-B97BD32AD6A9}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{59F65E79-B968-4404-BC0A-004AFBB6420A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FF8D1416-A0AE-48D8-B5EC-2AADD306D036}] => (Allow) D:\SteamLibrary\steamapps\common\Monopoly Poker\Monopoly Poker.exe () [File not signed]
FirewallRules: [{C5A96CAA-4006-408E-8D01-D21188F5C065}] => (Allow) D:\SteamLibrary\steamapps\common\Monopoly Poker\Monopoly Poker.exe () [File not signed]
FirewallRules: [TCP Query User{7A95A00D-A0E6-4074-9198-D781607094A8}D:\rocketleague\binaries\win64\rocketleague.exe] => (Block) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [UDP Query User{E6E1F733-D36B-4D18-9281-C9D541BC4241}D:\rocketleague\binaries\win64\rocketleague.exe] => (Block) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [TCP Query User{044A27A4-3805-4811-8CFE-C4E1E29ADA34}C:\users\pcpraha\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{71E03EE2-D82A-4B05-8810-D7233D555C9C}C:\users\pcpraha\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{FD73FAFA-76E6-4637-A663-A461ACA963E8}D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{7CB6F1FC-2498-417E-9B4F-56376707CE3B}D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{9F90E96E-406F-4647-A1BD-4ABCB8C044C6}D:\football life 2025\fl_2025.exe] => (Allow) D:\football life 2025\fl_2025.exe (SP) [File not signed]
FirewallRules: [UDP Query User{DC453F16-CE06-4B30-B363-C78DBAECB4B0}D:\football life 2025\fl_2025.exe] => (Allow) D:\football life 2025\fl_2025.exe (SP) [File not signed]
FirewallRules: [TCP Query User{A42A9DCD-A9AE-46B4-B921-9C24CAB53CC6}D:\football life 2025\pes2021.exe] => (Allow) D:\football life 2025\pes2021.exe (SP) [File not signed]
FirewallRules: [UDP Query User{994D92C7-D4ED-4A2F-A58E-41C5EFB7ED05}D:\football life 2025\pes2021.exe] => (Allow) D:\football life 2025\pes2021.exe (SP) [File not signed]
FirewallRules: [{F91D35F5-A5B8-4A00-9D77-39A7CED54014}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA455D2A-65A0-42D5-8C20-09C56910B47B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6549F49-3234-4D5B-A32B-265062A84920}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{91D47600-13AC-4DA6-946D-61F27F2B23DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35163315-DFE2-4E2F-A82F-8EF88024F636}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8DCA38A7-29C1-46E4-B820-6CCBF6FDEE84}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6999768B-4F85-428D-B982-995E2216F806}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2558B7D-9B0F-488E-8AFD-8C35EE079771}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5FC6890B-8CCC-4CDC-A393-0AB17EE9F5E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{88EF99D8-D5FA-484E-8106-C99E0196142C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{23129B60-CF0E-4AE0-8FF6-4D1F0FCC1818}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{63684ACA-8AA3-4223-B2A1-8D4967EADFFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FBDA4DE9-DE63-484F-9AEC-FE4B8B65B117}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{257C5AFF-483B-4BE7-9B1D-697C6FEB7630}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CD02F396-A810-470C-93A4-55C8A9AFA898}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DA4D769F-6D11-4358-9CEE-7528C83EF946}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8395589A-F950-4385-90D9-5F19330E3F62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{17B16123-AAF6-494E-8004-4C9A1D02C3EE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{4A042839-95ED-4343-A5AD-F7D91095B21B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{48C13AFB-DFC9-4084-BDDB-72866FD4CE84}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D803DFCC-D089-4A39-BFB0-8D3239BA70E5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{92F575B4-394E-4465-9F16-5FE84E49A1DD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{CC6B6283-F816-4F37-8E0A-09DB12F8EBE9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{B51F3ED4-B73F-4BDB-BC91-71400CABBC02}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{98D0574C-A564-4D63-92F3-75BDEA0C6FEA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D1D1D97C-4823-4253-89CB-C3814A6DFEE1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5F84FCE0-C953-4414-ADF6-98C500549DA7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1DAE2000-89C4-43DB-B0FB-F1AEA2D121AF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4B1F5E49-43D3-4873-97A2-B11EAE002228}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9A58CB20-02C3-461E-95CA-F6B45F7DE514}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A4804E1D-805B-49B6-98D7-36277485F1D4}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BE9ABB68-7FCE-4767-A98E-0DC006AB5070}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F3764675-3575-49FB-87AE-B66A613610BC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6D99608E-2F70-4A03-9134-3BF0C7DA882B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/17/2025 04:38:38 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/16/2025 06:28:11 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).

Error: (02/16/2025 05:46:37 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5425_none_7e0bb22e7c8f7e0e\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (02/16/2025 03:22:51 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/15/2025 11:16:55 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5425_none_7e0bb22e7c8f7e0e\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (02/15/2025 11:14:26 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5363_none_7e1ab0d27c839437\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (02/15/2025 06:20:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/08/2025 10:00:38 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (02/17/2025 04:53:26 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 04:40:29 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 04:40:29 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 04:40:22 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 04:40:22 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 04:40:22 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 04:40:22 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 04:40:22 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider


Windows Defender:
================
Date: 2025-02-08 17:57:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5A59E90F-303A-47B2-9BE0-D244BFECAF2F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-07 18:00:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {74617BC0-7EF8-412A-B00F-ED7CDC2BE94C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-06 17:54:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {54428684-F6E0-498C-AA84-776FE0841BBB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-05 17:57:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0542155C-E7C9-4464-AA74-08797790C5BF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-04 18:00:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F4C14FAE-E50D-4213-A977-70E5A0B10806}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2024-03-20 15:25:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.407.547.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24020.9
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2024-03-20 15:25:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.407.547.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24020.9
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2024-09-13 17:37:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\207.4.5821\vulkan-1.dll that did not meet the Microsoft signing level requirements.

Date: 2023-11-26 19:47:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-01 20:36:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-09-25 17:54:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-09 15:39:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2202 07/14/2020
Motherboard: ASUSTeK COMPUTER INC. PRIME B450M-K
Processor: AMD Ryzen 7 2700 Eight-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 16315.19 MB
Available physical RAM: 8708.15 MB
Total Virtual: 17339.19 MB
Available Virtual: 6585.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.03 GB) (Free:124.18 GB) (Model: KINGSTON SA400S37480G) NTFS
Drive d: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:267.23 GB) (Model: ST2000DM008-2FR102) NTFS

\\?\Volume{f600bd76-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.11 GB) NTFS
\\?\Volume{f600bd76-0000-0000-0000-f0a56f000000}\ () (Fixed) (Total:0.54 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 60CB4FFD)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: F600BD76)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=551 MB) - (Type=27)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119315
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný PC

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
swenik
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 14 čer 2011 15:42

Re: Zavirovaný PC

#3 Příspěvek od swenik »

Nevím, jestli se program nezměnil, po scanu jsem musel dát něco do karantény a pak mi to nabídlo tento log. Ale restart neproběhl.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-17-2025
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.5487)
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

Deleted C:\Users\PcPraha\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2121 octets] - [17/02/2025 19:13:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119315
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný PC

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
swenik
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 14 čer 2011 15:42

Re: Zavirovaný PC

#5 Příspěvek od swenik »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-02-2025
Ran by PcPraha (administrator) on DESKTOP-HU04FB6 (17-02-2025 19:46:24)
Running from C:\Users\PcPraha\OneDrive\Desktop\FRST64.exe
Loaded Profiles: PcPraha
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5487 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1e8724cced6e93d4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3472480 2025-02-15] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [Lunar Client] => C:\Users\PcPraha\AppData\Local\Programs\lunarclient\Lunar Client.exe [182282800 2025-02-16] (Moonsworth, LLC -> Moonsworth LLC)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Run: [MicrosoftEdgeAutoLaunch_8CE5AAD05CAC65E64F950DFBE614B880] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088384 2025-02-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\MountPoints2: {cad718f8-a689-11eb-a12d-3c7c3f7ed0e4} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\MountPoints2: {eaba97c3-9fef-11ed-a16e-3c7c3f7ed0e4} - "E:\autorun.exe"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [154112 2024-05-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\132.0.6834.197\Installer\chrmstp.exe [2025-02-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2024-08-08]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {DF6BCD8F-95F7-450C-8982-343AAE3277BB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{B2752B1C-B5C9-401A-BCF0-33B8C8D8B66D} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe [5672544 2025-01-28] (Google LLC -> Google LLC)
Task: {C89D5A96-9E97-4E3C-B3C5-B829A4ECC807} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-01-12] (HP Inc. -> HP Inc.)
Task: {A82948D4-CA64-431E-96B0-A6F255397AD1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-01-12] (HP Inc. -> HP Inc.)
Task: {D93F831C-B5E4-4E8A-B290-BF3ED579AA22} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {FA04D82A-D7D6-4FD3-B796-79AD30F2F307} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBC69D90-AA2E-4072-87E0-8D49C76EE48B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4C0C0B4-96B7-4B7B-832C-241624D82469} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F01BF5FB-AE34-40C7-BA52-E2748AA218C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E10A533-C075-4DAD-B685-CD397CA70A5F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8080914-EB2B-4809-9037-05873BDB0C30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7305F3C5-A743-4E9F-AAA1-3EADA99922A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6E3E5A0-0807-4FE3-AE8F-D59C3883D81D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [683072 2025-02-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {19B43353-52BE-4302-947D-3AE6F086AB1A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1442323326-1954309007-2077260644-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [683072 2025-02-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {397B6588-D7FE-4FDB-AC0D-B93BBC4CA214} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-02-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {50961B07-14EA-432D-9C3B-0D2C125A845E} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3287080 2025-01-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F41F506D-61F6-43CA-8C76-08AF66962F27} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1442323326-1954309007-2077260644-1001 => C:\Users\PcPraha\AppData\Local\Microsoft\OneDrive\25.005.0112.0003\OneDriveLauncher.exe [447032 2025-02-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{07eac8c4-c1b6-44a9-8fd1-e1d00057acff}: [DhcpNameServer] 192.168.31.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PcPraha\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-17]
Edge DownloadDir: Default -> C:\Users\PcPraha\Downloads
Edge HomePage: Default -> hxxp://acer13.msn.com/?pc=ACJB
Edge Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-07]
Edge Extension: (Edge relevant text changes) - C:\Users\PcPraha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]

FireFox:
========
FF DefaultProfile: 6fd9xe6w.default
FF ProfilePath: C:\Users\PcPraha\AppData\Roaming\Mozilla\Firefox\Profiles\6fd9xe6w.default [2020-12-25]
FF ProfilePath: C:\Users\PcPraha\AppData\Roaming\Mozilla\Firefox\Profiles\5wzi1l4b.default-release [2025-02-17]
FF DownloadDir: D:\Stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\5wzi1l4b.default-release -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\5wzi1l4b.default-release -> hxxps://cdshq6hqwnl1qg.enhanceconnection.co.in
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\PcPraha\AppData\Roaming\Mozilla\Firefox\Profiles\5wzi1l4b.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-20]
FF Extension: (Video DownloadHelper) - C:\Users\PcPraha\AppData\Roaming\Mozilla\Firefox\Profiles\5wzi1l4b.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-01-31]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Default [2025-01-11]
CHR Notifications: Default -> hxxps://www.tipsport.cz
CHR Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-30]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-02-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-31]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-02-17]
CHR Notifications: Profile 2 -> hxxps://www.svetandroida.cz; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-28]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-12-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-12]
CHR Profile: C:\Users\PcPraha\AppData\Local\Google\Chrome\User Data\System Profile [2025-02-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5367624 2024-08-08] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [768408 2020-11-04] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-11-09] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19147360 2025-02-15] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1137904 2024-10-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [367064 2024-12-14] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-01-12] (HP Inc. -> HP Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1e8724cced6e93d4\Display.NvContainer\NVDisplay.Container.exe [1275536 2025-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [7499752 2024-11-09] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2022-01-30] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 UsbNcm; C:\WINDOWS\System32\drivers\UsbNcm.sys [114176 2019-12-07] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2018-06-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 atillk64; \??\E:\BIOSY\atiflash_293\atillk64.sys [X]
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-02-17 19:12 - 2025-02-17 19:14 - 000000000 ____D C:\AdwCleaner
2025-02-17 19:10 - 2025-02-17 19:09 - 008790880 _____ (Malwarebytes) C:\Users\PcPraha\OneDrive\Desktop\adwcleaner.exe
2025-02-17 16:54 - 2025-02-17 16:58 - 000075045 _____ C:\Users\PcPraha\OneDrive\Desktop\Addition.txt
2025-02-17 16:52 - 2025-02-17 19:47 - 000020492 _____ C:\Users\PcPraha\OneDrive\Desktop\FRST.txt
2025-02-17 16:52 - 2025-02-17 19:46 - 000000000 ____D C:\FRST
2025-02-17 16:50 - 2025-02-17 16:48 - 002403840 _____ (Farbar) C:\Users\PcPraha\OneDrive\Desktop\FRST64.exe
2025-02-15 23:14 - 2025-02-15 23:14 - 000000000 ___HD C:\$WinREAgent
2025-02-06 17:14 - 2025-02-06 17:14 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1442323326-1954309007-2077260644-1001
2025-02-01 21:46 - 2025-01-26 19:36 - 000125048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2025-02-01 21:33 - 2025-01-27 05:45 - 002072440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-02-01 21:33 - 2025-01-27 05:45 - 002072440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-02-01 21:33 - 2025-01-27 05:45 - 001614192 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-02-01 21:33 - 2025-01-27 05:45 - 001614192 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-02-01 21:33 - 2025-01-27 05:45 - 001576840 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 001576840 _____ C:\WINDOWS\system32\vulkan-1.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 001389960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 001389960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 000477832 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2025-02-01 21:33 - 2025-01-27 05:45 - 000374408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2025-02-01 21:33 - 2025-01-27 05:41 - 001183392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2025-02-01 21:33 - 2025-01-27 05:41 - 000670352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2025-02-01 21:33 - 2025-01-27 05:41 - 000506008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 025643168 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2025-02-01 21:33 - 2025-01-27 05:40 - 002194088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 001641120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 001563784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 001215624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 001046168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2025-02-01 21:33 - 2025-01-27 05:40 - 000903856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2025-02-01 21:33 - 2025-01-27 05:40 - 000804528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 019904168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 019329200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 007225008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 005500064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 003944616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2025-02-01 21:33 - 2025-01-27 05:39 - 000462496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2025-02-01 21:33 - 2025-01-27 05:38 - 005913248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2025-02-01 21:33 - 2025-01-27 05:38 - 000853656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2025-02-01 21:33 - 2025-01-27 05:37 - 005552256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2025-02-01 21:33 - 2025-01-27 05:37 - 004856992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2025-02-01 21:33 - 2025-01-26 19:36 - 000137640 _____ C:\WINDOWS\system32\nvinfo.pb
2025-01-26 21:51 - 2025-01-26 21:54 - 000000000 ____D C:\Users\PcPraha\OneDrive\Desktop\Football Life 2025
2025-01-26 13:00 - 2025-01-26 13:00 - 000000027 _____ C:\Users\PcPraha\OneDrive\Desktop\smazaný sider z Football life 2025.txt
2025-01-24 17:30 - 2025-02-01 19:26 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-01-24 17:30 - 2025-01-25 13:25 - 003108904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2025-01-24 17:30 - 2025-01-25 13:25 - 002398760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2025-01-24 17:30 - 2025-01-24 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2025-01-24 17:26 - 2025-02-16 17:27 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-02-17 19:39 - 2020-09-27 06:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-02-17 19:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-17 19:15 - 2022-02-11 14:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-02-17 19:14 - 2021-06-12 16:45 - 000000000 ____D C:\Users\PcPraha\AppData\Roaming\lunarclient
2025-02-17 19:14 - 2020-12-01 20:28 - 000000000 ____D C:\ProgramData\NVIDIA
2025-02-17 19:06 - 2020-12-25 01:09 - 000000000 ____D C:\Program Files (x86)\Steam
2025-02-17 17:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-02-17 16:39 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-02-16 17:55 - 2020-11-25 16:11 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-02-16 17:55 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2025-02-16 17:55 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2025-02-16 17:48 - 2020-11-13 09:19 - 000000000 ____D C:\Intel
2025-02-16 17:48 - 2020-09-27 08:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-02-16 17:48 - 2020-06-22 17:45 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-16 17:47 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-02-16 17:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-02-16 17:27 - 2021-12-16 20:53 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-02-16 17:27 - 2020-12-25 03:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-02-16 17:27 - 2020-09-27 06:55 - 000434288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-02-16 17:26 - 2024-07-09 20:28 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-02-16 17:26 - 2023-12-14 21:59 - 000000000 ____D C:\WINDOWS\InboxApps
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-02-16 17:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-02-16 17:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-02-16 15:20 - 2020-09-27 08:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-15 23:22 - 2020-09-27 08:58 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-02-15 23:14 - 2020-03-04 15:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-15 23:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-15 23:11 - 2020-03-04 15:27 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-02-15 23:05 - 2021-01-07 20:30 - 000000000 ____D C:\Users\PcPraha\AppData\Local\ElevatedDiagnostics
2025-02-15 22:55 - 2020-04-03 11:45 - 000000000 ____D C:\Users\PcPraha\AppData\Local\NVIDIA
2025-02-15 22:49 - 2023-03-10 18:13 - 000000000 ____D C:\ProgramData\EA Desktop
2025-02-15 22:47 - 2020-12-04 18:18 - 000000000 ____D C:\Users\PcPraha\AppData\Local\NVIDIA Corporation
2025-02-15 18:17 - 2020-12-25 00:39 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-02-07 16:07 - 2021-10-10 12:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-02-07 16:07 - 2020-12-25 03:19 - 000001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-02-06 17:14 - 2022-08-23 16:04 - 000002387 _____ C:\Users\PcPraha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-06 17:14 - 2021-12-13 16:26 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1442323326-1954309007-2077260644-1001
2025-02-06 17:14 - 2020-11-25 16:07 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1442323326-1954309007-2077260644-1001
2025-02-05 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-02-01 21:49 - 2024-10-14 13:23 - 000000000 ____D C:\Users\PcPraha\AppData\LocalLow\NVIDIA
2025-02-01 21:47 - 2020-12-04 18:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-02-01 21:47 - 2020-03-04 14:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-02-01 21:39 - 2020-05-14 09:33 - 000000000 ____D C:\Users\PcPraha\AppData\Local\Battle.net
2025-02-01 21:39 - 2020-05-14 09:33 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-02-01 20:51 - 2020-12-27 02:07 - 000000000 ____D C:\Users\PcPraha\AppData\Roaming\vlc
2025-01-25 13:25 - 2020-12-04 18:17 - 000271912 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2025-01-25 13:25 - 2020-12-04 18:17 - 000245800 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2025-01-25 13:05 - 2020-12-04 18:17 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2025-01-25 13:05 - 2020-12-04 18:16 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2025-01-25 13:05 - 2020-12-04 18:16 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2025-01-24 21:19 - 2021-01-07 14:58 - 000000000 ____D C:\Users\PcPraha\AppData\Local\CrashDumps
2025-01-24 17:32 - 2020-03-04 15:30 - 000000000 ____D C:\Users\PcPraha\AppData\Local\D3DSCache
2025-01-24 17:30 - 2020-12-04 18:14 - 000000000 ____D C:\NVIDIA
2025-01-24 17:30 - 2020-03-04 14:53 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-01-24 17:11 - 2020-12-25 01:10 - 000000000 ____D C:\Users\PcPraha\AppData\Local\Steam

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-02-2025
Ran by PcPraha (17-02-2025 19:47:52)
Running from C:\Users\PcPraha\OneDrive\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5487 (X64) (2020-11-25 15:08:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1442323326-1954309007-2077260644-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1442323326-1954309007-2077260644-503 - Limited - Disabled)
Guest (S-1-5-21-1442323326-1954309007-2077260644-501 - Limited - Disabled)
PcPraha (S-1-5-21-1442323326-1954309007-2077260644-1001 - Administrator - Enabled) => C:\Users\PcPraha
WDAGUtilityAccount (S-1-5-21-1442323326-1954309007-2077260644-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.12 - AnyDesk Software GmbH)
Aplikace NVIDIA 11.0.2.312 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.2.312 - NVIDIA Corporation)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.6.4 - Badlion)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2037 - Disc Soft Ltd)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.396.0.5909 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{e731fa20-93d0-45c0-9e70-54f690fe087e}) (Version: 13.396.0.5909 - Electronic Arts)
Eclipse Temurin JDK with Hotspot 21.0.1+12 (x64) (HKLM\...\{CB5F7F9C-C87C-4DA7-ADE3-71CBC7EE8E24}) (Version: 21.0.1.12 - Eclipse Adoptium)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 132.0.6834.197 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.3351.0 - Rockstar Games)
IntelliJ IDEA Community Edition 2023.3 (HKLM-x32\...\IntelliJ IDEA Community Edition 2023.3) (Version: 233.11799.241 - JetBrains s.r.o.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Access MUI (Czech) 2016 (HKLM\...\{90160000-0015-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2016 (HKLM\...\{90160000-0090-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 133.0.3065.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.69 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Czech) 2016 (HKLM\...\{90160000-0016-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Groove MUI (Czech) 2016 (HKLM\...\{90160000-00BA-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2016 (HKLM\...\{90160000-0044-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM\...\{90160000-00E1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM\...\{90160000-00E2-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM\...\{90160000-002C-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2016 (HKLM\...\{90160000-00C1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM\...\{90160000-006E-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\OneDriveSetup.exe) (Version: 25.005.0112.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM\...\{90160000-00A1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM\...\{90160000-001A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM\...\{90160000-0018-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM\...\{90160000-0019-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (Czech) 2016 (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.82.2 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2016 (HKLM\...\{90160000-001B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 135.0 (x64 cs)) (Version: 135.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 84.0.1 - Mozilla)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSI Kombustor 4.1.5.0 (64-bit) (HKLM\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version: - MSI / Geeks3D)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Niceboy ORYX M200 Gaming Mouse (HKLM-x32\...\Niceboy ORYX M200 Gaming Mouse) (Version: 1.0 - Niceboy)
Noutee (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\{b1d14dfb-e1c2-4567-aa09-141f795b0fed}) (Version: 0.6.6 - Noutee Music)
NVIDIA FrameView SDK 1.5.10819.35301613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10819.35301613 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.16 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
paint.net (HKLM\...\{9108ED9C-43BD-44DF-83AF-6DB198556920}) (Version: 4.3.7 - dotPDN LLC)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8184 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Roblox Player for PcPraha (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for PcPraha (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\roblox-studio) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.97.2200 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.7.8 - Rockstar Games)
SP Football Life 2025 (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\SP Football Life 2025) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 146.0.10945 - Ubisoft)
Uninstall Lunar Client (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 3.3.4-ow - Moonsworth LLC)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\Wargaming.net Game Center) (Version: 21.7.0.6827 - Wargaming.net)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)

Packages:
=========
Code of War -> C:\Program Files\WindowsApps\CND4528B94-2EA2-4D85-B0B7.CodeofWar_3.17.0.0_x64__zxxvj7ezs5pcc [2024-11-09] (Extreme Developers)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-25] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-12] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-04] (Microsoft Corporation) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_2.1.3.0_x64__8wekyb3d8bbwe [2024-11-02] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-02-01] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-09] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2020-05-13] (Realtek Semiconductor Corp)
Remote Play - Remote Console from PC -> C:\Program Files\WindowsApps\54249Leo.D.PSRemotePlayforDesktop_1.0.10.0_x64__pjn0gf28w9awp [2022-09-23] (Leo.D)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.659.473.0_x64__55nm5eh3cm0pr [2025-02-07] (Roblox Corporation)
Robot Shadow Fight -> C:\Program Files\WindowsApps\14448GoodGamesMedia-Famil.RobotShadowFight_10.5.0.0_x64__fwwqg5m9heagm [2021-12-11] (Good Games Media - Family, Kids, Boys, Girls Games) [MS Ad]
SpongeBob: Krusty Cook-Off -> C:\Program Files\WindowsApps\TiltingPoint.SpongeBobKrustyCook-Off_1.26.234.0_x64__85kh3h6wfjavg [2021-09-17] (Tilting Point)
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0 [2025-02-15] (Spotify AB) [Startup Task]
Wings of War: Modern Warplanes -> C:\Program Files\WindowsApps\23866ExtremeDevelopers.WingsofWar_3.30.4.0_x64__zxxvj7ezs5pcc [2024-11-09] (Extreme Developers)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\PcPraha\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-01-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1e8724cced6e93d4\nvshext.dll [2025-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PcPraha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Kristián (zak.zus-hostivar.cz) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2025-02-01 19:26 - 2025-02-01 19:26 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\PlugIns\NVIDIA app\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2025-01-24 17:30 - 2025-02-01 19:26 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10440]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\vfn.cz -> hxxps://app.vfn.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2023-10-29 13:34 - 000001272 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 activation.acronis.com
0.0.0.0 web-api-tih.acronis.com
0.0.0.0 web-api-tie.acronis.com
0.0.0.0 web-api-vmp.acronis.com
0.0.0.0 cloud-rs-ru2.acronis.com
0.0.0.0 cloud-fes-ru2.acronis.com
0.0.0.0 rpc.acronis.com
0.0.0.0 liveupdate.acronis.com
0.0.0.0 download.acronis.com
0.0.0.0 orders.acronis.com
0.0.0.0 ns1.acronis.com
0.0.0.0 ns2.acronis.com
0.0.0.0 ns3.acronis.com
0.0.0.0 account.acronis.com
0.0.0.0 gateway.acronis.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Eclipse Adoptium\jdk-21.0.1.12-hotspot\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\2020\8 Srpen\IMG_4612a.jpg
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AB569B4D-0F55-4CA1-ADCF-86E928913DB5}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{CCDBC088-FEF0-4721-93BE-905D278E36D2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EA8CAF3E-2CFA-4494-BC39-87C869A2434C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7512E99B-4407-463B-8DCC-DFD4737957F8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{971B38DB-9156-44B1-AC8D-B09141D26CA0}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5659CF4-B71D-47C0-8D80-AF56B100A6A3}] => (Allow) C:\Users\PcPraha\AppData\Local\Temp\53CDD8FC-1CF9-4284-8F0A-B6BC321B4F44\ga_service.exe => No File
FirewallRules: [{178168FF-5794-4E2A-B306-0DC37B44477B}] => (Allow) C:\Users\PcPraha\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{D69DD256-4414-4062-BC3F-E252FF3A87E3}] => (Allow) C:\Users\PcPraha\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{60ECC128-98A4-4503-81B9-3EF5F43CDAF0}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageHomeService.exe => No File
FirewallRules: [{743844E4-C93F-4389-B9BE-5D0DD55C89AE}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe => No File
FirewallRules: [{69487DEC-0E9E-4A6A-B867-0B4506C0E9FC}] => (Allow) C:\Users\PcPraha\AppData\Local\Temp\E6D043A8-B395-46DB-88E9-1C807D911AAC\ga_service.exe => No File
FirewallRules: [{DC1F2AF6-EF4D-436B-9C02-02B9EA9DABD8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3FDE8F7-0E51-43A9-8BE0-00F7F6A6AC8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CDABF4CC-858A-4BF4-B0C4-19976680AE90}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2553AF79-51CF-4824-8A2F-1E1D26570524}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D86771C1-914A-4162-A0AF-24174A2648A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{975AC477-FD12-478D-805D-23893A6F45ED}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{43E053E0-93D9-4867-ACAB-71A5B032132C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\pc\Mafia2Launcher\Launcher.exe (2K Games) [File not signed]
FirewallRules: [{C1B9366F-15D2-4063-85E4-A173FD84B683}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\pc\Mafia2Launcher\Launcher.exe (2K Games) [File not signed]
FirewallRules: [{8A91C301-7ABD-4F49-BB92-09120D9E2F4D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{B4CCE11D-5118-4EC7-82C8-87F15FF2F5BD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{7A334DB2-9C26-41BD-B8A1-10D4A559BE27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bomber Dudes\Bomb2019.exe () [File not signed]
FirewallRules: [{5861D151-2577-4B27-83A1-6D9FBA4F5356}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bomber Dudes\Bomb2019.exe () [File not signed]
FirewallRules: [{630E6D0A-9B00-45EF-901C-5CB7A293D2CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\REKT Crash Test\REKT Crash Test.exe () [File not signed]
FirewallRules: [{076FA5EB-63D1-473F-B857-DE091E920F61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\REKT Crash Test\REKT Crash Test.exe () [File not signed]
FirewallRules: [TCP Query User{CDB3FE8F-557F-49B6-8A08-A12629E9DA91}D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{B2F25F2F-B189-40AC-A06F-2BBA889BDF7C}D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{59BEEE86-873D-409F-ABBB-400E65787BAC}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{FA0F03B3-26B6-4ED7-9EA2-9BC6B756A950}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{F57D8EB6-A780-4BA2-AB85-F47DC90E8041}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{15607A79-D6DD-4D3F-AFA7-2412EA8ECCFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{49C995A8-DEF8-4CA8-94C4-05DA21CA278A}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{1D8F3CDD-9D2E-467F-8BEC-810C36AD4882}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{DE36C633-9708-4253-BD17-54D36BB363BA}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1925BFB0-A5D4-4C92-B39E-7352B63BEA67}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{4DC83B2A-67FE-4F39-B457-5D7DAAE7285F}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{C36145A4-AA83-4ADB-8439-31F22D98389B}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [UDP Query User{3BF3F0A2-D3FD-4B39-A9E5-BB0931BC9F4E}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [TCP Query User{742D8A82-4EB0-4E81-BE50-5C625E9FD529}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe
FirewallRules: [UDP Query User{FA571E44-133E-4131-A54D-617C224CFFBF}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe
FirewallRules: [TCP Query User{407C235D-6A77-43C1-8CC5-4278F01ED16E}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{1045A00E-1E8C-421C-A7B8-96759D62F5C4}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{ADC9FA54-59AB-43E3-AC9D-D31C2EFA8173}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{00BE0084-50B2-4EE4-B59F-8C02E4EAE8EA}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{15435E0A-0B3D-4D77-BF2A-143AD2C7C505}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{4945E669-B6EE-47F3-AFB7-9D54E6733F1A}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{699D6868-86B3-45D1-8C6F-B74D15FB9BD1}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{013E1C91-23A6-4981-9AFA-42E56D4FB526}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{51E1D300-C3EF-4BE5-BCB4-31D027183C50}C:\users\pcpraha\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{9858B37B-BC3C-4E67-B6E4-F66C35B8BB4C}C:\users\pcpraha\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{68E72241-EB74-4F69-ADEA-504F21503A2A}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{4B9FA2E7-A125-4D61-993A-918AD2928045}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{A84EB0EC-05E8-4990-A674-349AAE94BB7F}C:\users\pcpraha\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{8F691061-0BF2-4CE2-A57B-3B5E22738C45}C:\users\pcpraha\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{8A957B4B-12C4-4C83-BEE7-FB4E48C84B1B}C:\users\pcpraha\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{EEB2C241-F8DF-49F7-951F-E506D51BAA9C}C:\users\pcpraha\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{709F3473-0097-4068-BACD-57FBB4B4F71C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{94D01904-BFA1-447A-9BDB-91B3B6B495F7}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1FB1FF3F-9C38-496F-8089-F83D8AC4EB0A}] => (Allow) D:\GTA\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{16C7E1B0-0138-4FEA-BD44-8E30B9EBCFFF}] => (Allow) D:\GTA\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{F62916BA-18DC-4249-8C6C-787605D4196B}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.7.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.7.0_x64__pjn0gf28w9awp\chiaki.exe => No File
FirewallRules: [UDP Query User{A9C8AA92-CA48-45C9-BD3E-FA79E7913B63}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.7.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.7.0_x64__pjn0gf28w9awp\chiaki.exe => No File
FirewallRules: [TCP Query User{F4C0D14F-E157-49CB-BCC9-C334F2B243BC}C:\users\pcpraha\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{0A11A432-4640-40AD-909A-FC742308FE7C}C:\users\pcpraha\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [{D2103220-CB91-4708-8F1A-E4406A80DEB1}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe () [File not signed]
FirewallRules: [{169057BD-804A-47F3-81CA-B5A697A85717}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe () [File not signed]
FirewallRules: [{544E379D-CDB5-4F14-A89F-E5972777EB8D}] => (Allow) D:\SteamLibrary\steamapps\common\Castle Defender\Castledefender.exe (Adobe Systems, Inc.) [File not signed]
FirewallRules: [{66583335-84B5-4EFE-82FA-713DB7FECBF4}] => (Allow) D:\SteamLibrary\steamapps\common\Castle Defender\Castledefender.exe (Adobe Systems, Inc.) [File not signed]
FirewallRules: [{03F61C04-F8EB-47C7-9355-8BCD015EE60D}] => (Allow) D:\SteamLibrary\steamapps\common\Space Redemption\Space Redemption.exe (The NWJS Community) [File not signed]
FirewallRules: [{46D4BE93-8E63-4BF4-8752-7D0AE28C95CC}] => (Allow) D:\SteamLibrary\steamapps\common\Space Redemption\Space Redemption.exe (The NWJS Community) [File not signed]
FirewallRules: [{667EAFC8-E4A2-40C3-ABA2-3F520101824D}] => (Allow) D:\FIFA 21\FIFA 21\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{42199C10-D100-433F-8337-D1AC3561B3B8}] => (Allow) D:\FIFA 21\FIFA 21\FIFASetup\fifaconfig.exe => No File
FirewallRules: [TCP Query User{0A55DC7B-CE30-446B-8FE6-0FB73DB4B2B3}D:\fifa 21\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{D81AECF7-9D68-429A-9BD1-30A0D9D7F073}D:\fifa 21\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [{927FF381-0242-4181-9126-183E54C6D258}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{29E08C03-DA83-4605-BE51-9DA9F7CD2793}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{BCB19116-E294-4E9F-B5B8-3D1EAED35EA5}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{ED30C744-18CF-48D7-85BF-B98362B65CD3}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [TCP Query User{29F6070C-B190-4210-965F-4E56AF853AAA}C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{932335D0-9E88-4BD5-A15C-DE0AA9D94C65}C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{72FA5ED6-C79A-417E-A612-676489176DF2}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.9.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.9.0_x64__pjn0gf28w9awp\chiaki.exe => No File
FirewallRules: [UDP Query User{719B5BC6-D273-427B-83F8-2944D64C1486}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.9.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.9.0_x64__pjn0gf28w9awp\chiaki.exe => No File
FirewallRules: [TCP Query User{3CBB0E08-FDC9-4DF7-8F7B-8DB9FC8F68D1}D:\rocketleague\binaries\win64\rocketleague.exe] => (Block) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [UDP Query User{C03409F2-D64C-4337-8D08-7C6AA1C08957}D:\rocketleague\binaries\win64\rocketleague.exe] => (Block) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [TCP Query User{98F6C095-5CE8-4170-B83E-F660D89FCE0F}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe => No File
FirewallRules: [UDP Query User{84BB4C37-ADAA-41AA-A260-23B7B0BEE2E5}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe => No File
FirewallRules: [TCP Query User{7DE7C502-C475-4B2E-81A0-F0A3AFAD42BC}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe (8DED9880-6887-4B01-9BBF-43FF9D2F9B3A -> )
FirewallRules: [UDP Query User{7925C79A-C07F-4903-97C6-A77EC84009CC}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe (8DED9880-6887-4B01-9BBF-43FF9D2F9B3A -> )
FirewallRules: [TCP Query User{98C73681-B387-4739-B886-45B892987E40}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe (8DED9880-6887-4B01-9BBF-43FF9D2F9B3A -> )
FirewallRules: [UDP Query User{4A6E4FD8-FA68-4D5E-B100-18FDE56C3033}C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe] => (Allow) C:\program files\windowsapps\54249leo.d.psremoteplayfordesktop_1.0.10.0_x64__pjn0gf28w9awp\chiaki.exe (8DED9880-6887-4B01-9BBF-43FF9D2F9B3A -> )
FirewallRules: [{03D61195-F57B-4EC7-9088-7D7DB5AE793E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{77C7778F-B8AB-4B6F-A2E5-496639C764E8}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{362FD18D-89C0-4FC2-9E40-01B2068BD6A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{906D28D0-DC25-4E3D-A480-11C38D9EF479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{9A78F9D3-1588-4DDE-BDFB-8D3FA5847B71}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E934767A-28C1-46C5-8960-3EEA7BB2B079}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{35D3BED6-47CD-4475-960C-386521AA0DC0}D:\fifa 21\fifa 21\fifa21.exe] => (Block) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{230BFC37-70EA-4BFF-A12F-6C30844ADA1D}D:\fifa 21\fifa 21\fifa21.exe] => (Block) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [{20C53195-0631-43EF-A6C2-00D1BC7792DD}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F90106FA-733D-48D0-9386-27A87119E1A8}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [TCP Query User{29CDF4FF-F69E-4D52-8C2A-F53BF82399E4}D:\gta\grand theft auto v\gta5.exe] => (Allow) D:\gta\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{BF96E490-E518-4290-848E-726598ECCF77}D:\gta\grand theft auto v\gta5.exe] => (Allow) D:\gta\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{8EE00ACC-1296-4809-B880-140D2544EEAE}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{86DAA3BD-9639-4C5E-BAC3-80ECFC98BF0B}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4CCEE9E4-45B5-4D4F-AE55-F8E73E1A36DD}C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{55F12519-3F22-4692-AEF6-B43063E5FFA1}C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{440F03A3-ED5A-4C71-BDA0-3B3079752115}C:\program files\badlion client\badlion client.exe] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [UDP Query User{1CB9889D-7BC9-46D4-937B-BB29E5696D20}C:\program files\badlion client\badlion client.exe] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [TCP Query User{D744905A-62CB-4B7A-957A-AF9A7C5562F3}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{079536F1-0CB6-4B0F-85FE-F0DB5A8B8B2C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{0F7CC21D-3AC3-4A1F-ADA0-A318146FE62C}] => (Allow) D:\SteamLibrary\steamapps\common\House Flipper\HouseFlipper.exe () [File not signed]
FirewallRules: [{7239173C-2F23-46C4-82C9-2B5256FC5BED}] => (Allow) D:\SteamLibrary\steamapps\common\House Flipper\HouseFlipper.exe () [File not signed]
FirewallRules: [{B5CEC09B-37EF-4502-B9C9-79A27BB162F2}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{F71E1442-9F04-4C6F-BC76-C7589B544AA4}] => (Allow) D:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [TCP Query User{ADCCD939-960A-40F8-8050-B5B651C87092}C:\users\pcpraha\appdata\local\programs\lunarclient\lunar client.exe] => (Allow) C:\users\pcpraha\appdata\local\programs\lunarclient\lunar client.exe (Moonsworth, LLC -> Moonsworth LLC)
FirewallRules: [UDP Query User{EA56B988-6265-4B6C-9C9F-80CDA9A62CFB}C:\users\pcpraha\appdata\local\programs\lunarclient\lunar client.exe] => (Allow) C:\users\pcpraha\appdata\local\programs\lunarclient\lunar client.exe (Moonsworth, LLC -> Moonsworth LLC)
FirewallRules: [{25BFD375-EFAC-4D10-AC1F-648AD2A36C52}] => (Allow) D:\ACMTrial\ACMirage_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{31A3EE8E-D598-4AA6-9674-B97BD32AD6A9}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{59F65E79-B968-4404-BC0A-004AFBB6420A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FF8D1416-A0AE-48D8-B5EC-2AADD306D036}] => (Allow) D:\SteamLibrary\steamapps\common\Monopoly Poker\Monopoly Poker.exe () [File not signed]
FirewallRules: [{C5A96CAA-4006-408E-8D01-D21188F5C065}] => (Allow) D:\SteamLibrary\steamapps\common\Monopoly Poker\Monopoly Poker.exe () [File not signed]
FirewallRules: [TCP Query User{7A95A00D-A0E6-4074-9198-D781607094A8}D:\rocketleague\binaries\win64\rocketleague.exe] => (Block) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [UDP Query User{E6E1F733-D36B-4D18-9281-C9D541BC4241}D:\rocketleague\binaries\win64\rocketleague.exe] => (Block) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [TCP Query User{044A27A4-3805-4811-8CFE-C4E1E29ADA34}C:\users\pcpraha\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{71E03EE2-D82A-4B05-8810-D7233D555C9C}C:\users\pcpraha\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{FD73FAFA-76E6-4637-A663-A461ACA963E8}D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{7CB6F1FC-2498-417E-9B4F-56376707CE3B}D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{9F90E96E-406F-4647-A1BD-4ABCB8C044C6}D:\football life 2025\fl_2025.exe] => (Allow) D:\football life 2025\fl_2025.exe (SP) [File not signed]
FirewallRules: [UDP Query User{DC453F16-CE06-4B30-B363-C78DBAECB4B0}D:\football life 2025\fl_2025.exe] => (Allow) D:\football life 2025\fl_2025.exe (SP) [File not signed]
FirewallRules: [TCP Query User{A42A9DCD-A9AE-46B4-B921-9C24CAB53CC6}D:\football life 2025\pes2021.exe] => (Allow) D:\football life 2025\pes2021.exe (SP) [File not signed]
FirewallRules: [UDP Query User{994D92C7-D4ED-4A2F-A58E-41C5EFB7ED05}D:\football life 2025\pes2021.exe] => (Allow) D:\football life 2025\pes2021.exe (SP) [File not signed]
FirewallRules: [{F91D35F5-A5B8-4A00-9D77-39A7CED54014}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA455D2A-65A0-42D5-8C20-09C56910B47B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6549F49-3234-4D5B-A32B-265062A84920}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{91D47600-13AC-4DA6-946D-61F27F2B23DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35163315-DFE2-4E2F-A82F-8EF88024F636}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8DCA38A7-29C1-46E4-B820-6CCBF6FDEE84}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6999768B-4F85-428D-B982-995E2216F806}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2558B7D-9B0F-488E-8AFD-8C35EE079771}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5FC6890B-8CCC-4CDC-A393-0AB17EE9F5E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{88EF99D8-D5FA-484E-8106-C99E0196142C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{23129B60-CF0E-4AE0-8FF6-4D1F0FCC1818}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{63684ACA-8AA3-4223-B2A1-8D4967EADFFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FBDA4DE9-DE63-484F-9AEC-FE4B8B65B117}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{257C5AFF-483B-4BE7-9B1D-697C6FEB7630}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CD02F396-A810-470C-93A4-55C8A9AFA898}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DA4D769F-6D11-4358-9CEE-7528C83EF946}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8395589A-F950-4385-90D9-5F19330E3F62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{17B16123-AAF6-494E-8004-4C9A1D02C3EE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{4A042839-95ED-4343-A5AD-F7D91095B21B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{48C13AFB-DFC9-4084-BDDB-72866FD4CE84}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D803DFCC-D089-4A39-BFB0-8D3239BA70E5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{92F575B4-394E-4465-9F16-5FE84E49A1DD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{CC6B6283-F816-4F37-8E0A-09DB12F8EBE9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{B51F3ED4-B73F-4BDB-BC91-71400CABBC02}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{98D0574C-A564-4D63-92F3-75BDEA0C6FEA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D1D1D97C-4823-4253-89CB-C3814A6DFEE1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5F84FCE0-C953-4414-ADF6-98C500549DA7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1DAE2000-89C4-43DB-B0FB-F1AEA2D121AF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4B1F5E49-43D3-4873-97A2-B11EAE002228}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9A58CB20-02C3-461E-95CA-F6B45F7DE514}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A4804E1D-805B-49B6-98D7-36277485F1D4}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BE9ABB68-7FCE-4767-A98E-0DC006AB5070}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F3764675-3575-49FB-87AE-B66A613610BC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6D99608E-2F70-4A03-9134-3BF0C7DA882B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/17/2025 04:38:38 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/16/2025 06:28:11 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).

Error: (02/16/2025 05:46:37 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5425_none_7e0bb22e7c8f7e0e\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (02/16/2025 03:22:51 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/15/2025 11:16:55 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5425_none_7e0bb22e7c8f7e0e\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (02/15/2025 11:14:26 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5363_none_7e1ab0d27c839437\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (02/15/2025 06:20:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/08/2025 10:00:38 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (02/17/2025 07:26:18 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 07:26:18 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 07:26:18 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 07:14:41 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HU04FB6)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (02/17/2025 07:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (02/17/2025 07:14:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba EABackgroundService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/17/2025 07:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (02/17/2025 07:14:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2025-02-17 17:48:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7EDE9712-BED8-4A70-8EA9-A6FC861ADBAD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-08 17:57:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5A59E90F-303A-47B2-9BE0-D244BFECAF2F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-07 18:00:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {74617BC0-7EF8-412A-B00F-ED7CDC2BE94C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-06 17:54:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {54428684-F6E0-498C-AA84-776FE0841BBB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-05 17:57:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0542155C-E7C9-4464-AA74-08797790C5BF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2024-03-20 15:25:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.407.547.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24020.9
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2024-03-20 15:25:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.407.547.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24020.9
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2024-09-13 17:37:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\207.4.5821\vulkan-1.dll that did not meet the Microsoft signing level requirements.

Date: 2023-11-26 19:47:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-01 20:36:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-09-25 17:54:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-09 15:39:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2202 07/14/2020
Motherboard: ASUSTeK COMPUTER INC. PRIME B450M-K
Processor: AMD Ryzen 7 2700 Eight-Core Processor
Percentage of memory in use: 36%
Total physical RAM: 16315.19 MB
Available physical RAM: 10354.07 MB
Total Virtual: 17339.19 MB
Available Virtual: 9400.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.03 GB) (Free:124.33 GB) (Model: KINGSTON SA400S37480G) NTFS
Drive d: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:267.23 GB) (Model: ST2000DM008-2FR102) NTFS

\\?\Volume{f600bd76-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.11 GB) NTFS
\\?\Volume{f600bd76-0000-0000-0000-f0a56f000000}\ () (Fixed) (Total:0.54 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 60CB4FFD)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: F600BD76)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=551 MB) - (Type=27)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119315
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný PC

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\MountPoints2: {cad718f8-a689-11eb-a12d-3c7c3f7ed0e4} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\MountPoints2: {eaba97c3-9fef-11ed-a16e-3c7c3f7ed0e4} - "E:\autorun.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {DF6BCD8F-95F7-450C-8982-343AAE3277BB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{B2752B1C-B5C9-401A-BCF0-33B8C8D8B66D} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe [5672544 2025-01-28] (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CustomCLSID: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\PcPraha\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10440]
FirewallRules: [{B5659CF4-B71D-47C0-8D80-AF56B100A6A3}] => (Allow) C:\Users\PcPraha\AppData\Local\Temp\53CDD8FC-1CF9-4284-8F0A-B6BC321B4F44\ga_service.exe => No File
FirewallRules: [{178168FF-5794-4E2A-B306-0DC37B44477B}] => (Allow) C:\Users\PcPraha\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{D69DD256-4414-4062-BC3F-E252FF3A87E3}] => (Allow) C:\Users\PcPraha\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{60ECC128-98A4-4503-81B9-3EF5F43CDAF0}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageHomeService.exe => No File
FirewallRules: [{743844E4-C93F-4389-B9BE-5D0DD55C89AE}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe => No File
FirewallRules: [{69487DEC-0E9E-4A6A-B867-0B4506C0E9FC}] => (Allow) C:\Users\PcPraha\AppData\Local\Temp\E6D043A8-B395-46DB-88E9-1C807D911AAC\ga_service.exe => No File
FirewallRules: [{D86771C1-914A-4162-A0AF-24174A2648A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{975AC477-FD12-478D-805D-23893A6F45ED}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{1925BFB0-A5D4-4C92-B39E-7352B63BEA67}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{4DC83B2A-67FE-4F39-B457-5D7DAAE7285F}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{407C235D-6A77-43C1-8CC5-4278F01ED16E}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{1045A00E-1E8C-421C-A7B8-96759D62F5C4}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{ADC9FA54-59AB-43E3-AC9D-D31C2EFA8173}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{00BE0084-50B2-4EE4-B59F-8C02E4EAE8EA}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{68E72241-EB74-4F69-ADEA-504F21503A2A}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{4B9FA2E7-A125-4D61-993A-918AD2928045}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [{667EAFC8-E4A2-40C3-ABA2-3F520101824D}] => (Allow) D:\FIFA 21\FIFA 21\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{42199C10-D100-433F-8337-D1AC3561B3B8}] => (Allow) D:\FIFA 21\FIFA 21\FIFASetup\fifaconfig.exe => No File
FirewallRules: [TCP Query User{0A55DC7B-CE30-446B-8FE6-0FB73DB4B2B3}D:\fifa 21\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{D81AECF7-9D68-429A-9BD1-30A0D9D7F073}D:\fifa 21\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [TCP Query User{98F6C095-5CE8-4170-B83E-F660D89FCE0F}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe => No File
FirewallRules: [UDP Query User{84BB4C37-ADAA-41AA-A260-23B7B0BEE2E5}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe => No File
FirewallRules: [{362FD18D-89C0-4FC2-9E40-01B2068BD6A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{906D28D0-DC25-4E3D-A480-11C38D9EF479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [TCP Query User{35D3BED6-47CD-4475-960C-386521AA0DC0}D:\fifa 21\fifa 21\fifa21.exe] => (Block) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{230BFC37-70EA-4BFF-A12F-6C30844ADA1D}D:\fifa 21\fifa 21\fifa21.exe] => (Block) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [{20C53195-0631-43EF-A6C2-00D1BC7792DD}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F90106FA-733D-48D0-9386-27A87119E1A8}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
swenik
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 14 čer 2011 15:42

Re: Zavirovaný PC

#7 Příspěvek od swenik »

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-02-2025
Ran by PcPraha (17-02-2025 21:08:42) Run:1
Running from C:\Users\PcPraha\OneDrive\Desktop
Loaded Profiles: PcPraha
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\MountPoints2: {cad718f8-a689-11eb-a12d-3c7c3f7ed0e4} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\...\MountPoints2: {eaba97c3-9fef-11ed-a16e-3c7c3f7ed0e4} - "E:\autorun.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {DF6BCD8F-95F7-450C-8982-343AAE3277BB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{B2752B1C-B5C9-401A-BCF0-33B8C8D8B66D} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe [5672544 2025-01-28] (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CustomCLSID: HKU\S-1-5-21-1442323326-1954309007-2077260644-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\PcPraha\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10440]
FirewallRules: [{B5659CF4-B71D-47C0-8D80-AF56B100A6A3}] => (Allow) C:\Users\PcPraha\AppData\Local\Temp\53CDD8FC-1CF9-4284-8F0A-B6BC321B4F44\ga_service.exe => No File
FirewallRules: [{178168FF-5794-4E2A-B306-0DC37B44477B}] => (Allow) C:\Users\PcPraha\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{D69DD256-4414-4062-BC3F-E252FF3A87E3}] => (Allow) C:\Users\PcPraha\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{60ECC128-98A4-4503-81B9-3EF5F43CDAF0}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageHomeService.exe => No File
FirewallRules: [{743844E4-C93F-4389-B9BE-5D0DD55C89AE}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe => No File
FirewallRules: [{69487DEC-0E9E-4A6A-B867-0B4506C0E9FC}] => (Allow) C:\Users\PcPraha\AppData\Local\Temp\E6D043A8-B395-46DB-88E9-1C807D911AAC\ga_service.exe => No File
FirewallRules: [{D86771C1-914A-4162-A0AF-24174A2648A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{975AC477-FD12-478D-805D-23893A6F45ED}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{1925BFB0-A5D4-4C92-B39E-7352B63BEA67}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{4DC83B2A-67FE-4F39-B457-5D7DAAE7285F}] => (Allow) C:\Users\PcPraha\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{407C235D-6A77-43C1-8CC5-4278F01ED16E}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{1045A00E-1E8C-421C-A7B8-96759D62F5C4}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{ADC9FA54-59AB-43E3-AC9D-D31C2EFA8173}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{00BE0084-50B2-4EE4-B59F-8C02E4EAE8EA}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{68E72241-EB74-4F69-ADEA-504F21503A2A}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{4B9FA2E7-A125-4D61-993A-918AD2928045}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [{667EAFC8-E4A2-40C3-ABA2-3F520101824D}] => (Allow) D:\FIFA 21\FIFA 21\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{42199C10-D100-433F-8337-D1AC3561B3B8}] => (Allow) D:\FIFA 21\FIFA 21\FIFASetup\fifaconfig.exe => No File
FirewallRules: [TCP Query User{0A55DC7B-CE30-446B-8FE6-0FB73DB4B2B3}D:\fifa 21\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{D81AECF7-9D68-429A-9BD1-30A0D9D7F073}D:\fifa 21\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [TCP Query User{98F6C095-5CE8-4170-B83E-F660D89FCE0F}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe => No File
FirewallRules: [UDP Query User{84BB4C37-ADAA-41AA-A260-23B7B0BEE2E5}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe => No File
FirewallRules: [{362FD18D-89C0-4FC2-9E40-01B2068BD6A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{906D28D0-DC25-4E3D-A480-11C38D9EF479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [TCP Query User{35D3BED6-47CD-4475-960C-386521AA0DC0}D:\fifa 21\fifa 21\fifa21.exe] => (Block) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{230BFC37-70EA-4BFF-A12F-6C30844ADA1D}D:\fifa 21\fifa 21\fifa21.exe] => (Block) D:\fifa 21\fifa 21\fifa21.exe => No File
FirewallRules: [{20C53195-0631-43EF-A6C2-00D1BC7792DD}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F90106FA-733D-48D0-9386-27A87119E1A8}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cad718f8-a689-11eb-a12d-3c7c3f7ed0e4} => removed successfully
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eaba97c3-9fef-11ed-a16e-3c7c3f7ed0e4} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF6BCD8F-95F7-450C-8982-343AAE3277BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF6BCD8F-95F7-450C-8982-343AAE3277BB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{B2752B1C-B5C9-401A-BCF0-33B8C8D8B66D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{B2752B1C-B5C9-401A-BCF0-33B8C8D8B66D}" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKU\S-1-5-21-1442323326-1954309007-2077260644-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5659CF4-B71D-47C0-8D80-AF56B100A6A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{178168FF-5794-4E2A-B306-0DC37B44477B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D69DD256-4414-4062-BC3F-E252FF3A87E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60ECC128-98A4-4503-81B9-3EF5F43CDAF0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{743844E4-C93F-4389-B9BE-5D0DD55C89AE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69487DEC-0E9E-4A6A-B867-0B4506C0E9FC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D86771C1-914A-4162-A0AF-24174A2648A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{975AC477-FD12-478D-805D-23893A6F45ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1925BFB0-A5D4-4C92-B39E-7352B63BEA67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DC83B2A-67FE-4F39-B457-5D7DAAE7285F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{407C235D-6A77-43C1-8CC5-4278F01ED16E}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1045A00E-1E8C-421C-A7B8-96759D62F5C4}C:\users\pcpraha\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ADC9FA54-59AB-43E3-AC9D-D31C2EFA8173}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{00BE0084-50B2-4EE4-B59F-8C02E4EAE8EA}C:\users\pcpraha\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{68E72241-EB74-4F69-ADEA-504F21503A2A}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4B9FA2E7-A125-4D61-993A-918AD2928045}C:\users\pcpraha\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{667EAFC8-E4A2-40C3-ABA2-3F520101824D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{42199C10-D100-433F-8337-D1AC3561B3B8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0A55DC7B-CE30-446B-8FE6-0FB73DB4B2B3}D:\fifa 21\fifa 21\fifa21.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D81AECF7-9D68-429A-9BD1-30A0D9D7F073}D:\fifa 21\fifa 21\fifa21.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{98F6C095-5CE8-4170-B83E-F660D89FCE0F}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{84BB4C37-ADAA-41AA-A260-23B7B0BEE2E5}D:\steamlibrary\steamapps\common\fifa 23\fifa23.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{362FD18D-89C0-4FC2-9E40-01B2068BD6A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{906D28D0-DC25-4E3D-A480-11C38D9EF479}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{35D3BED6-47CD-4475-960C-386521AA0DC0}D:\fifa 21\fifa 21\fifa21.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{230BFC37-70EA-4BFF-A12F-6C30844ADA1D}D:\fifa 21\fifa 21\fifa21.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20C53195-0631-43EF-A6C2-00D1BC7792DD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F90106FA-733D-48D0-9386-27A87119E1A8}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 278763841 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 718943458 B
Windows/system/drivers => 1767552 B
Edge => 0 B
Chrome => 1384743232 B
Firefox => 1503883469 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 10866 B
NetworkService => 1622672 B
PcPraha => 8768375 B

RecycleBin => 0 B
EmptyTemp: => 3.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:14:51 ====
Nahoru
swenik
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 14 čer 2011 15:42

Re: Zavirovaný PC

#8 Příspěvek od swenik »

Aha, chtěl jsem přispět aspoň něco málo na forum, teď jen doufám, že přijdou peníze Vám.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119315
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný PC

#9 Příspěvek od Rudy »

To, co čtete výše, je, bohužel, dílo spammera. Příspěvek bude smazán a uživatel banován. Vše bylo smazáno. Nastasla nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
swenik
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 14 čer 2011 15:42

Re: Zavirovaný PC

#10 Příspěvek od swenik »

Ano, už mi to zavirování na MF nevyskakuje. Takže už je vše v pořádku?

Jen doufám, že ta malá částka byla na toto forum, platil jsem přes ten červený rámeček vpravo dole.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119315
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný PC

#11 Příspěvek od Rudy »

Pokud jste dodržel vše, co se tam píše, určitě došla. Spameři si u nás udělali prée a píší nám podobné vzkazy do fóra. Mažeme je, ale občas se nějaký objeví. Nejste první (a asi ani poslední) komu se to v jeho vléknu stalo. Mějte se! :-)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
swenik
Návštěvník
Návštěvník
Příspěvky: 133
Registrován: 14 čer 2011 15:42

Re: Zavirovaný PC

#12 Příspěvek od swenik »

To věřím. V každém případě mockrát děkuji za pomoc, mějte se hezky.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119315
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný PC

#13 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“