Prosím o preventivní kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2025
Ran by Petr (administrator) on DESKTOP-8L6UMNV (ASUS System Product Name) (14-03-2025 14:07:39)
Running from C:\Users\Petr\Desktop\FRST64.exe
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5608 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (GENESYS LOGIC, INC. -> Genesys Logic, Inc.) C:\Windows\System32\GlHubFltService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_a2eeb2756802bbd3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c1ed66a4660de9da\RtkAudUService64.exe <2>
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2501.1.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <11>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2502.1001.6.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5547_none_7e02b5467c95ffef\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AOC G-Menu] => D:\Programy\AOC G-Menu\DisplayTune.exe startup_folder (No File)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c1ed66a4660de9da\RtkAudUService64.exe [1672528 2023-05-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [G-Menu] => D:\Programy\G-menu\G-Menu.exe --openAsHidden (No File)
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [Steam] => D:\Programy\steam\steam.exe [4435552 2025-01-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [EpicGamesLauncher] => D:\Programy\epic games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37091856 2025-03-13] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3472480 2025-02-13] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291152 2025-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\134.0.6998.89\Installer\chrmstp.exe [2025-03-13] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {E21C4885-6F5C-4CC5-B461-8DF4449DDE98} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {ECC9E40E-238E-4784-B2A8-636E5EA4A66F} - System32\Tasks\AMDRyzenMasterSDKTask => "C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe" (No File)
Task: {237F5C67-2818-4965-A2C8-30F32C11539E} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [371048 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {5FC3C921-191A-4D6B-8B8C-7D57DF5F3277} - System32\Tasks\ASUS\Armoury Crate Service Task_CountDown => C:\ProgramData\ASUS\FestsEffect\data\CountDown\CountDown.exe [108504 2023-10-31] (ASUSTeK COMPUTER INC. -> )
Task: {078FA4DB-64EF-4563-ABB7-D7DE582DC0C8} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1771368 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {9AF933CF-EDEE-4F5A-965F-35A0BEC69CB2} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2183016 2024-01-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {9F326989-F71B-4A6F-9225-DAD297869A80} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1467752 2024-01-29] (ASUSTeK COMPUTER INC. -> )
Task: {14FB34D7-0A30-4408-8C14-413AD6100B07} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1dad210924be133 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-07-09] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {05CEB7C7-B20F-4EBF-8732-4C85B2637F82} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-07-09] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {D19F0502-5E43-4380-B61D-DCF2208C4410} - System32\Tasks\ASUS\Aura Wallpaper Service => C:\Program Files\ASUS\Aura Wallpaper Service\Aura Wallpaper Service.exe (No File)
Task: {180FFC1B-68CC-46D1-9018-CDA90FC26C58} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [152109928 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {E05FCCFC-C05C-437D-9355-C1D1CEA929C4} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4332392 2024-01-08] (ASUSTeK COMPUTER INC. -> TODO: <Company name>)
Task: {ACCAA116-0D84-495C-8C6A-BD8E889852F3} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2023-12-07] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {5992F2D2-FCCC-4D28-8DBC-3BF6F3176FA0} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {317FD6D6-0B60-4737-A079-F397F1FB7DE6} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.5{0839B559-7947-458E-A7B3-CD4822A54D5F} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.5\updater.exe [5745760 2025-03-03] (Google LLC -> Google LLC)
Task: {0BBC5663-93AD-4CBD-A231-64ED76FFE059} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {437EA5CE-7346-489F-8EDE-2F3DC9C26B60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5C52A1F4-F86E-4D40-9764-C8C9876D8C77} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {139F7B08-35CD-4BBF-AB89-619223FA6503} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {25EB1BE6-C34B-430B-BBD3-F091539DA6D4} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (No File)
Task: {9C8504DD-4491-46F4-845E-8FD42806990B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (No File)
Task: {328D1C19-73A7-4F37-89D7-B82FB99515F8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (No File)
Task: {601CE842-22DA-4112-995F-A284F88DDF47} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3287072 2025-02-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EBF97F0-6BED-4192-8619-6BE0E4FFA26E} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3845522762-3943333843-1076900623-1001 => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\25.020.0202.0001\OneDriveLauncher.exe [669200 2025-03-05] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{c7413e2b-7226-42f6-b86f-dfc806464648}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{c7413e2b-7226-42f6-b86f-dfc806464648}: [DhcpDomain] home
Tcpip\..\Interfaces\{c7413e2b-7226-42f6-b86f-dfc806464648}\0556472702D202960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{ff9f8f1a-9151-4641-9d7b-0c1fa9869393}: [DhcpNameServer] 10.0.0.20 10.0.0.7 10.0.0.54 192.168.123.114 192.168.123.115 10.0.0.253
Tcpip\..\Interfaces\{ff9f8f1a-9151-4641-9d7b-0c1fa9869393}: [DhcpDomain] tekooub.local
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-26]
Edge Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-30]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-07-10]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2025-03-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-07-09]hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S3 AntiCheatExpert Protection; C:\Program Files\AntiCheatExpert\ACE-Service64.exe [3107232 2024-10-14] (ACEVILLE PTE LTD -> ANTICHEATEXPERT.COM)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2098080 2024-10-14] (ACEVILLE PTE LTD -> ANTICHEATEXPERT.COM)
S3 ArmouryCrateDownloadTool; C:\Windows\System32\DriverStore\FileRepository\rogms.inf_amd64_1a978b89f16e1813\ArmouryLiveUpdate.exe [577304 2024-08-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [404440 2025-02-25] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe [908648 2024-10-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-07-09] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [503144 2024-09-25] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe [1854312 2024-10-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-07-09] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2025-03-13] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15737128 2024-08-26] (BattlEye Innovations e.K. -> )
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [434000 2023-02-21] (DTS, Inc. -> DTS Inc.)
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [100420000 2025-02-07] (Electronic Arts, Inc. -> Electronic Arts)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19147360 2025-02-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1137904 2025-01-07] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2025-01-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicGamesUpdater; D:\Programy\epic games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3054608 2025-03-06] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [367064 2025-01-05] (Epic Games Inc. -> Epic Games, Inc.)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlUsbFltService; C:\Windows\system32\GlHubFltService.exe [181072 2022-12-30] (GENESYS LOGIC, INC. -> Genesys Logic, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4955496 2024-08-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_a2eeb2756802bbd3\Display.NvContainer\NVDisplay.Container.exe [1275560 2025-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; D:\Programy\Rockstar games\RockstarService.exe [4314608 2024-10-08] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2125352 2024-11-22] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559328 2025-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12470112 2024-08-28] (KRAFTON, Inc. -> KRAFTON, Inc)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [2198584 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> ANTICHEATEXPERT.COM)
S3 ACE-SSC-DRV64; C:\Program Files\AntiCheatExpert\SGuard\x64\plugins\ACE-SSC-DRV64.sys [188416 2024-10-14] (Microsoft Windows Hardware Compatibility Publisher -> ANTICHEATEXPERT.COM)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV26; C:\Windows\system32\AMDRyzenMasterDriver.sys [60576 2024-07-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [77240 2022-07-18] (Advanced Micro Devices Inc. -> AMD)
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [58936 2024-09-24] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44592 2025-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [34520 2024-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 glusbflt; C:\Windows\system32\drivers\glusbflt.sys [57288 2022-12-30] (GENESYS LOGIC, INC. -> Genesys Logic)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [54888 2024-07-09] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [278944 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 ROGMS; C:\Windows\System32\DriverStore\FileRepository\rogms.inf_amd64_1a978b89f16e1813\ROGMS.sys [41384 2024-08-13] (ASUSTeK COMPUTER INC. -> Windows (R) Win 7 DDK provider)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20016 2025-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601520 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-14 14:07 - 2025-03-14 14:07 - 002404352 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2025-03-14 14:07 - 2025-03-14 14:07 - 000000000 ____D C:\FRST
2025-03-13 17:20 - 2025-03-14 14:07 - 000023857 _____ C:\Users\Petr\Desktop\FRST.txt
2025-03-13 17:20 - 2025-03-13 17:10 - 000033961 _____ C:\Users\Petr\Desktop\Addition.txt
2025-03-12 19:03 - 2025-03-12 19:03 - 000001327 _____ C:\Users\Petr\Desktop\tile – zástupce.lnk
2025-03-11 20:54 - 2025-03-11 20:54 - 000000000 ___HD C:\$WinREAgent
2025-03-11 19:53 - 2025-03-11 19:53 - 000530239 _____ C:\Users\Petr\Downloads\Piknik_UH_2025_najem8000.pdf
2025-03-11 19:51 - 2025-03-11 19:54 - 000529913 _____ C:\Users\Petr\Downloads\Piknik_Brno_2025_najem12000.pdf
2025-03-06 17:39 - 2025-03-04 12:10 - 002072464 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2025-03-06 17:39 - 2025-03-04 12:10 - 002072464 _____ C:\Windows\system32\vulkaninfo.exe
2025-03-06 17:39 - 2025-03-04 12:10 - 001614224 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-03-06 17:39 - 2025-03-04 12:10 - 001614224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2025-03-06 17:39 - 2025-03-04 12:10 - 001576848 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2025-03-06 17:39 - 2025-03-04 12:10 - 001576848 _____ C:\Windows\system32\vulkan-1.dll
2025-03-06 17:39 - 2025-03-04 12:10 - 001389968 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2025-03-06 17:39 - 2025-03-04 12:10 - 001389968 _____ C:\Windows\SysWOW64\vulkan-1.dll
2025-03-06 17:39 - 2025-03-04 12:10 - 000477840 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2025-03-06 17:39 - 2025-03-04 12:10 - 000374952 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2025-03-06 17:39 - 2025-03-04 12:06 - 001183912 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2025-03-06 17:39 - 2025-03-04 12:06 - 000669848 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2025-03-06 17:39 - 2025-03-04 12:06 - 000506024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2025-03-06 17:39 - 2025-03-04 12:05 - 025643688 _____ C:\Windows\system32\nvidia-pcc.exe
2025-03-06 17:39 - 2025-03-04 12:05 - 001563800 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2025-03-06 17:39 - 2025-03-04 12:05 - 001216168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2025-03-06 17:39 - 2025-03-04 12:05 - 000904336 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2025-03-06 17:39 - 2025-03-04 12:04 - 019904152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2025-03-06 17:39 - 2025-03-04 12:04 - 002195112 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2025-03-06 17:39 - 2025-03-04 12:04 - 001642152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2025-03-06 17:39 - 2025-03-04 12:04 - 001045648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2025-03-06 17:39 - 2025-03-04 12:04 - 000804520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2025-03-06 17:39 - 2025-03-04 12:04 - 000462992 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2025-03-06 17:39 - 2025-03-04 12:03 - 019329704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2025-03-06 17:39 - 2025-03-04 12:03 - 007225000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2025-03-06 17:39 - 2025-03-04 12:03 - 005913240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2025-03-06 17:39 - 2025-03-04 12:03 - 005500056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2025-03-06 17:39 - 2025-03-04 12:03 - 003944616 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2025-03-06 17:39 - 2025-03-04 12:03 - 000853144 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2025-03-06 17:39 - 2025-03-04 12:02 - 005554312 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2025-03-06 17:39 - 2025-03-04 12:02 - 004859592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2025-03-06 17:39 - 2025-03-04 04:20 - 000137714 _____ C:\Windows\system32\nvinfo.pb
2025-03-03 20:36 - 2025-03-03 20:36 - 000007601 _____ C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
2025-02-26 20:25 - 2025-02-26 20:25 - 000000000 ____D C:\Users\Petr\AppData\Local\ESET
2025-02-14 16:14 - 2025-02-14 16:14 - 000000000 ____D C:\Users\Petr\AppData\Roaming\EA
2025-02-14 16:14 - 2025-02-14 16:14 - 000000000 ____D C:\ProgramData\eaanticheat
2025-02-14 16:14 - 2025-02-14 16:14 - 000000000 ____D C:\Program Files\EA
2025-02-13 19:00 - 2025-02-13 19:06 - 000000000 ____D C:\Users\Petr\Documents\FIFA 22
2025-02-13 19:00 - 2025-02-13 19:00 - 000000000 ____D C:\ProgramData\Electronic Arts
2025-02-13 18:59 - 2025-02-13 19:00 - 000000000 ____D C:\ProgramData\Origin
2025-02-13 18:59 - 2025-02-13 18:59 - 000000000 ____D C:\Users\Petr\AppData\Local\Link2EA
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-14 14:07 - 2024-07-09 15:59 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2025-03-14 14:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-14 14:03 - 2024-07-09 14:34 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-03-14 08:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2025-03-14 07:53 - 2024-07-09 16:11 - 000000000 ____D C:\Users\Petr\AppData\Roaming\asus_framework
2025-03-13 21:53 - 2024-08-26 15:08 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-13 21:50 - 2024-07-10 17:02 - 000000000 ____D C:\ProgramData\Studio
2025-03-13 21:37 - 2024-07-10 17:02 - 000000000 ____D C:\Users\Petr\AppData\Local\Stud.io
2025-03-13 21:28 - 2024-07-12 18:25 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2025-03-13 21:28 - 2024-07-09 14:34 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2025-03-13 21:28 - 2024-07-09 14:34 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2025-03-13 21:28 - 2024-07-09 14:34 - 000008192 ___SH C:\DumpStack.log.tmp
2025-03-13 21:28 - 2024-07-09 14:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-03-13 21:28 - 2023-12-04 03:52 - 000000000 ____D C:\Windows\SystemTemp
2025-03-13 21:28 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-03-13 21:12 - 2024-07-09 15:59 - 000000000 ____D C:\Program Files\ASUS
2025-03-13 16:56 - 2024-07-09 18:36 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2025-03-13 16:56 - 2024-07-09 18:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-13 16:56 - 2024-07-09 18:36 - 000002021 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-03-13 14:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-13 10:48 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2025-03-13 10:45 - 2024-07-09 17:15 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-03-13 10:45 - 2024-07-09 17:15 - 000002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-03-12 19:02 - 2024-07-10 14:34 - 000000000 ____D C:\Users\Petr\Desktop\lego ideas
2025-03-12 16:03 - 2024-07-09 14:34 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-11 21:05 - 2024-10-20 17:16 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2025-03-11 21:05 - 2024-07-09 14:34 - 000304688 _____ C:\Windows\system32\FNTCACHE.DAT
2025-03-11 21:05 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-03-11 21:05 - 2019-12-07 15:44 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-03-11 21:05 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-03-11 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-03-11 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2025-03-11 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2025-03-11 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2025-03-11 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-03-11 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2025-03-11 21:05 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2025-03-11 20:59 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2025-03-11 20:57 - 2024-07-09 14:38 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-03-10 18:42 - 2024-08-26 17:48 - 000000000 ____D C:\Users\Petr\Desktop\věcičky
2025-03-09 21:12 - 2024-07-12 15:59 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2025-03-09 17:14 - 2024-08-04 15:03 - 000002242 _____ C:\Users\Petr\Desktop\Discord.lnk
2025-03-09 17:14 - 2024-07-10 15:27 - 000001192 _____ C:\Users\Petr\Desktop\OpenOffice 4.1.9.lnk
2025-03-09 16:07 - 2024-07-09 14:39 - 000000000 ____D C:\Users\Petr
2025-03-09 11:22 - 2024-08-26 15:08 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA
2025-03-07 15:57 - 2024-07-09 14:34 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-07 15:57 - 2024-07-09 14:34 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-06 20:55 - 2024-07-10 14:38 - 000000000 ____D C:\Users\Petr\Desktop\Jaa
2025-03-06 20:55 - 2024-07-10 14:34 - 000000000 ____D C:\Users\Petr\Desktop\Ja
2025-03-06 16:35 - 2024-07-09 14:34 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-03-05 15:54 - 2025-02-06 19:03 - 000003574 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-3845522762-3943333843-1076900623-1001
2025-03-05 15:54 - 2024-07-09 16:23 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3845522762-3943333843-1076900623-1001
2025-03-05 15:54 - 2024-07-09 14:42 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3845522762-3943333843-1076900623-1001
2025-03-05 15:54 - 2024-07-09 14:39 - 000002378 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-02 09:03 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2025-02-27 15:56 - 2024-12-05 20:55 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-02-27 15:56 - 2024-12-05 20:55 - 000001394 _____ C:\Users\Public\Desktop\NVIDIA.lnk
2025-02-27 15:56 - 2024-08-26 15:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-02-26 20:37 - 2024-09-01 06:13 - 000001381 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-02-21 17:07 - 2024-07-22 12:45 - 000000000 ____D C:\Users\Petr\AppData\Roaming\aTubeCatcher_10
2025-02-20 16:14 - 2024-11-02 23:17 - 000308776 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_6.dll
2025-02-20 16:14 - 2024-07-10 17:48 - 002897472 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2025-02-20 16:14 - 2024-07-10 17:48 - 000788032 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2025-02-20 16:14 - 2024-07-10 17:48 - 000267840 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2025-02-20 16:14 - 2024-07-10 17:48 - 000243264 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2025-02-20 16:14 - 2024-07-10 17:48 - 000153128 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2025-02-20 16:14 - 2024-07-10 17:48 - 000124480 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2025-02-20 16:14 - 2024-07-10 17:48 - 000075328 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2025-02-19 01:24 - 2024-12-05 20:55 - 003108896 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2025-02-19 01:24 - 2024-12-05 20:55 - 002398752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2025-02-19 01:24 - 2024-08-26 15:08 - 000271904 _____ C:\Windows\system32\FvSDK_x64.dll
2025-02-19 01:24 - 2024-08-26 15:08 - 000245792 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2025-02-19 01:05 - 2024-08-26 15:08 - 000180760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2025-02-19 01:05 - 2024-08-26 15:08 - 000159768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2025-02-19 01:05 - 2024-08-26 15:08 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2025-02-18 20:51 - 2024-07-09 14:40 - 001683940 _____ C:\Windows\system32\PerfStringBackup.INI
2025-02-18 20:51 - 2019-12-07 15:43 - 000713246 _____ C:\Windows\system32\perfh005.dat
2025-02-18 20:51 - 2019-12-07 15:43 - 000143964 _____ C:\Windows\system32\perfc005.dat
2025-02-18 17:56 - 2024-11-22 12:00 - 000000000 ____D C:\ProgramData\Packer
2025-02-15 20:26 - 2025-01-12 17:52 - 000000000 ____D C:\Users\Petr\AppData\Roaming\EasyAntiCheat
2025-02-15 19:40 - 2024-07-10 15:17 - 000000000 ____D C:\Users\Petr\Desktop\gamys
2025-02-15 15:42 - 2024-07-09 14:57 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2025-02-14 16:15 - 2024-08-26 15:02 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2025-02-14 14:21 - 2024-08-26 15:17 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2025-02-14 14:21 - 2024-08-26 15:17 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\NVIDIA
2025-02-13 20:51 - 2024-07-10 11:19 - 000000000 ____D C:\Windows\system32\compatrel
2025-02-13 20:51 - 2023-12-04 03:52 - 000000000 ____D C:\Windows\InboxApps
2025-02-13 20:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-02-13 20:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2025-02-13 20:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-02-13 19:32 - 2024-07-09 15:59 - 000000000 ____D C:\ProgramData\Package Cache
2025-02-13 19:00 - 2024-07-10 15:40 - 000000000 ____D C:\ProgramData\EA Desktop
2025-02-13 18:58 - 2024-07-10 13:41 - 000000000 ____D C:\Users\Petr\AppData\Local\Steam
2025-02-13 16:05 - 2024-07-09 16:14 - 000000000 ____D C:\Windows\system32\MRT
2025-02-13 16:04 - 2024-07-09 16:14 - 209365816 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2024-10-31 19:26 - 2024-10-31 19:26 - 000000018 _____ () C:\Users\Petr\AppData\Roaming\.cache9050425797200915815.dat
2024-07-10 19:15 - 2024-07-10 19:15 - 000000044 _____ () C:\Users\Petr\AppData\Roaming\Screen+.data
2025-03-03 20:36 - 2025-03-03 20:36 - 000007601 _____ () C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2025
Ran by Petr (14-03-2025 14:08:24)
Running from C:\Users\Petr\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5608 (X64) (2024-07-09 13:36:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3845522762-3943333843-1076900623-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3845522762-3943333843-1076900623-503 - Limited - Disabled)
Guest (S-1-5-21-3845522762-3943333843-1076900623-501 - Limited - Disabled)
Petr (S-1-5-21-3845522762-3943333843-1076900623-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3845522762-3943333843-1076900623-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 25.001.20432 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.03.36 - ASUSTeK Computer Inc.)
Aiseesoft Data Recovery 1.8.26 (HKLM-x32\...\{E67DD0BA-233F-4EA9-B010-9B0A3D58F690}_is1) (Version: 1.8.26 - Aiseesoft Studio)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.)
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.124 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.27 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.26.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{42e5a8d4-8fb0-48a1-9063-fc159c7566a0}) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.) Hidden
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
AntiCheatExpert (HKLM\...\AntiCheatExpert) (Version: 15.0.2405.347 - )
Aplikace NVIDIA 11.0.2.337 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.2.337 - NVIDIA Corporation)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.9.14 - ASUS)
ASUS Aac_GmAcc HAL (HKLM\...\{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_GmAcc HAL (HKLM-x32\...\{c3219916-0c5a-483c-8b38-bdd71cf96365}) (Version: 1.0.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.3.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{8fd8086a-a017-4dde-9157-e762e69ad2c9}) (Version: 1.3.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{49D5558A-B837-4930-AB87-8855AEF52283}) (Version: 3.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{8d854dcd-ab31-4eb2-af67-e1f77a71c262}) (Version: 3.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{359B9A9D-A289-4962-BCE2-13EBFD50D532}) (Version: 1.5.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{fd65673f-f2c8-4ec3-9673-9e423bf854e7}) (Version: 1.5.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.46 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.2.0.4 - ASUSTeK Computer Inc.)
ASUS Keyboard HAL (HKLM\...\{59ABEA11-ACDE-4869-977C-EACCC294C50E}) (Version: 1.2.73.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{98dffe1e-d5be-4d18-b2d5-9943499a30d8}) (Version: 1.2.73.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.02.03 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.129 - ASUSTeK Computer Inc.) Hidden
aTube Catcher verze 10.8.11 (HKLM\...\{363C8C67-92B1-4FC9-BEC0-F5F197EFA07E}_is1) (Version: 10.8.11 - DsNET Corp. - Diego Uscanga)
Audacity 3.5.1 (HKLM\...\Audacity_is1) (Version: 3.5.1 - Audacity Team)
AURA DRAM Component (HKLM\...\{D128585A-F8AB-4CA1-A63F-7B4B4A99129A}) (Version: 1.1.26 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{92a6184a-46c7-4c23-adfd-5b7c8c1a9877}) (Version: 1.1.26 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.54 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{5a78a7d3-44e9-4462-8796-3746f1c62cb8}) (Version: 3.07.54 - ASUSTeK Computer Inc.)
Autodesk SketchBook (HKLM\...\{AE6C5657-8710-4968-BEB5-1E2ED89CB2D2}) (Version: 8.71.0000 - Autodesk)
Discord (HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Discord) (Version: 1.0.9156 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.396.0.5909 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{2b0223fe-15dd-4a4c-9c19-dd09352992c2}) (Version: 13.396.0.5909 - Electronic Arts)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.49.4 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{98faff1a-720e-4ffe-b922-0a1d6ec0d699}) (Version: 1.1.49.4 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
GameRanger (HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\GameRanger) (Version: - GameRanger Technologies)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
GMenu (HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\4ac46a8d-c0d4-56ee-87f3-9abd4ce22e7f) (Version: 3.21.0 - AOC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.89 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.3337.0 - Rockstar Games)
iMazing Converter 2.0.9.0 (HKLM\...\{907AAA47-68DC-4FB3-A50E-E69A8994D2B0}_is1) (Version: 2.0.9.0 - DigiDNA)
I-Menu (HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\63050247-7cb3-5350-b155-07161c2c3473) (Version: 1.3.0 - AOC)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-MX) (HKLM-x32\...\{E8F3B154-03CE-4120-8B9D-9E83ED5F3AD7}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{afab10dc-c1d5-45c1-ad91-fe33af8ac488}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Core Host - 3.1.32 (x86) (HKLM-x32\...\{3C73457A-1A33-4DE0-B6C2-6FBA877E1FCF}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x86) (HKLM-x32\...\{CE1A992F-4571-423D-9CAE-1184E8F29471}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x86) (HKLM-x32\...\{841FE4B1-2C3F-4304-A686-6DF41B4CC1A1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.10 (x64) (HKLM\...\{3A80EBC5-6B68-49B9-BEBD-E1A6C966B416}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.10 (x64) (HKLM\...\{062CD1ED-0A3C-483C-A871-50173240C545}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.10 (x64) (HKLM\...\{15B7D0C2-F209-4C28-AF1C-FD8326F4D58A}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.32 - Shared Framework (x86) (HKLM-x32\...\{b52191c1-a9c0-4b34-9a4e-930c2dd8a540}) (Version: 3.1.32.22566 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.32 Shared Framework (x86) (HKLM-x32\...\{C2C8E71E-42CF-3CFE-8CFB-F8F96670C190}) (Version: 3.1.32.22566 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.66 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.92 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\OneDriveSetup.exe) (Version: 25.020.0202.0001 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (nl-NL) (HKLM-x32\...\{2CBAB07E-4865-40F0-9D6A-EFA350420166}) (Version: 10.2.7300.97 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x86) (HKLM-x32\...\{25D5B94A-E3CD-44E8-9C3A-FE320B7B38FC}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x86) (HKLM-x32\...\{4f894285-fd43-43ac-8669-33e8b7c0a97d}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM\...\{614C9740-3FD4-4788-A277-7C35CB4C323B}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM-x32\...\{d990096d-6282-42c5-8d16-71272c5be274}) (Version: 8.0.10.34118 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.5.10819.35301613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10819.35301613 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.70 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.9 (HKLM-x32\...\{AF1550B8-D3D6-425E-A6C1-F21C157DF754}) (Version: 4.19.9805 - Apache Software Foundation)
PartDesigner version 2.24.7_1 (HKLM-x32\...\{BC559428-4DED-417B-8D6B-0A25D0A78462}_is1) (Version: 2.24.7_1 - BrickLink Corporation)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9517.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.60.615.2022 - Realtek)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.54.20.608 - Realtek)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.96.2164_S11_R5 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.7.1 - Rockstar Games)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.02.03 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.4.26.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
RyzenMasterSDK (HKLM\...\{1F022860-E6B9-402E-A96A-54BD53C98668}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studio 2.0 version 2.24.6_2 (HKLM-x32\...\{BC38679A-F04A-4A76-BE97-F75C890A7429}_is1) (Version: 2.24.6_2 - BrickLink Corporation)
TUF GAMING K3 (HKLM-x32\...\{54332069-12a7-408b-b8cb-838ffa8827ad}) (Version: 4.01.12 - ASUSTek Computer Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 154.1.11095 - Ubisoft)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69}) (Version: 1.0.0.7 - PD) Hidden
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
ViGEm Bus Driver (HKLM\...\{966606F3-2745-49E9-BF15-5C3EAA4E9077}) (Version: 1.22.0 - Nefarius Software Solutions e.U.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Packages:
=========
Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2024-07-09] (Sparse Package)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.14.0_x64__qmba6cd70vzyy [2025-02-25] (ASUSTeK COMPUTER INC.)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.15.0_x64__t5j2fzbtdg37r [2024-07-10] (DTS, Inc.)
Forza Horizon 3 -> C:\Program Files\WindowsApps\Microsoft.OpusPG_1.0.125.2_x64__8wekyb3d8bbwe [2024-07-26] (Microsoft Studios)
Monitorian -> C:\Program Files\WindowsApps\10186emoacht.Monitorian_4.10.2.0_neutral__0q7myvhtpbc7w [2025-02-21] (emoacht) [Startup Task]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.34.0_x64__qmba6cd70vzyy [2025-03-13] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-03-06] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.41.294.0_x64__dt26b99r8h8gj [2024-07-10] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3845522762-3943333843-1076900623-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3845522762-3943333843-1076900623-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3845522762-3943333843-1076900623-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3845522762-3943333843-1076900623-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3845522762-3943333843-1076900623-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3845522762-3943333843-1076900623-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3845522762-3943333843-1076900623-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\winrar\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\winrar\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_a2eeb2756802bbd3\nvshext.dll [2025-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\winrar\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\winrar\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-12-24 09:04 - 2024-07-03 15:49 - 000346112 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\@img\sharp-win32-ia32\lib\sharp-win32-ia32.node
2024-07-09 15:59 - 2024-08-13 14:58 - 000449536 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2025-02-27 15:56 - 2025-02-27 15:56 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\PlugIns\NVIDIA app\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2024-12-05 20:55 - 2025-02-27 15:56 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\tracing:? [34]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2024-08-03 16:55 - 2024-08-03 16:55 - 000000444 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\Desktop\gp2402_171538_67a5531.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt640x64.sys
Wi-Fi: 802.11n USB Wireless LAN Card -> netr28ux.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\StartupApproved\Run: => "G-Menu"
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C42CB6DD-1089-439E-B1B7-DD156BEEC1ED}] => (Allow) C:\Users\Petr\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{C95BF68A-3494-4320-B562-876BFE30121B}] => (Allow) C:\Users\Petr\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{18593E4D-794E-4FE1-B02E-E1BFC0583E67}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{A05A769F-FF23-4EE3-A03F-48611F32CCB2}] => (Allow) C:\program files\asus\aacambienthal\aacambientlighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{D927B991-58DF-4B3B-8629-2AC4FAE2E48B}] => (Allow) C:\Users\Petr\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{AB9B8C29-3855-408A-8705-B52D4EA590F9}D:\programy\g-menu\g-menu.exe] => (Allow) D:\programy\g-menu\g-menu.exe => No File
FirewallRules: [UDP Query User{7E7680E0-C977-40C2-A186-59E98944DE43}D:\programy\g-menu\g-menu.exe] => (Allow) D:\programy\g-menu\g-menu.exe => No File
FirewallRules: [TCP Query User{619EBECD-7F1D-40E3-94FA-96C98071E781}D:\programy\g-menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g-menu\resources\bin\g_menu.exe => No File
FirewallRules: [UDP Query User{DD085BC0-9217-4CC8-81F6-BAD2856C9180}D:\programy\g-menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g-menu\resources\bin\g_menu.exe => No File
FirewallRules: [TCP Query User{E3A83711-63BC-4537-92C2-FA810CA99A8D}D:\programy\i menu\resources\bin\i_menu.exe] => (Allow) D:\programy\i menu\resources\bin\i_menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> )
FirewallRules: [UDP Query User{34885258-5E31-4718-AA83-14676C7C5620}D:\programy\i menu\resources\bin\i_menu.exe] => (Allow) D:\programy\i menu\resources\bin\i_menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> )
FirewallRules: [TCP Query User{E5BD5EFC-63A0-475C-B179-8F8477B5C6B2}C:\i-menu\i-menu.exe] => (Allow) C:\i-menu\i-menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> AOC)
FirewallRules: [UDP Query User{51DA8C8A-D7CE-48EB-9EBE-BCC367B4D154}C:\i-menu\i-menu.exe] => (Allow) C:\i-menu\i-menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> AOC)
FirewallRules: [TCP Query User{ADFFA6CF-17D0-451F-B6D8-9AF71796A8FD}C:\i-menu\resources\bin\i_menu.exe] => (Allow) C:\i-menu\resources\bin\i_menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Zeasn)
FirewallRules: [UDP Query User{08798987-506F-455A-9DAF-47EDEBF7CE65}C:\i-menu\resources\bin\i_menu.exe] => (Allow) C:\i-menu\resources\bin\i_menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Zeasn)
FirewallRules: [{147F7427-462D-4CE6-8766-376465836599}] => (Allow) D:\Programy\steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C5EAB721-C2BA-4854-8823-B02CD71D0119}] => (Allow) D:\Programy\steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D106643D-EDEC-4C1E-80D3-ACF5B9F44AB2}] => (Allow) D:\Programy\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{209DF013-B7EE-44BC-AEF4-2EB8D30D2DE4}] => (Allow) D:\Programy\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A9F3EFDE-D359-45B0-AC91-1672B8E2E388}] => (Allow) D:\Programy\steam\steamapps\common\Teardown\teardown.exe (Tuxedo Labs AB) [File not signed]
FirewallRules: [{265A7744-FD0C-46E6-8553-288069B1B5A4}] => (Allow) D:\Programy\steam\steamapps\common\Teardown\teardown.exe (Tuxedo Labs AB) [File not signed]
FirewallRules: [TCP Query User{303C5BF1-5A2B-45C3-94DC-EB19CF191984}D:\programy\g menu\g-menu.exe] => (Allow) D:\programy\g menu\g-menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> AOC)
FirewallRules: [UDP Query User{482A49DB-8902-4F2E-91EF-1D4F66385280}D:\programy\g menu\g-menu.exe] => (Allow) D:\programy\g menu\g-menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> AOC)
FirewallRules: [TCP Query User{71FBEBA3-24B3-46FC-B7EF-3F022582BAE3}D:\programy\g menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g menu\resources\bin\g_menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Zeasn)
FirewallRules: [UDP Query User{AA09A484-526C-44A0-83BA-24249566329C}D:\programy\g menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g menu\resources\bin\g_menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Zeasn)
FirewallRules: [{4B146402-A865-420B-A4A3-CE52C4F8E4B8}] => (Allow) D:\Programy\steam\steamapps\common\Days Gone\BendGame\Binaries\Win64\DaysGone.exe (Sony Interactive Entertainment LLC) [File not signed]
FirewallRules: [{13AED1B7-B0C0-437D-AF06-DF61C1EA367E}] => (Allow) D:\Programy\steam\steamapps\common\Days Gone\BendGame\Binaries\Win64\DaysGone.exe (Sony Interactive Entertainment LLC) [File not signed]
FirewallRules: [{709E2F8F-9491-4FBF-8B3A-C53E5CE7480A}] => (Allow) D:\Programy\steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{87070C06-B22A-4937-BE82-3A0213E10D06}] => (Allow) D:\Programy\steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [TCP Query User{C521EDE9-4ACC-4D9A-998F-4B96A05C1ED5}D:\hry\rdr 2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr 2\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{1D9FA4A9-7F31-4B64-BC9A-3CE1EA315323}D:\hry\rdr 2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr 2\red dead redemption 2\rdr2.exe => No File
FirewallRules: [TCP Query User{19594B92-E853-4CD5-A130-5FF0E1865675}D:\hry\gta 5\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta 5\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{7DFC22B6-3870-42D6-A333-810C7648432B}D:\hry\gta 5\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta 5\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{9475C2C4-585A-41A8-85BE-CAA3F752C57B}C:\users\petr\downloads\detective\radeondevelopertoolsuite-2024-06-26-1341\radeondeveloperpanel.exe] => (Allow) C:\users\petr\downloads\detective\radeondevelopertoolsuite-2024-06-26-1341\radeondeveloperpanel.exe => No File
FirewallRules: [UDP Query User{F0C3917F-7DE5-4EA0-AFAE-3C20DF36EAE6}C:\users\petr\downloads\detective\radeondevelopertoolsuite-2024-06-26-1341\radeondeveloperpanel.exe] => (Allow) C:\users\petr\downloads\detective\radeondevelopertoolsuite-2024-06-26-1341\radeondeveloperpanel.exe => No File
FirewallRules: [{00D0F6D8-ECF2-48F8-8317-E6BF4D050820}] => (Allow) D:\Programy\steam\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6C797182-4BDB-45FF-B6AE-70A269BFB568}] => (Allow) D:\Programy\steam\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{14FDFC1C-23BA-4B44-894A-88C047449EF6}] => (Allow) D:\Programy\steam\steamapps\common\Ready Or Not\Engine\Binaries\Win64\CrashReporter.exe () [File not signed]
FirewallRules: [{72E9893F-1196-4644-B2AC-6A1581E5B319}] => (Allow) D:\Programy\steam\steamapps\common\Ready Or Not\Engine\Binaries\Win64\CrashReporter.exe () [File not signed]
FirewallRules: [{D71C708D-0EA3-4371-B4E0-4A556F583328}] => (Allow) E:\SteamLibrary\steamapps\common\Wreckfest\Wreckfest_x64.exe () [File not signed]
FirewallRules: [{97827E18-ECC7-4B7A-AB77-ACC434DF5F7A}] => (Allow) E:\SteamLibrary\steamapps\common\Wreckfest\Wreckfest_x64.exe () [File not signed]
FirewallRules: [{B9C75705-EA9C-44FA-82CE-98B29868CF72}] => (Allow) E:\SteamLibrary\steamapps\common\Wreckfest\Wreckfest.exe () [File not signed]
FirewallRules: [{F08D4478-4E4B-49A0-9701-E5196F5CB8F7}] => (Allow) E:\SteamLibrary\steamapps\common\Wreckfest\Wreckfest.exe () [File not signed]
FirewallRules: [{726FCEB1-17DC-4250-BF39-991C912B23C7}] => (Allow) E:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{45CA20F2-BD4A-4D4F-A928-6F86642854D0}] => (Allow) E:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{AF5CC6D5-B4B9-446D-B32A-6A0310938FB0}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [{9BC7582D-1CF0-46D7-952C-C1516B095159}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [{1872D6BF-D3DA-4A24-949D-0E1FC00E1596}] => (Allow) E:\SteamLibrary\steamapps\common\Half Sword Demo\HalfSwordUE5.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{33E86CD6-40A8-48E7-AB00-DE41D8EC2D9A}] => (Allow) E:\SteamLibrary\steamapps\common\Half Sword Demo\HalfSwordUE5.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{B7945F01-7D14-4820-ADAD-4862D7E88ADE}D:\programy\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programy\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{281659DC-82F0-4E09-96AD-110E7A301BB4}D:\programy\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programy\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{14F0F635-6C28-4FFA-872B-398956047EF2}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{9FB89357-57A4-4096-B982-AE6AAE19FE68}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{8597FCD7-BCAC-408C-8E04-C65D4084F8C4}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{05994277-468A-4366-8868-F17ABF1D2279}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{8594BD89-C6B2-4846-967C-BAA200D4FF88}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe] => (Block) C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe => No File
FirewallRules: [UDP Query User{196C020A-989B-4BF2-A204-F3C7BD5A90E1}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe] => (Block) C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe => No File
FirewallRules: [{2077D930-588D-4659-8A57-86E07F8B9429}] => (Allow) LPort=57209
FirewallRules: [{43A2040E-241B-4E04-9A77-78BFE1933E96}] => (Allow) LPort=57210
FirewallRules: [{76823BF0-49F9-4E5C-A27A-F1EF233AC12C}] => (Allow) LPort=57211
FirewallRules: [{E0CCBA5C-4AB2-4E20-9DD1-8703B222F61C}] => (Allow) LPort=57212
FirewallRules: [{4B211044-0785-40EF-811C-C3D1CD7557EC}] => (Allow) LPort=57213
FirewallRules: [{2C311E17-3E8D-4421-9D83-3148465F3C31}] => (Allow) LPort=57214
FirewallRules: [{F2B9B07C-8C69-40C7-82CE-BE06748DEA75}] => (Allow) LPort=57215
FirewallRules: [{6F0F2652-48C7-4F24-8A5B-D23C7F0C6081}] => (Allow) LPort=57216
FirewallRules: [{08FAB89A-66F7-4A7C-8E90-B92F6C3D3CC8}] => (Allow) LPort=57217
FirewallRules: [{33064D21-E7B0-4E0F-8DFD-9C102EEEFE44}] => (Allow) LPort=57218
FirewallRules: [{FB5B554E-A541-4379-BE43-24E3346EF978}] => (Allow) LPort=57209
FirewallRules: [{C559A5EB-E9E2-437C-BBB2-0E5E4770AF14}] => (Allow) LPort=57210
FirewallRules: [{EA70F393-6747-4892-A216-6E9DA47251BF}] => (Allow) LPort=57211
FirewallRules: [{FE621F2F-263E-4195-88FB-1D419E6E1157}] => (Allow) LPort=57212
FirewallRules: [{84BB3B2A-15B9-4EE8-B200-9E9B752C97B4}] => (Allow) LPort=57213
FirewallRules: [{EF8A4AA1-4AD5-4545-806D-C481D6F934B3}] => (Allow) LPort=57214
FirewallRules: [{1EC56FBD-C671-46BA-90B8-B31856E51DE9}] => (Allow) LPort=57215
FirewallRules: [{DB4260C0-D947-482D-9149-1F349CC225B4}] => (Allow) LPort=57216
FirewallRules: [{D69E9299-2E82-4186-94E2-99F18F3D188E}] => (Allow) LPort=57217
FirewallRules: [{72CFA0A9-C481-4E25-BE48-8C75A7AE3EE1}] => (Allow) LPort=57218
FirewallRules: [{1CCEF867-2F6F-465C-A115-A41927CBB358}] => (Allow) LPort=23007
FirewallRules: [{F025A9F1-7FAE-40FA-9E3A-C6D6FF8C3004}] => (Allow) LPort=23008
FirewallRules: [{67683154-73AA-4DA4-8A96-DEE487AFFB73}] => (Allow) LPort=33009
FirewallRules: [{29F3C699-0F0B-4BB4-99A2-42CFE166D9B3}] => (Allow) LPort=33010
FirewallRules: [{7FB4E57C-7FAF-4147-9E7A-86E4C08C1A7B}] => (Allow) LPort=33011
FirewallRules: [{8FA04C16-9C64-4AE7-B97D-4B6E4D2EE3CB}] => (Allow) LPort=43012
FirewallRules: [{5309C958-825B-4CBB-AE71-6B423D9D3008}] => (Allow) LPort=43013
FirewallRules: [{24FE96C9-2B8A-49D5-B56A-40FF32E0C7EB}] => (Allow) LPort=53014
FirewallRules: [{72EF4875-5178-488D-995D-AED055A70DF3}] => (Allow) LPort=53015
FirewallRules: [{265F00D0-BA62-42AD-9BED-A30DDA9B811A}] => (Allow) LPort=53016
FirewallRules: [{BB08F3B1-2336-4B47-945D-0E73100224EF}] => (Allow) LPort=23007
FirewallRules: [{2FBC8195-35B3-4847-B9DF-17921CAC400F}] => (Allow) LPort=23008
FirewallRules: [{6BC1D64C-7365-4AA3-A793-1F33A09B508B}] => (Allow) LPort=33009
FirewallRules: [{7E40A48D-F87E-4D16-8AD3-3C8B0C38E59A}] => (Allow) LPort=33010
FirewallRules: [{30A96013-0BC6-4933-B08B-E59001EB4471}] => (Allow) LPort=33011
FirewallRules: [{6C45FD2E-B65D-4FAE-8F1B-1A73448D90A4}] => (Allow) LPort=43012
FirewallRules: [{0FDD4756-38E4-4D5A-8E88-848962B2AF04}] => (Allow) LPort=43013
FirewallRules: [{28C68C02-2D76-4776-8E49-2530E2A35151}] => (Allow) LPort=53014
FirewallRules: [{B8CBEC01-9D5E-4834-B07C-B2FF2CBC30DA}] => (Allow) LPort=53015
FirewallRules: [{98F5ED1B-BFDD-4AD1-9280-A7D151D37E69}] => (Allow) LPort=53016
FirewallRules: [{D065BD66-C4B1-472E-ADC5-A6BB30EFE3ED}] => (Allow) LPort=50053
FirewallRules: [{55E4D238-D336-4B4E-AC6C-A74E2E8CDA2F}] => (Allow) LPort=50053
FirewallRules: [{53F62E0C-01FF-4CEF-A1C6-DBEAB079589B}] => (Allow) LPort=57209
FirewallRules: [{A2EFC4A5-CF69-409F-AB58-04F02320EAE4}] => (Allow) LPort=57210
FirewallRules: [{9B8D8CEB-9A06-40C8-B8BF-3BEEAC7954AC}] => (Allow) LPort=57211
FirewallRules: [{62728924-EF6C-4A14-95BD-C99E544E718C}] => (Allow) LPort=57212
FirewallRules: [{E0531A56-4A34-4478-81FB-708B0A5036FE}] => (Allow) LPort=57213
FirewallRules: [{D640218F-4D01-4ADC-8139-853B52BBD379}] => (Allow) LPort=57214
FirewallRules: [{3DC00FE6-950F-48F2-B4EA-34AF56A143FD}] => (Allow) LPort=57215
FirewallRules: [{08D1437B-811D-4C7D-A2E0-9573893909DF}] => (Allow) LPort=57216
FirewallRules: [{AC5C7FF6-5AF2-4511-8EEA-61A989F88BEF}] => (Allow) LPort=57217
FirewallRules: [{2B063995-D87B-4769-BA0F-52A8C843BDFC}] => (Allow) LPort=57218
FirewallRules: [{B0DB4F2F-6ED2-4BF4-A84B-7F0DB49632EA}] => (Allow) LPort=57209
FirewallRules: [{358BFB67-90CF-452B-A30D-EF9639EA1247}] => (Allow) LPort=57210
FirewallRules: [{645C9CB9-1C48-4159-A60C-5B667FC6B79B}] => (Allow) LPort=57211
FirewallRules: [{FB685B90-928C-420A-9E4C-F40843DDD568}] => (Allow) LPort=57212
FirewallRules: [{BFD0BC41-49F4-42F9-B37E-490017A87BCD}] => (Allow) LPort=57213
FirewallRules: [{5853A064-51D7-4508-8EE4-AC96D57009F0}] => (Allow) LPort=57214
FirewallRules: [{7D51F68F-B39E-4338-BB70-362A83956264}] => (Allow) LPort=57215
FirewallRules: [{877188EA-4615-4282-828B-9C883C06DB5B}] => (Allow) LPort=57216
FirewallRules: [{D0FDF760-410B-4D06-958B-3D7592D4A17C}] => (Allow) LPort=57217
FirewallRules: [{0250B572-7BC7-48F7-BC9E-D1FCE6E29FDA}] => (Allow) LPort=57218
FirewallRules: [{7E486321-FB1A-4311-8762-DB607DC695AC}] => (Allow) LPort=23007
FirewallRules: [{87385C47-2ECC-41F3-9BC5-4D99356878BC}] => (Allow) LPort=23008
FirewallRules: [{ACC4E1A6-75FD-4A58-B08E-2D35BB65335B}] => (Allow) LPort=33009
FirewallRules: [{A6350700-9008-4642-A0B2-50B48C6943BE}] => (Allow) LPort=33010
FirewallRules: [{F920BDA1-DCF9-49A6-A05A-4BEFA8F7759A}] => (Allow) LPort=33011
FirewallRules: [{8B1C7D44-6FCF-4B1A-BF1A-146EA0D76FF1}] => (Allow) LPort=43012
FirewallRules: [{D43133B6-1087-4187-B05C-CDFD286B0C66}] => (Allow) LPort=43013
FirewallRules: [{3C753317-A038-4A18-A364-6EBA9EE1149F}] => (Allow) LPort=53014
FirewallRules: [{8257202B-CFDD-436D-B0DB-FCD75FE94A31}] => (Allow) LPort=53015
FirewallRules: [{F964BB31-2718-4C51-B63F-04D48AAC8F1B}] => (Allow) LPort=53016
FirewallRules: [{4E5844D6-3B93-446C-A6CE-3A20C9AA3302}] => (Allow) LPort=23007
FirewallRules: [{CF342467-94F3-4AB7-A74A-FBA9F6747EE6}] => (Allow) LPort=23008
FirewallRules: [{DA0E6A64-8800-42FC-A7E3-E13BD56B3977}] => (Allow) LPort=33009
FirewallRules: [{9145D9DF-EE5C-45CC-8E5D-727DF585E23A}] => (Allow) LPort=33010
FirewallRules: [{0D08934D-6DFC-4533-A4D2-06546AE3F5C4}] => (Allow) LPort=33011
FirewallRules: [{84BA3FDC-CE95-474E-B911-FEDF60217052}] => (Allow) LPort=43012
FirewallRules: [{F37FF73A-CE93-40AD-97FC-EEE1C9CFFDAA}] => (Allow) LPort=43013
FirewallRules: [{9B33B3D5-E64F-40CB-9B45-5F40396A981B}] => (Allow) LPort=53014
FirewallRules: [{45A61999-B4A3-45B9-B890-02B3745A4191}] => (Allow) LPort=53015
FirewallRules: [{594DA3D7-E360-4590-B7A8-1103A8F3D105}] => (Allow) LPort=53016
FirewallRules: [{BF46C712-13BC-494F-A157-704F502F7EF8}] => (Allow) LPort=50053
FirewallRules: [{ADA4D257-2BA8-4B24-BEF5-382895666C16}] => (Allow) LPort=50053
FirewallRules: [TCP Query User{1FADF59D-CA9A-436D-A4F3-EBE051CBDFB8}D:\programy\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\programy\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F352433B-8360-4721-8D18-D8D66216C8DE}D:\programy\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\programy\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{48DFBF33-6E5F-47E4-BD9C-08595D5E33A6}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe => No File
FirewallRules: [UDP Query User{D2A3641C-8DDB-41F3-B919-5DE90AA4CA3A}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe => No File
FirewallRules: [TCP Query User{3F7F13AE-87CD-48FC-845B-5782778FB3DD}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe => No File
FirewallRules: [UDP Query User{21800104-9440-42EF-AC21-F63205B0132E}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe => No File
FirewallRules: [{34E597B8-D87F-434C-A934-F4AA73F645A6}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{96BE1646-6F1F-4B16-8815-65E9E18EBB4D}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{28006899-F79C-440B-AC48-3C5F253F5666}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{08B402A8-C369-4B15-A6BE-2ACE631D0456}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{CA76599A-5B3A-4F49-9E36-8E7089A4E855}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [TCP Query User{D24FE3E2-72A4-4693-850B-C00C7F938A33}D:\hry\hellletlooseg0wu4\hll\binaries\win64\hllepicgamesstore-win64-shipping.exe] => (Allow) D:\hry\hellletlooseg0wu4\hll\binaries\win64\hllepicgamesstore-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]
FirewallRules: [UDP Query User{4D8FAF87-D6F1-4968-BF56-72343EEEF40A}D:\hry\hellletlooseg0wu4\hll\binaries\win64\hllepicgamesstore-win64-shipping.exe] => (Allow) D:\hry\hellletlooseg0wu4\hll\binaries\win64\hllepicgamesstore-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]
FirewallRules: [{686E000C-9080-4815-9E5B-8D171CA85764}] => (Allow) D:\Programy\steam\steamapps\common\F1 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8169145E-EF75-4952-B9CF-708F2F1710AD}] => (Allow) D:\Programy\steam\steamapps\common\F1 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{881CF6E4-7E58-493D-ADA2-8B77A08813DD}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C4540F7D-5D0F-458E-8AAD-F71E3AD6EA9A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9F3E510B-7E6F-4DA3-9222-AAE8A5B06FD9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{947C444F-6CCE-48AE-9C03-59F58DA943DB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{94ECAB7E-C02C-4E3F-A0A5-8B267F1AEB2B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E9FB9C31-2662-415A-903E-43982C30AF0A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{70CC4EB7-DBD5-4894-8884-46DF8695A64D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8480D18F-BA20-4800-AE31-8747C31D15A6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{FA25B932-978D-4FAF-B277-DE60BDAFAA84}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{35A245AA-0E7F-4E86-B319-10B49E6C43D4}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7F61DBE9-305B-4950-8200-53754304F05F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{60CE00B3-FED6-40B0-BAE1-C78AF3FAAD83}] => (Allow) E:\SteamLibrary\steamapps\common\FlatOut\FlatOut.exe (Jordan Freeman Group, LLC. -> )
FirewallRules: [{C17B3D3D-E4AD-4996-96C5-A0636C44D9CC}] => (Allow) E:\SteamLibrary\steamapps\common\FlatOut\FlatOut.exe (Jordan Freeman Group, LLC. -> )
FirewallRules: [{DB560289-16DA-47E7-8FA3-3D0DE5385F65}] => (Allow) E:\SteamLibrary\steamapps\common\FlatOut\mods\FlatOut Mod Manager.exe (Jordan Freeman Group, LLC. -> )
FirewallRules: [{AD7817E6-A299-439C-8AA1-6E687E853D40}] => (Allow) E:\SteamLibrary\steamapps\common\FlatOut\mods\FlatOut Mod Manager.exe (Jordan Freeman Group, LLC. -> )
FirewallRules: [{384CCC12-8C3E-43AA-AD6C-C6326CAA1037}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A4DA469-EF33-417F-B5EE-85CE00D98B82}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79603440-8BFA-47AB-819D-529ECF6C45BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{44837D10-17D7-4B12-862B-BC09DBE93E36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D11227A-6A6C-49A5-B9C3-5DFFC9AC8ADE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AE593F65-3E04-4CE3-BC4D-03D579C245E2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BFA41070-657B-4D0A-B905-6D9038F43A1D}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.34.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{09EFDFE7-ED51-4DE7-BB70-8AECCE5B831D}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.34.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{25C10266-6351-4BA4-B960-0152E69B7661}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.34.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{323487C8-85A1-4B7A-A226-EA334D629753}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.34.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
==================== Restore Points =========================
11-03-2025 20:54:42 Instalační služba modulů systému Windows
11-03-2025 20:55:24 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/13/2025 09:29:10 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/13/2025 09:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ArmourySocketServer.exe, verze: 0.1.20.13, časové razítko: 0x66bb1e92
Název chybujícího modulu: ArmourySocketServer.exe, verze: 0.1.20.13, časové razítko: 0x66bb1e92
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000011f0c1
ID chybujícího procesu: 0x4558
Čas spuštění chybující aplikace: 0x01db93fc85457402
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
ID zprávy: e56c4635-f4ea-4f24-b0ae-6206d4852505
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/13/2025 09:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Studio.exe verze 2022.3.20.49918 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 4740
Čas spuštění: 01db9435f407072f
Čas ukončení: 4294967295
Cesta k aplikaci: D:\Programy\Studio 2.0\Studio.exe
ID hlášení: de667b86-3535-4c74-917b-ee537b5b950d
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (03/13/2025 09:24:58 PM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: The GPU has been disconnected and this application may become unresponsive.
Error code: 10
(pid=20880 tid=6236 sketchbook.exe 64bit)
Visit http://www.nvidia.com/page/support.html for more information.
Error: (03/13/2025 09:24:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 134.0.6998.89, časové razítko: 0x67cb6614
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.5607, časové razítko: 0x18768d24
Kód výjimky: 0xe0000008
Posun chyby: 0x000000000003b699
ID chybujícího procesu: 0x5100
Čas spuštění chybující aplikace: 0x01db944d87ec3ce8
Cesta k chybující aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 04fa246e-9bec-4566-b0af-3035d044a39d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/13/2025 10:44:29 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1003) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo vyvolat poskytovatele jako odpověď na událost 256. Kód chyby 2147942593.
Error: (03/13/2025 10:44:29 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1001) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo načíst poskytovatele pautoenr.dll. Kód chyby 193.
Error: (03/12/2025 04:02:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Disk Ž (Ž:) (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (03/14/2025 11:59:18 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/13/2025 09:33:51 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/13/2025 09:30:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (03/13/2025 08:46:33 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR3.
Error: (03/13/2025 03:48:43 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/13/2025 10:44:30 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/12/2025 03:48:43 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/12/2025 03:45:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Windows Defender:
================
Date: 2025-03-13 17:08:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-12 18:01:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-09 09:42:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-06 16:45:57
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-05 16:01:33
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Event[0]:
Date: 2024-12-11 22:07:42
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Aktuální
Error Code: 0x80501102
Error description: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Security intelligence Version: 1.421.739.0;1.421.739.0
Engine Version: 1.1.24090.11
Date: 2024-08-26 20:39:42
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.323.0
Update Source: Server Microsoft Update
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24070.3
Error code: 0x8024402c
Error description: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2024-08-26 15:59:17
Description:
Antivirová ochrana v programu Microsoft Defender Real-Time Protection feature has encountered an error and failed.
Feature: Při přístupu
Error Code: 0x8007043c
Error description: Tuto službu nelze spustit v nouzovém režimu.
Reason: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-07-28 20:22:14
Description:
Antivirová ochrana v programu Microsoft Defender Real-Time Protection feature has encountered an error and failed.
Feature: Při přístupu
Error Code: 0x8007043c
Error description: Tuto službu nelze spustit v nouzovém režimu.
Reason: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-07-27 17:59:59
Description:
Antivirová ochrana v programu Microsoft Defender Real-Time Protection feature has encountered an error and failed.
Feature: Při přístupu
Error Code: 0x8007043c
Error description: Tuto službu nelze spustit v nouzovém režimu.
Reason: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
CodeIntegrity:
===============
Date: 2024-09-01 09:53:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Programy\malwarebytes\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-09-01 09:53:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Programy\malwarebytes\mbamsi64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 3222 03/05/2025
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B650-PLUS
Processor: AMD Ryzen 5 7500F 6-Core Processor
Percentage of memory in use: 17%
Total physical RAM: 32425.68 MB
Available physical RAM: 26882.78 MB
Total Virtual: 34473.68 MB
Available Virtual: 22703.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:198.44 GB) (Free:92.46 GB) (Model: WD Blue SN580 1TB) NTFS
Drive d: (Disk D) (Fixed) (Total:732.42 GB) (Free:208.69 GB) (Model: WD Blue SN580 1TB) NTFS
Drive e: (Disk Ž (Ž:)) (Fixed) (Total:596.17 GB) (Free:251.73 GB) (Model: Hitachi HTS547564A9E384) NTFS
\\?\Volume{80237ecf-4ff5-4115-a01d-b474f09a5656}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{ad3ebaf8-edcf-4d51-af4b-1973f0028761}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: F7C4B322)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prevence
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence
Zdarvím!
Dostal jsem od kolegy souhlas, takže vá to zkontroluji.
Dostal jsem od kolegy souhlas, takže vá to zkontroluji.
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\...\Run: [AOC G-Menu] => D:\Programy\AOC G-Menu\DisplayTune.exe startup_folder (No File)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c1ed66a4660de9da\RtkAudUService64.exe [1672528 2023-05-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [G-Menu] => D:\Programy\G-menu\G-Menu.exe --openAsHidden (No File)
HKLM\...\Run: [AOC G-Menu] => D:\Programy\AOC G-Menu\DisplayTune.exe startup_folder (No File)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c1ed66a4660de9da\RtkAudUService64.exe [1672528 2023-05-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [G-Menu] => D:\Programy\G-menu\G-Menu.exe --openAsHidden (No File)
Task: {ECC9E40E-238E-4784-B2A8-636E5EA4A66F} - System32\Tasks\AMDRyzenMasterSDKTask => "C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe" (No File)
Task: {D19F0502-5E43-4380-B61D-DCF2208C4410} - System32\Tasks\ASUS\Aura Wallpaper Service => C:\Program Files\ASUS\Aura Wallpaper Service\Aura Wallpaper Service.exe (No File)
Task: {5992F2D2-FCCC-4D28-8DBC-3BF6F3176FA0} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {25EB1BE6-C34B-430B-BBD3-F091539DA6D4} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (No File)
Task: {9C8504DD-4491-46F4-845E-8FD42806990B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (No File)
Task: {328D1C19-73A7-4F37-89D7-B82FB99515F8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (No File)
C:\DumpStack.log.tmp
C:\Users\Petr\AppData\Roaming\.cache9050425797200915815.dat
FirewallRules: [{C42CB6DD-1089-439E-B1B7-DD156BEEC1ED}] => (Allow) C:\Users\Petr\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{C95BF68A-3494-4320-B562-876BFE30121B}] => (Allow) C:\Users\Petr\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [TCP Query User{AB9B8C29-3855-408A-8705-B52D4EA590F9}D:\programy\g-menu\g-menu.exe] => (Allow) D:\programy\g-menu\g-menu.exe => No File
FirewallRules: [UDP Query User{7E7680E0-C977-40C2-A186-59E98944DE43}D:\programy\g-menu\g-menu.exe] => (Allow) D:\programy\g-menu\g-menu.exe => No File
FirewallRules: [TCP Query User{619EBECD-7F1D-40E3-94FA-96C98071E781}D:\programy\g-menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g-menu\resources\bin\g_menu.exe => No File
FirewallRules: [UDP Query User{DD085BC0-9217-4CC8-81F6-BAD2856C9180}D:\programy\g-menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g-menu\resources\bin\g_menu.exe => No File
FirewallRules: [TCP Query User{C521EDE9-4ACC-4D9A-998F-4B96A05C1ED5}D:\hry\rdr 2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr 2\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{1D9FA4A9-7F31-4B64-BC9A-3CE1EA315323}D:\hry\rdr 2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr 2\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{AF5CC6D5-B4B9-446D-B32A-6A0310938FB0}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [{9BC7582D-1CF0-46D7-952C-C1516B095159}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [TCP Query User{B7945F01-7D14-4820-ADAD-4862D7E88ADE}D:\programy\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programy\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{281659DC-82F0-4E09-96AD-110E7A301BB4}D:\programy\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programy\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{14F0F635-6C28-4FFA-872B-398956047EF2}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{9FB89357-57A4-4096-B982-AE6AAE19FE68}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{8597FCD7-BCAC-408C-8E04-C65D4084F8C4}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{05994277-468A-4366-8868-F17ABF1D2279}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{8594BD89-C6B2-4846-967C-BAA200D4FF88}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe] => (Block) C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe => No File
FirewallRules: [UDP Query User{196C020A-989B-4BF2-A204-F3C7BD5A90E1}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe] => (Block) C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe => No File
FirewallRules: [TCP Query User{48DFBF33-6E5F-47E4-BD9C-08595D5E33A6}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe => No File
FirewallRules: [UDP Query User{D2A3641C-8DDB-41F3-B919-5DE90AA4CA3A}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe => No File
FirewallRules: [TCP Query User{3F7F13AE-87CD-48FC-845B-5782778FB3DD}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe => No File
FirewallRules: [UDP Query User{21800104-9440-42EF-AC21-F63205B0132E}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence
Bylo v pc něco vyloženě špatně? 
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-03-2025
Ran by Petr (14-03-2025 19:54:29) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AOC G-Menu] => D:\Programy\AOC G-Menu\DisplayTune.exe startup_folder (No File)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c1ed66a4660de9da\RtkAudUService64.exe [1672528 2023-05-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [G-Menu] => D:\Programy\G-menu\G-Menu.exe --openAsHidden (No File)
HKLM\...\Run: [AOC G-Menu] => D:\Programy\AOC G-Menu\DisplayTune.exe startup_folder (No File)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c1ed66a4660de9da\RtkAudUService64.exe [1672528 2023-05-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [G-Menu] => D:\Programy\G-menu\G-Menu.exe --openAsHidden (No File)
Task: {ECC9E40E-238E-4784-B2A8-636E5EA4A66F} - System32\Tasks\AMDRyzenMasterSDKTask => "C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe" (No File)
Task: {D19F0502-5E43-4380-B61D-DCF2208C4410} - System32\Tasks\ASUS\Aura Wallpaper Service => C:\Program Files\ASUS\Aura Wallpaper Service\Aura Wallpaper Service.exe (No File)
Task: {5992F2D2-FCCC-4D28-8DBC-3BF6F3176FA0} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {25EB1BE6-C34B-430B-BBD3-F091539DA6D4} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (No File)
Task: {9C8504DD-4491-46F4-845E-8FD42806990B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (No File)
Task: {328D1C19-73A7-4F37-89D7-B82FB99515F8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (No File)
C:\DumpStack.log.tmp
C:\Users\Petr\AppData\Roaming\.cache9050425797200915815.dat
FirewallRules: [{C42CB6DD-1089-439E-B1B7-DD156BEEC1ED}] => (Allow) C:\Users\Petr\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{C95BF68A-3494-4320-B562-876BFE30121B}] => (Allow) C:\Users\Petr\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [TCP Query User{AB9B8C29-3855-408A-8705-B52D4EA590F9}D:\programy\g-menu\g-menu.exe] => (Allow) D:\programy\g-menu\g-menu.exe => No File
FirewallRules: [UDP Query User{7E7680E0-C977-40C2-A186-59E98944DE43}D:\programy\g-menu\g-menu.exe] => (Allow) D:\programy\g-menu\g-menu.exe => No File
FirewallRules: [TCP Query User{619EBECD-7F1D-40E3-94FA-96C98071E781}D:\programy\g-menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g-menu\resources\bin\g_menu.exe => No File
FirewallRules: [UDP Query User{DD085BC0-9217-4CC8-81F6-BAD2856C9180}D:\programy\g-menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g-menu\resources\bin\g_menu.exe => No File
FirewallRules: [TCP Query User{C521EDE9-4ACC-4D9A-998F-4B96A05C1ED5}D:\hry\rdr 2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr 2\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{1D9FA4A9-7F31-4B64-BC9A-3CE1EA315323}D:\hry\rdr 2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr 2\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{AF5CC6D5-B4B9-446D-B32A-6A0310938FB0}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [{9BC7582D-1CF0-46D7-952C-C1516B095159}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [TCP Query User{B7945F01-7D14-4820-ADAD-4862D7E88ADE}D:\programy\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programy\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{281659DC-82F0-4E09-96AD-110E7A301BB4}D:\programy\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programy\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{14F0F635-6C28-4FFA-872B-398956047EF2}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{9FB89357-57A4-4096-B982-AE6AAE19FE68}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{8597FCD7-BCAC-408C-8E04-C65D4084F8C4}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{05994277-468A-4366-8868-F17ABF1D2279}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{8594BD89-C6B2-4846-967C-BAA200D4FF88}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe] => (Block) C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe => No File
FirewallRules: [UDP Query User{196C020A-989B-4BF2-A204-F3C7BD5A90E1}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe] => (Block) C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe => No File
FirewallRules: [TCP Query User{48DFBF33-6E5F-47E4-BD9C-08595D5E33A6}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe => No File
FirewallRules: [UDP Query User{D2A3641C-8DDB-41F3-B919-5DE90AA4CA3A}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe => No File
FirewallRules: [TCP Query User{3F7F13AE-87CD-48FC-845B-5782778FB3DD}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe => No File
FirewallRules: [UDP Query User{21800104-9440-42EF-AC21-F63205B0132E}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AOC G-Menu" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RtkAudUService" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\usbfltrb" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\Software\Microsoft\Windows\CurrentVersion\Run\\G-Menu" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AOC G-Menu" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RtkAudUService" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\usbfltrb" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => not found
"HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\Software\Microsoft\Windows\CurrentVersion\Run\\G-Menu" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECC9E40E-238E-4784-B2A8-636E5EA4A66F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECC9E40E-238E-4784-B2A8-636E5EA4A66F}" => removed successfully
C:\Windows\System32\Tasks\AMDRyzenMasterSDKTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMDRyzenMasterSDKTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D19F0502-5E43-4380-B61D-DCF2208C4410}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D19F0502-5E43-4380-B61D-DCF2208C4410}" => removed successfully
C:\Windows\System32\Tasks\ASUS\Aura Wallpaper Service => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\Aura Wallpaper Service" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5992F2D2-FCCC-4D28-8DBC-3BF6F3176FA0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5992F2D2-FCCC-4D28-8DBC-3BF6F3176FA0}" => removed successfully
C:\Windows\System32\Tasks\ASUS\P508PowerAgent_sdk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25EB1BE6-C34B-430B-BBD3-F091539DA6D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25EB1BE6-C34B-430B-BBD3-F091539DA6D4}" => removed successfully
C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_ipoint_exe" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C8504DD-4491-46F4-845E-8FD42806990B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C8504DD-4491-46F4-845E-8FD42806990B}" => removed successfully
C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_itype_exe" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{328D1C19-73A7-4F37-89D7-B82FB99515F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{328D1C19-73A7-4F37-89D7-B82FB99515F8}" => removed successfully
C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\Petr\AppData\Roaming\.cache9050425797200915815.dat => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C42CB6DD-1089-439E-B1B7-DD156BEEC1ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C95BF68A-3494-4320-B562-876BFE30121B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AB9B8C29-3855-408A-8705-B52D4EA590F9}D:\programy\g-menu\g-menu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E7680E0-C977-40C2-A186-59E98944DE43}D:\programy\g-menu\g-menu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{619EBECD-7F1D-40E3-94FA-96C98071E781}D:\programy\g-menu\resources\bin\g_menu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DD085BC0-9217-4CC8-81F6-BAD2856C9180}D:\programy\g-menu\resources\bin\g_menu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C521EDE9-4ACC-4D9A-998F-4B96A05C1ED5}D:\hry\rdr 2\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1D9FA4A9-7F31-4B64-BC9A-3CE1EA315323}D:\hry\rdr 2\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF5CC6D5-B4B9-446D-B32A-6A0310938FB0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BC7582D-1CF0-46D7-952C-C1516B095159}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B7945F01-7D14-4820-ADAD-4862D7E88ADE}D:\programy\wargaming.net\gamecenter\wgc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{281659DC-82F0-4E09-96AD-110E7A301BB4}D:\programy\wargaming.net\gamecenter\wgc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{14F0F635-6C28-4FFA-872B-398956047EF2}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9FB89357-57A4-4096-B982-AE6AAE19FE68}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8597FCD7-BCAC-408C-8E04-C65D4084F8C4}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{05994277-468A-4366-8868-F17ABF1D2279}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8594BD89-C6B2-4846-967C-BAA200D4FF88}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{196C020A-989B-4BF2-A204-F3C7BD5A90E1}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{48DFBF33-6E5F-47E4-BD9C-08595D5E33A6}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D2A3641C-8DDB-41F3-B919-5DE90AA4CA3A}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3F7F13AE-87CD-48FC-845B-5782778FB3DD}C:\program files\trezor suite\trezor suite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{21800104-9440-42EF-AC21-F63205B0132E}C:\program files\trezor suite\trezor suite.exe" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2159622506 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 659946564 B
Windows/system/drivers => 5981014 B
Edge => 0 B
Chrome => 2276857212 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 199 B
systemprofile32 => 221 B
LocalService => 7617 B
NetworkService => 208561 B
Petr => 225655213 B
RecycleBin => 0 B
EmptyTemp: => 5 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-03-2025 19:57:34)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 19:57:34 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-03-2025
Ran by Petr (14-03-2025 19:54:29) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AOC G-Menu] => D:\Programy\AOC G-Menu\DisplayTune.exe startup_folder (No File)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c1ed66a4660de9da\RtkAudUService64.exe [1672528 2023-05-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [G-Menu] => D:\Programy\G-menu\G-Menu.exe --openAsHidden (No File)
HKLM\...\Run: [AOC G-Menu] => D:\Programy\AOC G-Menu\DisplayTune.exe startup_folder (No File)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c1ed66a4660de9da\RtkAudUService64.exe [1672528 2023-05-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\...\Run: [G-Menu] => D:\Programy\G-menu\G-Menu.exe --openAsHidden (No File)
Task: {ECC9E40E-238E-4784-B2A8-636E5EA4A66F} - System32\Tasks\AMDRyzenMasterSDKTask => "C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe" (No File)
Task: {D19F0502-5E43-4380-B61D-DCF2208C4410} - System32\Tasks\ASUS\Aura Wallpaper Service => C:\Program Files\ASUS\Aura Wallpaper Service\Aura Wallpaper Service.exe (No File)
Task: {5992F2D2-FCCC-4D28-8DBC-3BF6F3176FA0} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {25EB1BE6-C34B-430B-BBD3-F091539DA6D4} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (No File)
Task: {9C8504DD-4491-46F4-845E-8FD42806990B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (No File)
Task: {328D1C19-73A7-4F37-89D7-B82FB99515F8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (No File)
C:\DumpStack.log.tmp
C:\Users\Petr\AppData\Roaming\.cache9050425797200915815.dat
FirewallRules: [{C42CB6DD-1089-439E-B1B7-DD156BEEC1ED}] => (Allow) C:\Users\Petr\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{C95BF68A-3494-4320-B562-876BFE30121B}] => (Allow) C:\Users\Petr\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [TCP Query User{AB9B8C29-3855-408A-8705-B52D4EA590F9}D:\programy\g-menu\g-menu.exe] => (Allow) D:\programy\g-menu\g-menu.exe => No File
FirewallRules: [UDP Query User{7E7680E0-C977-40C2-A186-59E98944DE43}D:\programy\g-menu\g-menu.exe] => (Allow) D:\programy\g-menu\g-menu.exe => No File
FirewallRules: [TCP Query User{619EBECD-7F1D-40E3-94FA-96C98071E781}D:\programy\g-menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g-menu\resources\bin\g_menu.exe => No File
FirewallRules: [UDP Query User{DD085BC0-9217-4CC8-81F6-BAD2856C9180}D:\programy\g-menu\resources\bin\g_menu.exe] => (Allow) D:\programy\g-menu\resources\bin\g_menu.exe => No File
FirewallRules: [TCP Query User{C521EDE9-4ACC-4D9A-998F-4B96A05C1ED5}D:\hry\rdr 2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr 2\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{1D9FA4A9-7F31-4B64-BC9A-3CE1EA315323}D:\hry\rdr 2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr 2\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{AF5CC6D5-B4B9-446D-B32A-6A0310938FB0}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [{9BC7582D-1CF0-46D7-952C-C1516B095159}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [TCP Query User{B7945F01-7D14-4820-ADAD-4862D7E88ADE}D:\programy\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programy\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{281659DC-82F0-4E09-96AD-110E7A301BB4}D:\programy\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\programy\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{14F0F635-6C28-4FFA-872B-398956047EF2}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{9FB89357-57A4-4096-B982-AE6AAE19FE68}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{8597FCD7-BCAC-408C-8E04-C65D4084F8C4}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{05994277-468A-4366-8868-F17ABF1D2279}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{8594BD89-C6B2-4846-967C-BAA200D4FF88}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe] => (Block) C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe => No File
FirewallRules: [UDP Query User{196C020A-989B-4BF2-A204-F3C7BD5A90E1}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe] => (Block) C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe => No File
FirewallRules: [TCP Query User{48DFBF33-6E5F-47E4-BD9C-08595D5E33A6}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe => No File
FirewallRules: [UDP Query User{D2A3641C-8DDB-41F3-B919-5DE90AA4CA3A}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe => No File
FirewallRules: [TCP Query User{3F7F13AE-87CD-48FC-845B-5782778FB3DD}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe => No File
FirewallRules: [UDP Query User{21800104-9440-42EF-AC21-F63205B0132E}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AOC G-Menu" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RtkAudUService" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\usbfltrb" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\Software\Microsoft\Windows\CurrentVersion\Run\\G-Menu" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AOC G-Menu" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RtkAudUService" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\usbfltrb" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => not found
"HKU\S-1-5-21-3845522762-3943333843-1076900623-1001\Software\Microsoft\Windows\CurrentVersion\Run\\G-Menu" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECC9E40E-238E-4784-B2A8-636E5EA4A66F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECC9E40E-238E-4784-B2A8-636E5EA4A66F}" => removed successfully
C:\Windows\System32\Tasks\AMDRyzenMasterSDKTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMDRyzenMasterSDKTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D19F0502-5E43-4380-B61D-DCF2208C4410}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D19F0502-5E43-4380-B61D-DCF2208C4410}" => removed successfully
C:\Windows\System32\Tasks\ASUS\Aura Wallpaper Service => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\Aura Wallpaper Service" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5992F2D2-FCCC-4D28-8DBC-3BF6F3176FA0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5992F2D2-FCCC-4D28-8DBC-3BF6F3176FA0}" => removed successfully
C:\Windows\System32\Tasks\ASUS\P508PowerAgent_sdk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25EB1BE6-C34B-430B-BBD3-F091539DA6D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25EB1BE6-C34B-430B-BBD3-F091539DA6D4}" => removed successfully
C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_ipoint_exe" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C8504DD-4491-46F4-845E-8FD42806990B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C8504DD-4491-46F4-845E-8FD42806990B}" => removed successfully
C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_itype_exe" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{328D1C19-73A7-4F37-89D7-B82FB99515F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{328D1C19-73A7-4F37-89D7-B82FB99515F8}" => removed successfully
C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\Petr\AppData\Roaming\.cache9050425797200915815.dat => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C42CB6DD-1089-439E-B1B7-DD156BEEC1ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C95BF68A-3494-4320-B562-876BFE30121B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AB9B8C29-3855-408A-8705-B52D4EA590F9}D:\programy\g-menu\g-menu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E7680E0-C977-40C2-A186-59E98944DE43}D:\programy\g-menu\g-menu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{619EBECD-7F1D-40E3-94FA-96C98071E781}D:\programy\g-menu\resources\bin\g_menu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DD085BC0-9217-4CC8-81F6-BAD2856C9180}D:\programy\g-menu\resources\bin\g_menu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C521EDE9-4ACC-4D9A-998F-4B96A05C1ED5}D:\hry\rdr 2\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1D9FA4A9-7F31-4B64-BC9A-3CE1EA315323}D:\hry\rdr 2\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF5CC6D5-B4B9-446D-B32A-6A0310938FB0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BC7582D-1CF0-46D7-952C-C1516B095159}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B7945F01-7D14-4820-ADAD-4862D7E88ADE}D:\programy\wargaming.net\gamecenter\wgc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{281659DC-82F0-4E09-96AD-110E7A301BB4}D:\programy\wargaming.net\gamecenter\wgc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{14F0F635-6C28-4FFA-872B-398956047EF2}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9FB89357-57A4-4096-B982-AE6AAE19FE68}D:\hry\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8597FCD7-BCAC-408C-8E04-C65D4084F8C4}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{05994277-468A-4366-8868-F17ABF1D2279}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8594BD89-C6B2-4846-967C-BAA200D4FF88}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{196C020A-989B-4BF2-A204-F3C7BD5A90E1}C:\users\petr\downloads\halfsword-win\half sword\halfswordue5\binaries\win64\halfswordue5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{48DFBF33-6E5F-47E4-BD9C-08595D5E33A6}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D2A3641C-8DDB-41F3-B919-5DE90AA4CA3A}C:\users\petr\appdata\local\programs\trezor suite\trezor suite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3F7F13AE-87CD-48FC-845B-5782778FB3DD}C:\program files\trezor suite\trezor suite.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{21800104-9440-42EF-AC21-F63205B0132E}C:\program files\trezor suite\trezor suite.exe" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2159622506 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 659946564 B
Windows/system/drivers => 5981014 B
Edge => 0 B
Chrome => 2276857212 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 199 B
systemprofile32 => 221 B
LocalService => 7617 B
NetworkService => 208561 B
Petr => 225655213 B
RecycleBin => 0 B
EmptyTemp: => 5 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-03-2025 19:57:34)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 19:57:34 ====
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence
Jsou to pouze zbytečnosti. Byly smazány, PC by mělo být o trochu rychlejší.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence
Děkuji, posílám příspěvek. 
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence
Za příspěvek děkujeme a vy nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?