Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Jenda297
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 dub 2025 07:36

Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#1 Příspěvek od Jenda297 »

Dobrý den vážení, prosím o kontrolu logů a pomoc s odstraněním havěti.
Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
Ran by Pepík (administrator) on GAME_PC (Gigabyte Technology Co., Ltd. B550M DS3H AC) (13-04-2025 10:11:55)
Running from C:\Users\Pepík\Desktop\FRST64.exe
Loaded Profiles: Pepík & SQLTELEMETRY$WINCC
Platform: Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe ->) (Siemens AG -> Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oPNDiscoveryx64.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\um.Ris.exe
(C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\um.sso.exe
(Discord Inc. -> Discord Inc.) C:\Users\Pepík\AppData\Local\Discord\app-1.0.9188\Discord.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (GAIJIN NETWORK LTD -> Gaijin) C:\Users\Pepík\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <34>
(explorer.exe ->) (Rainmeter Team -> Rainmeter) [File not signed] C:\Program Files\Rainmeter\Rainmeter.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\UMTrayIcon.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\Installer\setup.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Siemens\Automation\TIAADMIN\server\node.exe <2>
(services.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN Connect\agent_ovpnconnect.exe
(services.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9f05190a2befb920\RtkAudUService64.exe <2>
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\ace\bin\CCAgent.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\ace\bin\CCEServer_x64.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\ace\bin\SCSDistServiceX.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\ace\bin\SCSMX.exe
(services.exe ->) (SIEMENS AG -> Siemens AG) C:\Program Files (x86)\Common Files\Siemens\bin\CCRemoteService.exe
(services.exe ->) (SIEMENS AG -> Siemens AG) C:\Program Files (x86)\Common Files\Siemens\commonarchiving\CCDBUtils.exe
(services.exe ->) (Siemens AG -> Siemens AG) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCProjectMgr.exe
(services.exe ->) (Siemens AG -> Siemens AG) C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\SmartServer.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oPNDiscoveryx64.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(services.exe ->) (SIEMENS AG -> Siemens AG) C:\Program Files\Common Files\Siemens\ETWEventCollector\bin\Siemens.Automation.Tracing.ETW.EventCollector.ServiceHost.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe
(services.exe ->) (Siemens AG -> SoftwareOption GmbH) C:\Program Files\Common Files\Siemens\SimNetCom\TraceConceptX.exe
(services.exe ->) (Siemens AG) [File not signed] C:\Program Files\Common Files\Siemens\TelemetryConnector\bin\Siemens.Simatic.TelemetryConnector.WindowsService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Siemens AG -> Siemens AG) C:\Program Files\Siemens\Automation\TIAADMIN\server\modules\soft\native\TiaAdminNotifier.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2503.1001.9.0_x64__8wekyb3d8bbwe\XboxPcTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25022.57.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(sihost.exe ->) (Musecy SM Ltd. -> Muse) C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2514.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2503.1001.9.0_x64__8wekyb3d8bbwe\XboxPcApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2503.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (SIEMENS AG -> Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4143376 2025-03-19] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9f05190a2befb920\RtkAudUService64.exe [2150760 2024-05-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CCUCSurrogate.exe] => C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCUCSurrogate.exe [342536 2023-11-02] (Siemens AG -> )
HKLM-x32\...\Run: [TIAAdminNotifier] => C:\Program Files\Siemens\Automation\TIAADMIN\server\modules\soft\native\TIAAdminNotifier.exe [45064 2022-10-21] (Siemens AG -> Siemens AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-598124734-1471702195-2874904135-1001\...\Run: [MicrosoftEdgeAutoLaunch_3EB89BCE30DDECA22A17FD5E3B8732EE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4418112 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4694624 2025-04-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37357584 2025-04-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Gaijin.Net Updater] => C:\Users\Pepík\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [3067056 2024-02-14] (GAIJIN NETWORK LTD -> Gaijin)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Opera GX Stable] => C:\Users\Pepík\AppData\Local\Programs\Opera GX\opera.exe [1534856 2025-04-04] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Discord] => C:\Users\Pepík\AppData\Local\Discord\Update.exe [1505792 2024-11-25] (Discord Inc.) [File not signed]
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\Pepík\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37357584 2025-04-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Discord] => C:\Users\Kubík\AppData\Local\Discord\Update.exe [1525024 2024-02-20] (Discord Inc. -> GitHub)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [74683360 2025-04-01] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1892608 2025-03-31] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Gaijin.Net Updater] => C:\Users\Kubík\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [3067056 2024-02-14] (GAIJIN NETWORK LTD -> Gaijin)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [launcher] => C:\Program Files\Epic Games\WutheringWavesj3oFh\launcher.exe [15345976 2025-02-23] (KURO TECHNOLOGY (HONG KONG) CO., LIMITED -> Guangzhou Kuro Technology)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Medal] => C:\Users\Kubík\AppData\Local\Medal\update.exe [1962856 2025-04-04] (Ferox Games B.V. -> )
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Opera GX Stable] => C:\Users\Kubík\AppData\Local\Programs\Opera GX\opera.exe [1534856 2025-04-04] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Opera GX Browser Assistant] => C:\Users\Kubík\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Microsoft.Lists] => C:\Users\Kubík\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\Microsoft.SharePoint.exe [1030440 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3786848 2025-04-03] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-598124734-1471702195-2874904135-1004\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981632 2025-04-12] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-598124734-1471702195-2874904135-1004\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [45980192 2024-11-08] (NGWIN Software co. -> NGWIN)
HKLM\Software\...\AppCompatFlags\Custom\Siemens.Automation.Portal.exe: [{479eafda-32b8-47e0-9c89-d68f3b8a098f}.sdb] -> Siemens.Automation.Portal.exe
HKLM\Software\...\AppCompatFlags\InstalledSDB\{479eafda-32b8-47e0-9c89-d68f3b8a098f}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{479eafda-32b8-47e0-9c89-d68f3b8a098f}.sdb [2021-04-21]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.85\Installer\chrmstp.exe [2025-04-11] (Google LLC -> Google LLC)
Startup: C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2025-02-20]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter Team -> Rainmeter) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\INZONE Hub.lnk [2024-12-25]
ShortcutTarget: INZONE Hub.lnk -> C:\Program Files\Sony\INZONE Hub\INZONEHub.exe (Sony Corporation -> Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UMTrayicon.exe [2021-07-08] (SIEMENS AG) [symlink -> C:\Program Files\Siemens\Automation\UserManagement\BIN\UMTrayicon.exe]

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {67627C21-4C89-415A-B47F-9303E3F579A1} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [672064 2023-11-16] (Advanced Micro Devices Inc. -> )
Task: {3BC2FA3B-6524-4385-94FA-C008ABA5B2F2} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Pepík\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2025-01-06] (ESET, spol. s r.o. -> ESET)
Task: {07B90453-047D-46AC-9A0A-FD88F6FA7676} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Pepík\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2025-01-06] (ESET, spol. s r.o. -> ESET)
Task: {6364DF76-1BFC-4160-AD52-18383C986B81} - System32\Tasks\GCC => C:\Program Files\GIGABYTE\Control Center\GCC.exe [35403888 2024-06-27] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) -> C:\Program Files\GIGABYTE\Control Center\\-b
Task: {6225C0B4-11AE-400F-BE56-D3139C196654} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7115.0{16C3833B-C624-4F5A-AB38-2E341650135D} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7115.0\updater.exe [7360096 2025-04-08] (Google LLC -> Google LLC)
Task: {DB48C1A4-1083-4438-800E-95DAC69A4D48} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [255040 2024-10-26] (Microsoft Corporation -> Microsoft)
Task: {67CCD214-A373-4E2B-A450-7FE097A15919} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-04-09] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {E5150FC2-3919-43F2-9812-C82351280297} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {69A96C23-CEBE-4E2A-8989-EF20D84355BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {145D2929-DCA1-4DEF-97D9-B8BEC97CF2AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A5FAADF-1C4C-4930-B409-80EA0DCFBCCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C402A8C-63FF-4126-9D88-FB0F07C6AE79} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3275808 2025-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4584BFDD-A1B9-4898-922C-34E73312EF33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5BD3E26-0FAF-47A5-B3FE-57034F65E5A8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D4BC268-BB9D-4511-8E85-D2A410A10B54} - System32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1002 => C:\Users\Pepík\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C8CD0AA-CF2B-4D16-8F49-0BCFE5709336} - System32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1003 => C:\Users\Kubík\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6CE320E-E2F7-4283-AFD1-8C666867B6C3} - System32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1004 => C:\Users\Honza\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {93532F16-8937-4FAC-8E98-0A85B2F20AF8} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1731093148 => C:\Users\Kubík\AppData\Local\Programs\Opera GX\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kubík\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {B4F64236-D95C-4264-9C1A-ADCD7D61E06A} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1738499635 => C:\Users\Pepík\AppData\Local\Programs\Opera GX\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Pepík\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {206FA742-111B-44F6-8621-2595CDB3A815} - System32\Tasks\Opera GX scheduled Autoupdate 1727636541 => C:\Users\Kubík\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe [5661064 2025-04-03] (Opera Norway AS -> Opera Software)
Task: {197E35CA-ECB1-4002-AD03-6EA8959A9BE1} - System32\Tasks\Opera GX scheduled Autoupdate 1732297780 => C:\Users\Pepík\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe [5661064 2025-04-03] (Opera Norway AS -> Opera Software)
Task: {11D8B74E-D8CE-44EE-9D06-3717973E6648} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-03-31] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {229B8258-EF0C-490A-8E3D-3C82DA0E9EEA} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [728504 2023-08-04] (Advanced Micro Devices Inc. -> AMD)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a46bb4f-55a0-4cac-ad90-fb16b9cde3f3}: [DhcpNameServer] 192.168.56.27
Tcpip\..\Interfaces\{9af5bb01-570b-4408-82b8-65b3620035bb}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a48c8554-45b6-4342-beae-53bb0042d61b}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\Pepík\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\Pepík\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-13]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Pepík\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-06]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)

Chrome:
=======
CHR DefaultProfile: Guest Profile
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default [2025-04-13]
CHR Extension: (change-language) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2025-03-17]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (All Black - Full Dark Theme/Black Theme) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkplpffahhkjfocfbfapcemhhkgmljpn [2024-03-06]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Shazam: Find song names from your browser) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2025-02-13]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-06]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-04-13]
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-10]
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox","hxxps://www.zskomtu.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-06]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\System Profile [2025-04-13]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-598124734-1471702195-2874904135-1002) Opera GXStable - "C:\Users\Pepík\AppData\Local\Programs\Opera GX\opera.exe"
StartMenuInternet: (HKU\S-1-5-21-598124734-1471702195-2874904135-1003) Opera GXStable - "C:\Users\Kubík\AppData\Local\Programs\Opera GX\opera.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect.exe [4688488 2024-07-17] (OpenVPN Inc. -> )
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [2232328 2022-10-07] (Siemens AG -> SIEMENS AG)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe [527800 2023-08-04] (Advanced Micro Devices Inc. -> AMD)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3319424 2025-04-12] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [20285608 2025-04-04] (BattlEye Innovations e.K. -> )
R2 CCAgent; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\CCAgent.EXE [678224 2023-10-30] (Siemens AG -> SIEMENS AG)
S3 CCAlgIAlarmDataCollector; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCAlgIAlarmDataCollector.exe [226792 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCAlgRtServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CcAlgRtServer.exe [148968 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCArchiveManagerService; C:\Program Files (x86)\Common Files\Siemens\CommonArchiving\CCArchiveManager.EXE [1062888 2021-04-16] (SIEMENS AG -> Siemens AG)
R2 CCDBUtils; C:\Program Files (x86)\Common Files\Siemens\CommonArchiving\CCDBUtils.EXE [158696 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCDeltaLoader; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCDeltaLoader.exe [890856 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCEClient; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\CCEClient_x64.exe [470088 2023-10-30] (Siemens AG -> SIEMENS AG)
R2 CCEServer; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\CCEServer_x64.exe [410160 2023-10-30] (Siemens AG -> SIEMENS AG)
S3 CCLicenseService; C:\Program Files (x86)\Common Files\Siemens\bin\CCLicenseService.exe [699400 2023-11-02] (Siemens AG -> Siemens AG)
S3 CCNSInfo2Provider; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCNSInfo2Provider.exe [772072 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCOpcUaImporter; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\OPC\UAClient\UaConfigServer\CCOpcUaImporter.exe [2603536 2023-10-31] (Siemens AG -> SIEMENS AG)
S3 CCPackageMgr; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCPackageMgr.exe [556008 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCPerfMon; C:\Program Files (x86)\Common Files\Siemens\bin\CCPerfMon.exe [595344 2016-07-11] (Siemens AG -> Siemens AG)
S3 CCProfileServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCProfileServer.exe [113128 2021-04-16] (SIEMENS AG -> Siemens AG)
R2 CCProjectMgr; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCProjectMgr.exe [8013328 2023-11-02] (Siemens AG -> Siemens AG)
S3 CCRedundancyAgent-Service; C:\Program Files (x86)\Common Files\Siemens\CommonArchiving\CCRedundancyAgent.exe [907752 2021-04-16] (SIEMENS AG -> Siemens AG)
R2 CCRemoteService; C:\Program Files (x86)\Common Files\Siemens\bin\CCRemoteService.exe [139752 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCRtsLoader; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCRtsLoader_x64.exe [154088 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCSystemDiagnosticsHost; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCSystemDiagnosticsHost.exe [102376 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCTextServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCTextServer.exe [663016 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCTlgServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCTlgServer.exe [147944 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCTMTimeSyncServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCTMTimeSyncServer.exe [382952 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CcUaDAS; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\OPC\UAClient\UaDAS\CcUaDAS.exe [5774344 2023-10-31] (Siemens AG -> SIEMENS AG)
S3 CCUsrAcv; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCUsrAcv.exe [1773584 2023-11-02] (Siemens AG -> Siemens AG)
U2 cortsmartserver; C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\SmartServer.exe [906760 2023-11-16] (Siemens AG -> Siemens AG)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [18810976 2025-04-03] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-07-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [965872 2024-10-12] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [150640 2023-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3064848 2025-04-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [368088 2025-01-31] (Epic Games Inc. -> Epic Games, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSSQL$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlservr.exe [485048 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S3 MuseHub Updater Service; C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.Updater.exe [7815248 2025-01-31] (Musecy SM Ltd. -> Muse.Updater)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe [1275024 2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)
S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [131184 2023-12-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-03-31] (Overwolf Ltd -> Overwolf LTD)
R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [5218920 2024-07-17] (OpenVPN Inc. -> )
S3 RedundancyControl; C:\Program Files (x86)\Common Files\Siemens\ace\bin\RedundancyControl.exe [777392 2023-10-30] (Siemens AG -> SIEMENS AG)
S3 RedundancyState; C:\Program Files (x86)\Common Files\Siemens\ace\bin\RedundancyState.exe [292928 2023-10-30] (Siemens AG -> SIEMENS AG)
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [185968 2022-12-08] (Siemens AG -> SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [380792 2022-12-08] (Siemens AG -> SIEMENS AG)
R2 SCS Distribution Service; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\SCSDistServiceX.exe [367776 2023-10-30] (Siemens AG -> SIEMENS AG)
S3 SCSFsX; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\SCSFsX.exe [234568 2023-10-30] (Siemens AG -> SIEMENS AG)
R2 SCSMonitor; C:\Program Files (x86)\Common Files\Siemens\ace\bin\SCSMX.exe [308904 2023-10-30] (Siemens AG -> SIEMENS AG)
R2 Siemens Diagnostics Data Collector Service; C:\Program Files\Common Files\Siemens\ETWEventCollector\bin\Siemens.Automation.Tracing.ETW.EventCollector.ServiceHost.exe [31304 2021-04-21] (SIEMENS AG -> Siemens AG)
R2 Siemens Telemetry Connector Service; C:\Program Files\Common Files\Siemens\TelemetryConnector\bin\Siemens.Simatic.TelemetryConnector.WindowsService.exe [8704 2022-08-29] (Siemens AG) [File not signed]
R2 SiemensTiaAdmin; C:\Program Files\Siemens\Automation\TIAADMIN\server\node.exe [57937528 2022-10-21] (OpenJS Foundation -> Node.js)
R2 SIMATIC PnDiscovery Service; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oPNDiscoveryx64.exe [890456 2022-12-08] (Siemens AG -> SIEMENS AG)
S4 SQLAgent$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\SQLAGENT.EXE [578744 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlceip.exe [246968 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 TraceConceptX; C:\Program Files\Common Files\Siemens\SimNetCom\TraceConceptX.exe [114736 2022-06-20] (Siemens AG -> SoftwareOption GmbH)
S4 UMC Service; C:\Program Files\Siemens\Automation\UserManagement\BIN\UMCService.exe [350968 2021-07-08] (Siemens AG -> SIEMENS AG)
R2 umscsvc; C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe [489208 2021-07-08] (Siemens AG -> SIEMENS AG)
S4 UP Service; C:\Program Files\Siemens\Automation\UserManagement\BIN\UPService.exe [195320 2021-07-08] (Siemens AG -> SIEMENS AG)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [763024 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [40071784 2025-03-19] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [42544 2024-10-26] (Microsoft Corporation -> Microsoft)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [144000 2024-09-17] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [861328 2025-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [2182128 2024-09-14] (Microsoft Windows Hardware Compatibility Publisher -> ANTICHEATEXPERT.COM)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27920 2024-03-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 AudioMirror; C:\WINDOWS\System32\drivers\AudioMirror.sys [61800 2023-10-26] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 cortkbdrtmwdf; C:\Windows\system32\drivers\cortkbdrtmwdf.sys [25576 2021-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [34920 2024-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 dpmconv; C:\WINDOWS\System32\drivers\dpmconv.sys [268160 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Siemens AG)
R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [52432 2024-08-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 HoYoProtect; C:\Windows\system32\HoYoKProtect.sys [3875992 2025-02-18] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
S3 INZONEHS; C:\WINDOWS\System32\DriverStore\FileRepository\inzoneheadset.inf_amd64_596822367d9ba756\INZONEHeadset.sys [187840 2024-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-01] (Microsoft Windows -> Microsoft Corporation)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [92664 2024-05-22] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
S4 RsFx0500; C:\WINDOWS\System32\DRIVERS\RsFx0500.sys [261848 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_0ca603ee5d51e3b2\rt68cx21x64.sys [810328 2024-03-19] (Realtek Semiconductor Corp. -> Realtek)
R3 s7odpx2x64; C:\WINDOWS\System32\drivers\s7odpx2x64.sys [101568 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7oppilx64; C:\WINDOWS\System32\Drivers\s7oppilx64.sys [47808 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7oppinx64; C:\WINDOWS\System32\drivers\s7oppinx64.sys [124608 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7oserix64; C:\WINDOWS\System32\Drivers\s7oserix64.sys [148160 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7osmcax64; C:\WINDOWS\System32\drivers\s7osmcax64.sys [236736 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7osobux64; C:\WINDOWS\System32\drivers\s7osobux64.sys [121536 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7otmcd64x; C:\WINDOWS\System32\Drivers\s7otmcd64x.sys [211136 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7otranx64; C:\WINDOWS\System32\drivers\s7otranx64.sys [281792 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7otsadx64; C:\WINDOWS\System32\drivers\s7otsadx64.sys [230592 2020-02-10] (Siemens AG -> SIEMENS AG)
R2 s7ousbu64x; C:\WINDOWS\System32\drivers\s7ousbu64x.sys [157888 2020-02-10] (Siemens AG -> SIEMENS AG)
R2 s7PnDiscoveryDriver; C:\WINDOWS\system32\DRIVERS\s7PnDiscoveryDriver.sys [46272 2020-02-10] (Siemens AG -> SIEMENS AG)
R2 Snpnio; C:\WINDOWS\system32\DRIVERS\snpnio.sys [100216 2021-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Siemens AG)
R2 SNTIE; C:\WINDOWS\system32\DRIVERS\sntie.sys [227288 2022-09-14] (Siemens AG -> Siemens AG)
R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [41112 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-09] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [246200 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [256520 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1051944 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [195560 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [27067392 2025-03-19] (Riot Games, Inc. -> Riot Games, Inc.)
R3 vsnl2ada; C:\WINDOWS\System32\drivers\vsnl2ada.sys [137088 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> SIEMENS AG)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-01] (Microsoft Windows -> Microsoft Corporation)
R3 WinCCRtKbdFilter; C:\Windows\system32\drivers\WinCCRtKbdFilter.sys [24800 2021-04-16] (Siemens AG -> Windows (R) Win 7 DDK provider)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-04-09] (Microsoft Windows -> Microsoft Corporation)
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-13 10:12 - 2025-04-13 10:12 - 000826668 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-13 10:12 - 2025-04-13 10:12 - 000199566 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-13 10:11 - 2025-04-13 10:12 - 000044071 _____ C:\Users\Pepík\Desktop\FRST.txt
2025-04-13 10:11 - 2025-04-13 10:12 - 000000000 ____D C:\FRST
2025-04-13 10:10 - 2025-04-13 10:10 - 002404864 _____ (Farbar) C:\Users\Pepík\Desktop\FRST64.exe
2025-04-12 18:20 - 2025-04-12 18:20 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-04-10 20:37 - 2025-04-10 20:37 - 000001391 _____ C:\Users\Pepík\Desktop\Roblox Player.lnk
2025-04-10 20:36 - 2025-04-10 20:36 - 000001219 _____ C:\Users\Pepík\Desktop\Roblox Studio.lnk
2025-04-10 20:31 - 2025-04-10 20:31 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-04-10 20:31 - 2025-04-10 20:31 - 000000000 ____D C:\inetpub
2025-04-10 14:11 - 2025-04-12 20:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-09 16:11 - 2025-04-09 16:11 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-09 16:11 - 2025-04-09 16:11 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-04-06 13:42 - 2025-04-06 13:42 - 000881336 _____ C:\Users\Kubík\Downloads\AutoClicker-3.1.exe
2025-04-06 13:42 - 2025-04-06 13:42 - 000000000 ____D C:\Users\Kubík\Downloads\ACLib
2025-04-03 20:39 - 2025-04-03 20:40 - 000000000 ____D C:\Users\Pepík\Downloads\Wormhole bLWkLO
2025-04-03 20:38 - 2025-04-03 20:39 - 063448577 _____ C:\Users\Pepík\Downloads\Wormhole bLWkLO.zip
2025-04-03 20:12 - 2025-04-03 20:12 - 000005942 _____ C:\Users\Pepík\Downloads\traincraft 1.7.10.zip
2025-04-02 14:24 - 2025-04-02 14:25 - 000000000 ____D C:\Users\Pepík\AppData\Local\User Data
2025-04-02 14:24 - 2025-04-02 14:24 - 000000000 ____D C:\Users\Pepík\AppData\Local\nwjs
2025-04-01 15:44 - 2025-04-01 15:45 - 000000000 ___RD C:\Users\Pepík\Downloads\MicrosoftWindows.Client.CBS_cw5n1h2txyewy!InputApp
2025-03-31 11:06 - 2025-03-31 11:06 - 000000000 ____D C:\Users\Kubík\AppData\Local\EACrashReporter
2025-03-29 13:25 - 2025-03-29 13:25 - 000000000 ____D C:\ProgramData\CD Projekt Red
2025-03-28 20:10 - 2025-03-28 20:10 - 000000000 ____D C:\Users\Pepík\AppData\LocalLow\KishMish
2025-03-28 19:09 - 2025-03-28 19:09 - 000000223 _____ C:\Users\Pepík\Desktop\Bus World.url
2025-03-23 13:56 - 2025-03-29 18:26 - 000000000 ____D C:\Users\Pepík\AppData\LocalLow\Unity
2025-03-20 16:16 - 2025-03-29 12:13 - 000000000 ____D C:\Users\Kubík\AppData\Local\REDEngine
2025-03-20 16:16 - 2025-03-20 16:16 - 000000000 ____D C:\Users\Kubík\AppData\Local\CD Projekt Red
2025-03-20 10:11 - 2025-03-20 10:11 - 000000223 _____ C:\Users\Kubík\Desktop\Cyberpunk 2077.url
2025-03-20 10:11 - 2025-03-20 10:11 - 000000223 _____ C:\Users\Kubík\Desktop\Cyberpunk 2077 Bonus Content.url
2025-03-16 22:07 - 2025-03-16 22:07 - 000000000 ____D C:\Users\Pepík\AppData\LocalLow\EM Games
2025-03-14 14:55 - 2025-03-14 14:55 - 002253567 _____ C:\Users\Pepík\Downloads\create s lidma 1.20.1.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-13 10:12 - 2025-02-21 21:41 - 002021898 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-13 10:12 - 2024-10-27 12:19 - 000000000 ____D C:\Users\Pepík\AppData\Local\Muse Hub
2025-04-13 10:12 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-13 10:08 - 2024-03-07 20:01 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2025-04-13 10:07 - 2024-03-07 15:46 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\discord
2025-04-13 10:06 - 2024-05-01 20:16 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Rainmeter
2025-04-13 10:06 - 2024-03-10 20:02 - 000000000 ____D C:\Users\Honza\AppData\Local\Battle.net
2025-04-13 10:06 - 2024-03-06 21:43 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-13 10:05 - 2025-02-21 21:41 - 000003432 _____ C:\WINDOWS\system32\Tasks\GCC
2025-04-13 10:05 - 2025-02-21 21:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-13 10:05 - 2025-02-21 21:39 - 000011826 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-13 10:05 - 2024-11-27 15:08 - 000000000 ____D C:\Users\Pepík\AppData\Local\Discord
2025-04-13 10:05 - 2024-10-27 12:19 - 000000000 ____D C:\Users\Pepík\AppData\Local\MuseSampler
2025-04-13 10:05 - 2024-10-27 12:19 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-04-13 10:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-13 10:05 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-13 10:05 - 2024-03-06 22:07 - 000000000 ____D C:\Program Files (x86)\Steam
2025-04-13 10:05 - 2024-03-06 22:01 - 000000000 ___RD C:\Users\Pepík\OneDrive
2025-04-13 10:05 - 2024-03-06 21:49 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2025-04-13 10:05 - 2024-03-06 21:35 - 000875536 _____ C:\WINDOWS\system32\wpbbin.exe
2025-04-13 10:05 - 2024-03-06 21:35 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2025-04-13 10:05 - 2024-03-06 21:35 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-13 10:04 - 2024-04-01 09:21 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-04-13 10:03 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-13 10:02 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-04-13 09:53 - 2024-03-10 20:02 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-04-12 21:15 - 2024-03-06 22:20 - 000000000 ____D C:\Users\Pepík\AppData\Local\Roblox
2025-04-12 17:30 - 2025-01-06 16:51 - 000001272 _____ C:\Users\Pepík\Desktop\ESET Online Scanner.lnk
2025-04-12 17:30 - 2024-03-07 17:38 - 000001378 _____ C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-04-12 11:47 - 2024-03-09 20:38 - 000000000 ____D C:\Users\Honza\AppData\Local\D3DSCache
2025-04-12 11:44 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-12 11:13 - 2024-03-09 20:36 - 000000000 ____D C:\Users\Honza\AppData\Local\Packages
2025-04-12 11:11 - 2024-03-06 21:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-12 11:10 - 2025-02-21 21:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-598124734-1471702195-2874904135-1004
2025-04-12 11:10 - 2025-02-21 21:41 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1004
2025-04-12 11:10 - 2025-02-21 21:41 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-598124734-1471702195-2874904135-1004
2025-04-12 11:10 - 2024-03-09 20:37 - 000002377 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-12 11:09 - 2024-03-09 20:36 - 000000000 ____D C:\Users\Honza\AppData\Local\NVIDIA Corporation
2025-04-11 19:18 - 2024-03-06 22:01 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-11 19:18 - 2024-03-06 22:01 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-04-10 20:43 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-10 20:37 - 2025-02-26 19:07 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-04-10 20:37 - 2025-02-26 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2025-04-10 20:37 - 2024-03-08 19:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-04-10 20:37 - 2024-03-06 22:20 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2025-04-10 20:37 - 2024-03-06 22:17 - 000000000 ____D C:\Users\Pepík\AppData\Local\NVIDIA Corporation
2025-04-10 20:35 - 2024-11-08 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2025-04-10 20:35 - 2024-03-08 19:37 - 000000000 ____D C:\Users\Pepík\AppData\Local\CrashDumps
2025-04-10 20:32 - 2025-02-21 21:37 - 000371552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-10 20:31 - 2025-02-21 20:30 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-10 20:31 - 2025-02-21 20:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2025-04-10 20:31 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-04-10 20:31 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-04-10 20:31 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-10 20:31 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-10 20:31 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-10 20:30 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\Medal
2025-04-10 20:30 - 2024-03-07 18:16 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\discord
2025-04-10 17:52 - 2024-03-06 22:02 - 000000000 ____D C:\Users\Pepík\AppData\Local\D3DSCache
2025-04-10 17:46 - 2024-03-06 23:21 - 000000000 ____D C:\Users\Kubík\AppData\Local\D3DSCache
2025-04-10 16:55 - 2024-03-07 18:16 - 000000000 ____D C:\Users\Kubík\AppData\Local\Discord
2025-04-10 15:50 - 2024-09-14 10:27 - 134222904 _____ C:\WINDOWS\392667600.dat
2025-04-10 15:46 - 2024-08-04 11:58 - 000001493 _____ C:\Users\Public\Desktop\Riot Client.lnk
2025-04-10 15:46 - 2024-03-07 19:28 - 000000000 ____D C:\ProgramData\Riot Games
2025-04-10 14:28 - 2024-03-07 19:30 - 000001426 _____ C:\Users\Kubík\Desktop\Roblox Player.lnk
2025-04-10 14:28 - 2024-03-07 19:30 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2025-04-10 14:28 - 2024-03-07 19:30 - 000000000 ____D C:\Users\Kubík\AppData\Local\Roblox
2025-04-10 14:27 - 2024-03-08 21:29 - 000000000 ____D C:\Users\Kubík\AppData\Local\CrashDumps
2025-04-10 14:27 - 2024-03-07 19:30 - 000001229 _____ C:\Users\Kubík\Desktop\Roblox Studio.lnk
2025-04-10 13:55 - 2024-10-25 21:12 - 000002317 _____ C:\Users\Kubík\Desktop\Mobius.lnk
2025-04-10 13:55 - 2024-09-29 21:20 - 000002317 _____ C:\Users\Kubík\Desktop\CurseForge.lnk
2025-04-10 13:55 - 2024-08-11 11:19 - 000001271 _____ C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medal.lnk
2025-04-10 13:55 - 2024-08-11 11:19 - 000001263 _____ C:\Users\Kubík\Desktop\Medal.lnk
2025-04-10 13:55 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\Documents\Medal
2025-04-10 13:55 - 2024-08-11 11:19 - 000000000 ____D C:\Medal
2025-04-10 13:55 - 2024-08-04 12:01 - 000002317 _____ C:\Users\Kubík\Desktop\Control.lnk
2025-04-10 13:55 - 2024-06-29 12:54 - 000002317 _____ C:\Users\Kubík\Desktop\Valorant Tracker.lnk
2025-04-10 13:55 - 2024-04-27 20:30 - 000000000 ____D C:\Users\Kubík\AppData\Local\Overwolf
2025-04-10 13:55 - 2024-03-06 23:20 - 000000000 ___RD C:\Users\Kubík\OneDrive
2025-04-09 18:31 - 2025-02-21 21:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-598124734-1471702195-2874904135-1003
2025-04-09 18:31 - 2025-02-21 21:41 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1003
2025-04-09 18:31 - 2025-02-21 21:41 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-598124734-1471702195-2874904135-1003
2025-04-09 18:31 - 2024-03-06 23:20 - 000002377 _____ C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-09 17:40 - 2025-02-21 21:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-598124734-1471702195-2874904135-1002
2025-04-09 17:40 - 2025-02-21 21:41 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1002
2025-04-09 17:40 - 2025-02-21 21:41 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-598124734-1471702195-2874904135-1002
2025-04-09 17:40 - 2024-03-06 22:01 - 000002377 _____ C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-09 16:11 - 2025-02-21 21:40 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-09 15:38 - 2024-03-08 20:49 - 000000000 ____D C:\Users\Pepík\AppData\Local\WarThunder
2025-04-08 20:28 - 2024-12-25 21:44 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\WeMod
2025-04-08 19:43 - 2024-03-06 23:24 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\EasyAntiCheat
2025-04-08 17:40 - 2024-12-25 21:44 - 000002201 _____ C:\Users\Pepík\Desktop\WeMod.lnk
2025-04-08 17:40 - 2024-12-25 21:44 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2025-04-08 17:40 - 2024-12-25 21:44 - 000000000 ____D C:\Users\Pepík\AppData\Local\WeMod
2025-04-08 17:40 - 2024-03-07 15:46 - 000000000 ____D C:\Users\Pepík\AppData\Local\SquirrelTemp
2025-04-08 17:18 - 2024-03-07 20:09 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\riot-client-ux
2025-04-08 15:02 - 2024-08-25 10:39 - 000000000 ____D C:\Program Files\DubbingAI
2025-04-07 18:14 - 2025-02-26 19:07 - 003114016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2025-04-07 18:14 - 2025-02-26 19:07 - 002403360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2025-04-07 18:14 - 2024-03-08 19:26 - 000271392 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2025-04-07 18:14 - 2024-03-08 19:26 - 000245792 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2025-04-07 17:52 - 2024-03-08 19:26 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2025-04-07 17:52 - 2024-03-08 19:26 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2025-04-07 17:51 - 2024-03-08 19:26 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2025-04-06 10:05 - 2025-02-21 21:41 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-06 10:05 - 2025-02-21 21:41 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-06 09:56 - 2024-03-06 22:12 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-04-04 09:41 - 2025-02-21 21:41 - 000004234 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1727636541
2025-04-04 09:41 - 2024-09-29 21:02 - 000001473 _____ C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2025-04-04 09:41 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medal B.V
2025-04-04 09:41 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Local\Medal
2025-04-04 09:40 - 2025-02-21 21:41 - 000004230 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1732297780
2025-04-04 09:40 - 2024-11-22 19:49 - 000001473 _____ C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2025-04-03 20:37 - 2024-09-29 15:43 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\.minecraft
2025-04-03 19:21 - 2024-03-20 15:41 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Microsoft\MMC
2025-04-03 18:56 - 2024-09-28 17:57 - 000002243 _____ C:\Users\Pepík\Desktop\Discord.lnk
2025-04-03 17:20 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Local\log
2025-04-03 15:32 - 2024-12-08 00:05 - 000000000 ____D C:\ProgramData\EA Desktop
2025-04-02 17:20 - 2024-03-07 18:16 - 000002243 _____ C:\Users\Kubík\Desktop\Discord.lnk
2025-04-01 12:23 - 2024-03-06 21:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-01 12:06 - 2024-04-27 20:31 - 000000000 ____D C:\Program Files (x86)\Overwolf
2025-03-31 11:48 - 2024-09-29 21:02 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\.minecraft
2025-03-31 11:41 - 2024-09-29 21:02 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\.tlauncher
2025-03-30 17:50 - 2025-02-21 21:41 - 000003842 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2025-03-30 17:50 - 2025-02-21 21:41 - 000003400 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2025-03-30 12:57 - 2024-03-06 23:02 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\EasyAntiCheat
2025-03-30 10:39 - 2025-01-19 18:03 - 000000000 ____D C:\Users\Pepík\VirtualBox VMs
2025-03-30 10:39 - 2024-12-10 15:52 - 000000000 ____D C:\Users\Pepík\.VirtualBox
2025-03-29 19:42 - 2024-03-06 22:00 - 000000000 ____D C:\Users\Pepík\AppData\Local\Packages
2025-03-29 17:40 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Local\Ferox_Games_B.V
2025-03-29 17:38 - 2024-03-07 19:43 - 000000000 ____D C:\Program Files\Riot Vanguard
2025-03-28 17:02 - 2024-05-01 21:40 - 000000000 ____D C:\Users\Kubík\AppData\Local\ModernWarships
2025-03-27 18:15 - 2024-08-25 18:32 - 000000000 ____D C:\Users\Kubík\AppData\Local\Crossout
2025-03-27 16:17 - 2024-03-06 23:19 - 000000000 ____D C:\Users\Kubík\AppData\Local\Packages
2025-03-23 14:08 - 2024-10-31 16:40 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\r2modman
2025-03-20 16:15 - 2024-12-08 00:05 - 000000000 ____D C:\Users\Kubík\AppData\Local\cache
2025-03-20 10:11 - 2024-12-07 23:43 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-03-18 21:45 - 2024-11-23 19:51 - 000000000 ____D C:\Users\Kubík\AppData\Local\Steam
2025-03-18 16:53 - 2025-01-05 16:58 - 000000000 ____D C:\Users\Pepík\Documents\Euro Truck Simulator 2
2025-03-18 16:16 - 2024-03-06 22:07 - 000000000 ____D C:\Users\Pepík\AppData\Local\Steam
2025-03-18 15:55 - 2024-08-25 10:39 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dubbing AI.lnk
2025-03-18 15:55 - 2024-08-25 10:39 - 000000865 _____ C:\Users\Public\Desktop\Dubbing AI.lnk
2025-03-15 14:22 - 2024-03-06 23:20 - 000000000 ____D C:\Users\Kubík\AppData\Local\PlaceholderTileLogoFolder
2025-03-15 12:15 - 2024-09-29 15:34 - 002897472 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-03-15 12:15 - 2024-09-29 15:34 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-03-15 12:15 - 2024-09-29 15:34 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-03-15 12:15 - 2024-09-29 15:34 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-03-15 12:14 - 2024-09-29 15:34 - 000788008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-03-15 12:14 - 2024-09-29 15:34 - 000267816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-03-15 12:14 - 2024-09-29 15:34 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll

==================== Files in the root of some directories ========

2024-04-01 19:45 - 2024-04-04 21:21 - 000000098 _____ () C:\Users\Pepík\AppData\Roaming\LauncherSettings_live.cfg
2024-04-04 21:01 - 2024-04-04 21:01 - 000002636 _____ () C:\Users\Pepík\AppData\Roaming\TheHunterSettings_live.bin
2024-04-04 21:12 - 2024-04-04 21:19 - 000000048 _____ () C:\Users\Pepík\AppData\Roaming\TheHunterSettings_steam_live.cfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Jenda297
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 dub 2025 07:36

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#2 Příspěvek od Jenda297 »

A druhý log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by Pepík (13-04-2025 10:13:13)
Running from C:\Users\Pepík\Desktop
Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) (2025-02-21 19:41:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-598124734-1471702195-2874904135-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-598124734-1471702195-2874904135-503 - Limited - Disabled)
Guest (S-1-5-21-598124734-1471702195-2874904135-501 - Limited - Disabled)
Honza (S-1-5-21-598124734-1471702195-2874904135-1004 - Administrator - Enabled) => C:\Users\Honza
janfi (S-1-5-21-598124734-1471702195-2874904135-1001 - Administrator - Enabled) => C:\Users\janfi
Kubík (S-1-5-21-598124734-1471702195-2874904135-1003 - Administrator - Enabled) => C:\Users\Kubík
Pepík (S-1-5-21-598124734-1471702195-2874904135-1002 - Administrator - Enabled) => C:\Users\Pepík
WDAGUtilityAccount (S-1-5-21-598124734-1471702195-2874904135-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.28.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.13.0.2771 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.13.0.2771 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{f738e81d-6f36-4eae-83b9-c4a2d7d7a868}) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.) Hidden
Aplikace NVIDIA 11.0.3.232 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.3.232 - NVIDIA Corporation)
ATLauncher Setup (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\{2F5FDA11-45A5-4CC3-8E51-5E11E2481697}_is1) (Version: 1.2.0.0 - ATLauncher)
Audacity 3.7.0 (HKLM\...\Audacity_is1) (Version: 3.7.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{BDF8C840-5B9A-4D9B-9BCA-CE4163973563}) (Version: 4.8.09256 - Microsoft Corporation) Hidden
Control (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_bdgnjepnpdepdpndclppjhimnoeamdchlkjdlgfk) (Version: 0.2.77 - Overwolf app)
Crossout Launcher 1.0.3.213 (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\CrossOutLauncher_is1) (Version: - )
CurseForge (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 1.275.5.4706 - Overwolf app)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DiagnosticsHub_CollectionService (HKLM\...\{9C551783-3830-4366-9103-195E5AFA84FC}) (Version: 17.11.35317 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Discord) (Version: 1.0.9172 - Discord Inc.)
Discord (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Discord) (Version: 1.0.9034 - Discord Inc.)
Dubbing AI version v1.7.0 (HKLM-x32\...\{C28AF184-0180-4766-A0C0-C3DE5A5624D8}_is1) (Version: v1.7.0 - HALO INTERACTIVE PTE. LTD.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.433.0.5946 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{5106b932-0116-4839-b279-773a1ceec919}) (Version: 13.433.0.5946 - Electronic Arts)
EBpro V6.09.02.338 (HKLM-x32\...\{FB65FE55-D6AA-471C-B02A-99C1E14DF73F}_is1) (Version: - Weintek Labs., Inc.)
eDEX-UI 2.2.8 (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\82c1c72c-4db6-57c2-bb24-743f60eb274f) (Version: 2.2.8 - Gabriel 'Squared' SAILLARD)
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{B6309BF9-CFD5-4AA0-BE86-C58A6A917DA1}) (Version: 1.0.12.2 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{25ed5e8e-dbd3-4fa0-a28a-1b7de48b7bee}) (Version: 1.0.12.2 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{a7b1cf47-d8f0-423d-9494-568195f1c864}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{0E28D23D-A3C1-4381-AA5B-12E7C0E368CA}) (Version: 1.3.131.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{C7D679C2-04A8-434A-8799-4C2F001388BE}) (Version: 2.9.0 - Epic Games, Inc.)
Fortnite Tracker (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_lchehejhdkhdkfledgjmchiblkmimnhfoeacjcni) (Version: 3.11.4 - Overwolf app)
GBT_MB_Update (HKLM\...\GBT_MB_Update) (Version: 24.06.25.01 - GIGABYTE)
GBT_RGB_Sync_Control 24.06.18.01 (HKLM\...\GBT_RGB_Sync_Control) (Version: 24.06.18.01 - GIGABYTE)
GBT_rgbMotherboard_UC 24.06.20.01 (HKLM\...\GBT_rgbMotherboard_UC) (Version: 24.06.20.01 - GIGABYTE)
GIGABYTE Control Center 24.06.27.01 (HKLM\...\GIGABYTE Control Center) (Version: 24.06.27.01 - GIGABYTE)
GIGABYTE Performance Library (HKLM\...\MBEasyTune) (Version: 24.06.21.01 - GIGABYTE)
GIGABYTE Storage Library (HKLM\...\MBStorage) (Version: 24.07.05.01 - GIGABYTE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.85 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{58D16D0C-E3A5-44F4-B44D-FE43AD45F251}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{A7BC9345-F48F-4F6C-8F23-222F6B64B737}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{57D14DE5-C298-440D-BC54-818AA0B08939}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{97A2AC6F-D312-4356-82CA-083A8312469D}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
INZONE Hub (HKLM\...\{C1C9572A-17C2-FFFC-E3E8-B2D586EABACA}) (Version: 1.0.13.0 - Sony Corporation)
Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Medal (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Medal) (Version: 4.2699.0 - Medal B.V.)
Microsoft .NET 6.0 Templates 8.0.403 (x64) (HKLM\...\{685CAC03-9584-457A-B49A-00A5077AB577}) (Version: 24.8.23125 - Microsoft Corporation) Hidden
Microsoft .NET 8.0 Templates 8.0.403 (x64) (HKLM\...\{61DDF3F6-B199-45CB-9483-88C2A4BF8D8A}) (Version: 32.10.55893 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.35 (x64) (HKLM\...\{33409B86-35CA-4000-A2FC-54B9AD74474C}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.35 (x64_arm) (HKLM\...\{11A5E018-28AA-43DB-9434-29940C72E7CA}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.35 (x64_arm64) (HKLM\...\{B6D1CAAB-094D-44D4-A5E6-0377349AB364}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.35 (x64_x86) (HKLM\...\{059C32BA-74D1-43F6-9C13-16CC9D5822CE}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.10 (x64) (HKLM\...\{E20F860B-E692-4DD4-82E7-2FF06E222031}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.10 (x64_arm64) (HKLM\...\{141C7DD4-05D4-46E7-A924-5FDD57D47633}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.10 (x64_x86) (HKLM\...\{938CE44A-DE2E-4B59-BDB7-D515A41AA029}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime For CoreCon (HKLM-x32\...\{48A8F171-52F2-372B-8414-EA50617708BE}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime SDK (HKLM-x32\...\{12702494-9E6A-3F5E-9441-2B7D258A639B}) (Version: 1.1.27004.0 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.10 (x64) (HKLM\...\{3A80EBC5-6B68-49B9-BEBD-E1A6C966B416}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.10 (x86) (HKLM-x32\...\{E209487C-1BC1-4D23-87B7-010178837448}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.10 (x64) (HKLM\...\{062CD1ED-0A3C-483C-A871-50173240C545}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.10 (x86) (HKLM-x32\...\{9781F700-28C4-4F55-8552-643807AACB18}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Native SDK (HKLM-x32\...\{EF0C772D-F5E3-36D0-BDAB-FD378533CD40}) (Version: 15.0.24211.07 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.35 (x64) (HKLM\...\{C79F6EEC-3A2B-487D-A3B6-EDF4057B4E4B}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.35 (x86) (HKLM-x32\...\{BBEA8EBD-9170-4B66-8343-9A763011DED4}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.10 (x64) (HKLM\...\{15B7D0C2-F209-4C28-AF1C-FD8326F4D58A}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.10 (x86) (HKLM-x32\...\{25513E9F-031D-4A70-94D5-AD08C1CDE5FB}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET SDK 8.0.403 (x64) from Visual Studio (HKLM\...\{2CDAFBED-4278-4225-83C0-A7615DFEDEFF}) (Version: 8.4.324.47413 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.35 (x64) (HKLM\...\{78BA8806-ABF1-4DE7-B3A4-AD805488F75A}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.35 (x86) (HKLM-x32\...\{C9A16259-1565-4C3D-8B99-C9CEB6DCFAF4}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 8.0.10 (x64) (HKLM\...\{8F115CBC-3741-42EA-8F2E-B8D0A63593D7}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 8.0.10 (x86) (HKLM-x32\...\{C32AD807-EDD6-416D-A91E-3C2E99C3053C}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 8.0.403 (x64) (HKLM\...\{EFB9E0CC-AA8A-4D24-8FDA-33E693C22688}) (Version: 32.8.55893 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.35 Shared Framework (x64) (HKLM\...\{EF5C4694-AACF-3220-B485-970EA04B6770}) (Version: 6.0.35.24462 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.35 Shared Framework (x86) (HKLM-x32\...\{979F8AF4-9BF1-3978-AEC1-4BC62F883903}) (Version: 6.0.35.24462 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.35 Targeting Pack (x64) (HKLM\...\{11EE35B2-43EC-37ED-8BFA-2F2227CCDF10}) (Version: 6.0.35.24462 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.35 Targeting Pack (x86) (HKLM-x32\...\{3B49C02B-35F3-348E-84AA-714CE0CF1C1F}) (Version: 6.0.35.24462 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.10 Shared Framework (x64) (HKLM\...\{D7156216-38DA-3370-A1EF-CEA07751D873}) (Version: 8.0.10.24468 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.10 Shared Framework (x86) (HKLM-x32\...\{430E625C-A84F-302E-A7F7-5708E8E7F7E2}) (Version: 8.0.10.24468 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.10 Targeting Pack (x64) (HKLM\...\{62EAD19D-3122-3A47-9BB4-0B802B106314}) (Version: 8.0.10.24468 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.10 Targeting Pack (x86) (HKLM-x32\...\{FADB53F7-88E1-3BDC-A095-72F29EE839C9}) (Version: 8.0.10.24468 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.73 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.73 - Microsoft Corporation) Hidden
Microsoft NetStandard SDK (HKLM-x32\...\{737FDDA7-B944-4CB5-92D9-3D56373BD301}) (Version: 15.0.51105 - Microsoft Corporation) Hidden
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{76CF9EF4-ABA0-484E-8042-12B99499AF5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-598124734-1471702195-2874904135-1001\...\OneDriveSetup.exe) (Version: 24.025.0204.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-598124734-1471702195-2874904135-1004\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{B9274744-8BAE-4874-8E59-2610919CD419}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 RsFx Driver (HKLM\...\{7123D29F-9197-4686-A619-C7E8EA289718}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{405252DC-ADF7-4BC8-95F5-F89DE513DD62}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 (HKLM\...\{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.04401 - Microsoft)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{7F86DEBA-AF7D-43F2-8312-DBCB65F116A9}) (Version: 17.10.0.9037153 - Microsoft) Hidden
Microsoft UniversalWindowsPlatform SDK (HKLM-x32\...\{C756420B-C91C-4410-8092-F49C24CEF594}) (Version: 15.9.16 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.11.2180.21897 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{EE86461C-2B52-4E27-A5ED-4D59819BDD08}) (Version: 3.11.2133.16870 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{A59EAC01-288D-41BA-B6F2-3DF78DEA16E0}) (Version: 3.11.2133.16870 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.35 (x64) (HKLM\...\{8AA69679-CCD6-42D9-BCDA-99BE386D57B7}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.35 (x86) (HKLM-x32\...\{0963AE98-F2C6-42A0-BF25-F0BC52787B35}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM\...\{614C9740-3FD4-4788-A277-7C35CB4C323B}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.10 (x86) (HKLM-x32\...\{F6940347-D27B-455F-B875-BC58150D99F2}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.35 (x64) (HKLM\...\{A916ED6C-1BCE-4A05-B8D0-378DF81DB765}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.35 (x86) (HKLM-x32\...\{118B7664-3706-4DDA-82C0-D81674800E79}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 8.0.10 (x64) (HKLM\...\{F79CCA7E-7D6C-4F43-951F-B8C0C74F87E8}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 8.0.10 (x86) (HKLM-x32\...\{911CA210-235B-42D6-9A12-7C17F84ED3C0}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-8.0.100 (x64) (HKLM\...\{82E988D4-4794-49D0-8185-B49CD842BFFB}) (Version: 34.0.113 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Aspire.Manifest-8.0.100 (x64) (HKLM\...\{38DF0526-2425-4999-B77C-82281D15F35C}) (Version: 64.64.18482 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-8.0.100 (x64) (HKLM\...\{4E76E90C-B8F1-4291-B925-618FD9BAA552}) (Version: 18.0.8303 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-8.0.100 (x64) (HKLM\...\{2512FF45-7553-4A70-84CF-CDBE67D55427}) (Version: 18.0.8303 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-8.0.100 (x64) (HKLM\...\{468C3839-0E49-46DC-8D54-D9F0507AD7B1}) (Version: 15.0.8303 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-8.0.100 (x64) (HKLM\...\{14F733B0-0CC9-44B0-81EA-03BC8AB7D6FE}) (Version: 8.0.82 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-8.0.100 (x64) (HKLM\...\{7782168D-9009-4035-9C3D-9C57884B2414}) (Version: 18.0.8303 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Current.Manifest (x64) (HKLM\...\{A38AF6BC-35AD-4ECB-B3F6-2A5F7A9080F4}) (Version: 64.40.21345 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{86A3E677-8EC8-4080-9359-FBCEAD039C72}) (Version: 64.40.21345 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{68C5A4AE-1B0D-4F8C-A319-DEDFA9519A08}) (Version: 64.40.21345 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Current.Manifest (x64) (HKLM\...\{B3D8DBC1-1868-40CA-89C0-002D193E7490}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{F9B6FB6E-239E-4D46-BE06-9042F0B64887}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{D077A86E-0289-4522-A635-783DB1DB7E28}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Mobius (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_igkpgccbkkidbboffbokhfidimlhpnldmgkphbpi) (Version: 1.5.0.5 - Overwolf app)
ModernWarshipsLauncher 1.0.3.34 (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\{e5ec707a-ad6c-4607-95bd-93c625670d0d}}_is1) (Version: - Gaijin Network)
MSI Afterburner 4.6.6 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.6 Beta 3 - MSI Co., LTD)
NVIDIA FrameView SDK 1.5.10920.35420203 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10920.35420203 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OPC Core Components Redistributable (x64) 3.0.107.24 (HKLM\...\{725FFCF9-5D38-4249-8697-9BDB415E6B00}) (Version: 3.0.10700 - OPC Foundation)
OpenVPN Connect (HKLM\...\{476194D5-A162-4677-A53F-1DE4ED5F27CF}) (Version: 3.5.0 - OpenVPN Inc.)
Opera GX Stable 117.0.5408.205 (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Opera GX 117.0.5408.205) (Version: 117.0.5408.205 - Opera Software)
Opera GX Stable 117.0.5408.205 (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Opera GX 117.0.5408.205) (Version: 117.0.5408.205 - Opera Software)
Oracle VirtualBox 7.1.4 (HKLM\...\{B7EE9AB2-4188-4B5F-8499-43114E7AD7DA}) (Version: 7.1.4 - Oracle and/or its affiliates)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.273.1.4 - Overwolf Ltd.)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.1 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{07236f40-ec25-4646-8cb6-b6aaf1597324}) (Version: 1.1.0.1 - Patriot Memory) Hidden
PicPick (HKLM-x32\...\PicPick) (Version: 7.2.9 - NGWIN)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.1.0 - Advanced Micro Devices, Inc.) Hidden
r2modman 3.1.57 (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\ac231ef6-6414-5f8d-b36f-3b57705721dd) (Version: 3.1.57 - ebkr)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.5.21 - Rainmeter)
Rapture COBRA (HKLM-x32\...\{DB1238C2-B3F6-487B-B2F2-C866445E7E0C}_is1) (Version: 1.0 - Alza.cz a.s.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9689.1 - Realtek Semiconductor Corp.)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.8.1030.200908 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.18.0312.2024 - Realtek)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0045 - REALTEK Semiconductor Corp.)
RealVNC Viewer 7.12.0 (HKLM\...\{F19953AA-4E83-42DE-852C-E6C2114D96B3}) (Version: 7.12.0.14 - RealVNC)
REDlauncher (HKLM-x32\...\{DDAB335A-D2ED-45F8-A921-8597CC411E20}) (Version: 3.4.0.5 - CD Projekt RED) Hidden
Riot Client (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for Kubík (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\roblox-player) (Version: - Roblox Corporation)
Roblox Player for Pepík (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\roblox-player) (Version: - Roblox Corporation)
Siemens Automation License Manager (HKLM\...\{A719986D-104A-4DD4-84E3-65C214B699E8}) (Version: 06.00.0904 - Siemens AG) Hidden
Siemens Automation License Manager V6.0 + SP9 + Upd4 (HKLM\...\{A719986D-104A-4DD4-84E3-65C214B699E8}LicenseManager) (Version: 06.00.0904 - Siemens AG)
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package 0 V17.0 (HKLM\...\{BA4E9D15-087D-502B-93BA-076719BC4236}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package 02 V17.0 (HKLM\...\{37D9C58D-2705-5E07-93DD-268635B26F24}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package 03 V17.0 (HKLM\...\{EB949E8C-F9D4-546D-A02E-29947C18A016}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package 04 V17.0 (HKLM\...\{D3B9FDC3-2379-5B12-9653-C830E5AE4F8C}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package WCF-01 V17.0 (HKLM\...\{1623081C-E461-5DD2-9F1B-6FA09A24BED2}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - HM All Editions Single SetupPackage V17.0 UPD7 (HKLM\...\{079A2623-93DA-4B5D-ACF4-A7FC672B32BE}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - HM NoBasic Single SetupPackage V17.0 UPD7 (HKLM\...\{2FD255DF-547F-44F6-A1E5-69FC21504FA8}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Multiuser Client Single SetupPackage V17.0 UPD7 (HKLM\...\{E61C0A53-CE13-427E-968D-D82DA1C66FB7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Openness SetupPackage V17.0 UPD7 (HKLM\...\{C2F22C69-426B-4263-A50B-B1EBDFBF6FE7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Simatic Single SetupPackage V17.0 UPD7 (HKLM\...\{E535649B-41A8-4ED3-870C-DDB37D14195E}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Simatic Single SetupPackage 32 Bit V17.0 (HKLM-x32\...\{97666CA6-3A5A-422D-B742-7865268AD661}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS Startdrive Advanced G110M, G120, G120C, G120D, G120P, G115D V17.0 + SP1 + Upd1 (HKLM\...\{8F50D010-5C1A-45E7-BF03-6928A1E6D75C}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS Startdrive Advanced G130, G150, S120, S150, SINAMICS MV, S210 V17.0 + SP1 + Upd1 (HKLM\...\{C29CA7AB-04D9-4BE7-AE89-29E51FF0D54E}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS-STARTDRIVE-COMMON V17.0 + SP1 + Upd1 (HKLM\...\{0F1AB8B0-992C-4038-B745-1EB2B0B6322B}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS-STARTDRIVE-COMMON-OPENNESS V17.0 + SP1 + Upd1 (HKLM\...\{8E4FC754-7A38-43E6-9B17-D9E6582252F9}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS-STARTDRIVE-COMMON-SAT V17.0 + SP1 + Upd1 (HKLM\...\{99C7A0C1-ECD6-405D-8517-00BE947CF3F2}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Startdrive Hardware Support Base Package 1 V17.0 (HKLM\...\{3063B9BF-2D02-4170-8025-FC6999AF2BAE}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Startdrive Hardware Support Base Package 1 V17.0 (HKLM\...\{CE45B07A-BEA0-4632-9C47-F335EE2BEF68}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - STEP 7 Safety Single SetupPackage V17.0 UPD6 (HKLM\...\{C16EFDE1-821E-4A84-91AD-424E6ACD92F3}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - STEP 7 Single SetupPackage V17.0 UPD7 (HKLM\...\{2E885E83-8749-49DE-9A20-303EECB03FE7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Support Base Package TO-01 V17.0 (HKLM\...\{5C7D1BBE-1A75-5ECD-9C17-1590268CF484}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Support Base Package TO-02 V17.0 (HKLM\...\{B36FE3B3-0496-5D64-A1BC-EF747539B1E8}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - TIACOMPCHECK Single SetupPackage V17.0 + Upd7 (HKLM\...\{9504CA56-C9BA-4D89-B1D2-7BCF44E5E214}) (Version: 17.00.0007 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Version Control Interface SetupPackage V17.0 UPD7 (HKLM\...\{05774324-9146-46E4-992B-FB8DB87B6C20}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - WinCC Single SetupPackage V17.0 UPD7 (HKLM\...\{BE58C64B-16AB-4781-8AD1-31E4494F6DA7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - WinCC Single SetupPackage 32 Bit V17.0 (HKLM-x32\...\{0515F9DC-377B-4629-B94D-6F7C171563C7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - WinCC Transfer Mandatory Single SetupPackage V17.0 UPD7 (HKLM\...\{7FDB85E1-9117-464A-B3A9-78970442A025}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 (HKLM-x32\...\Siemens Installer Assistant - TIAP17) (Version: V17 - Siemens AG)
SIMATIC ProSave (HKLM-x32\...\{B816FFB4-20E1-498E-8C8F-EF0D4D928FBB}) (Version: 17.00.0001 - Siemens AG) Hidden
SIMATIC ProSave V17.0 Upd1 (HKLM-x32\...\{B816FFB4-20E1-498E-8C8F-EF0D4D928FBB}Prosave) (Version: 17.00.0001 - Siemens AG)
SIMATIC WinCC Runtime Advanced V17.0 UPD7 (HKLM-x32\...\Siemens Installer Assistant - HMIRTM_V11) (Version: V17.0 UPD7 - Siemens AG)
SIMATIC WinCC Runtime Professional V17.0 Upd7 (HKLM-x32\...\Siemens Installer Assistant - SCADA-RT_V11) (Version: V17.0 Upd7 - Siemens AG)
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop (HKU\S-1-5-21-598124734-1471702195-2874904135-1004\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.5.5 - Telegram FZ-LLC)
TIA Administrator - TIA Administrator V1.0 SP8 (HKLM\...\{A9854F14-BE7A-4A7E-A1AF-91DC2B4880C5}) (Version: 01.00.0800 - Siemens AG) Hidden
TIA Administrator - AWB Licensing Module V1.0 + SP8 (HKLM\...\{1251807E-4FB0-4A98-BEF0-E287DD36FF40}) (Version: 01.00.0800 - Siemens AG) Hidden
TIA Administrator - AWB Software Management V1.0 + SP8 (HKLM\...\{AEC22818-49AE-433D-9243-2268912CA418}) (Version: 01.00.0800 - Siemens AG) Hidden
TIA Administrator - TIA UMC Agent Configurator Module V1.0 + SP8 (HKLM\...\{04A5F46A-15D7-44DF-9D71-17A6E7BD41E2}) (Version: 01.00.0800 - Siemens AG) Hidden
TIA Administrator (HKLM-x32\...\Siemens Installer Assistant - TIAADMIN) (Version: V1.0 - Siemens AG)
TIA Portal Project Server V17 - TIA Portal Project Server Single SetupPackage V17.0 Upd7 (HKLM\...\{C8C3D3E8-CFAE-489D-86D7-1C200FD9E7DC}) (Version: 17.00.0007 - Siemens AG) Hidden
TIA Portal Project Server V17 (HKLM-x32\...\Siemens Installer Assistant - MUSERVERV17) (Version: V17.0 Upd7 - Siemens AG)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.9289 - TLauncher Inc.)
Totally Integrated Automation Portal V17 - TIA Portal Single SetupPackage V17.0 (HKLM\...\{B2C6F7A3-528A-4AEA-8C7E-3DEBB940480B}) (Version: 17.00.0000 - Siemens AG) Hidden
User Management Component - UserManagementComponentx64 V2.9 SP3 Upd2 (HKLM\...\{F8FB36E7-28F3-49A5-A571-A297774FB30E}) (Version: 02.09.03.02 - Siemens AG) Hidden
User Management Component - umtrayiconx64 V2.9 + SP3 + Upd2 (HKLM\...\{0D7D6BDA-0DCC-4E83-82A0-766B1C99E2F3}) (Version: 02.09.03.02 - Siemens AG) Hidden
User Management Component (HKLM-x32\...\Siemens Installer Assistant - UMC64) (Version: V2.9 SP3 UPD2 - Siemens AG)
VALORANT (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Valorant Tracker (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_ipmlnnogholfmdmenfijjifldcpjoecappfccceh) (Version: 1.27.1 - Overwolf app)
vcpp_crt.redist.clickonce (HKLM-x32\...\{6F16E6B5-1260-4335-9719-44570F14B065}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{E503D4B9-DD36-4B58-BA27-F01631BF9253}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{E6B29AFF-6C30-45DE-939F-4CE8028D25C0}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Resource Package (HKLM-x32\...\{492AF3D9-EA20-4276-B948-76BAD704E602}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{383B01AE-764D-43B4-8AF8-3170D2A48139}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{6F489261-387F-42F1-ACD3-AF2D9B2E642A}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{E0CF1190-35BC-483E-B32D-9450ED3DEF6A}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{FDE7EDF2-2BD3-4ECC-9CE0-F5DE297A7AE6}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual Studio Community 2022 (HKLM-x32\...\4c3e37b3) (Version: 17.11.5 - Microsoft Corporation)
VS Immersive Activate Helper (HKLM-x32\...\{BE00F49A-2FA1-46E6-B30F-A2653BF7CD75}) (Version: 17.0.157.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{F82603BE-9975-4B01-B586-84E5E6301C0D}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{890533B4-4F0A-4726-8F54-A8A1B27BC42B}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{BA2E09EF-8839-49DC-A949-639C569FB2F4}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6CAA3F5E-6F43-48D7-9465-2543DCD3EB62}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{19F3857D-93AC-4B31-BB34-C9BEAE643F3D}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{A4A2A751-37FE-4EEA-89CC-12004BFD4C86}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{DCF89732-E559-4900-8844-7C6B27F28808}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{1851460E-0E63-4117-B5BA-25A2F045801B}) (Version: 17.7.40001 - Microsoft Corporation)
vs_devenvsharedmsi (HKLM-x32\...\{F8821BBC-45BE-481C-9A8C-EA9C87174F44}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{67B8CF3A-C2F5-424F-B172-E0A2B8D5D2D5}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{5845E00D-7409-475B-B7F3-D88C2598D7D4}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{5E7CA2F5-FE75-4D40-8533-653524E82407}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{F6235A6B-586B-4B74-91F5-B108C407085D}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_githubprotocolhandlermsi (HKLM-x32\...\{AB3E3E33-5938-42C8-8A56-DD883DA35667}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{850190D6-F1E2-42BB-89F9-6E73A0836599}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{B219BF5E-0743-49F3-9ADD-543A18FFAE79}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B6DC1A71-48F8-47E1-BD23-A2EC000BB76B}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{2A1FB39E-C04E-4DD1-A8E9-5AF8E4DC5DDA}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{DFE9C1B1-B059-46C6-8272-A4975CE7C844}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{9CBEF6C3-C91E-4838-A4BE-EEC6FB65AC5E}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{39D747CD-E324-4687-B068-7E2EC1066B2C}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{45BF09E7-745C-4EA8-AB3D-2F734AB57EB2}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{BCEEE64D-6A17-42DD-9E9D-70FADB47F243}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
War Thunder Launcher 1.0.3.409 (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Network)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WeMod (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\WeMod) (Version: 10.10.4 - WeMod)
WinCC Runtime Advanced V17.0 - SIMATIC WinCC Runtime Advanced V17.0 (HKLM-x32\...\{517C78B0-FC51-415D-81F0-D6428FEF4AEE}) (Version: 17.00.0000 - Siemens AG) Hidden
WinCC Runtime Advanced V17.0 - HMIRTM Tagging Package 01 Single SetupPackage V17.0 UPD7 (HKLM-x32\...\{174D465B-7CEB-4DA0-8AA3-1A38416B9994}) (Version: 17.00.0000 - Siemens AG) Hidden
WinCC Runtime Professional V17 - SIMATIC WinCC Runtime V17.0 (HKLM-x32\...\{F5506AFC-4561-4BCA-9CF0-1E79EC938138}) (Version: 17.00.0000 - Siemens AG) Hidden
WinCC Runtime Professional V17 - OPCUA_Client V1.1 + SP2 + Upd5 (HKLM-x32\...\{98434C05-C0D7-4600-A170-79762CB917CD}) (Version: 01.01.0205 - Siemens AG) Hidden
WinCC Runtime Professional V17 - SCADA Simulation Single SetupPackage V17.0 UPD7 (HKLM-x32\...\{75F72449-AD40-4D01-8413-9A7EFF77BC72}) (Version: 17.00.0000 - Siemens AG) Hidden
windows_toolscorepkg (HKLM-x32\...\{44001BA1-EEA5-4EE9-9FEC-2F3F52FDB74C}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Yenkee AURA (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Yenkee AURA) (Version: 1.0.0.0 - YENKEE)

Packages:
=========
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-10] (Microsoft Windows)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-03-16] (Microsoft Corp.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-28] (Microsoft Corporation)
Minecraft for Windows -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.21.7301.0_x64__8wekyb3d8bbwe [2025-04-12] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_2.2.2.0_x64__8wekyb3d8bbwe [2025-02-19] (Microsoft Studios)
Minecraft: Java Edition -> C:\Program Files\WindowsApps\Microsoft.MinecraftJavaEdition_1.0.5.0_x64__8wekyb3d8bbwe [2024-09-29] (Microsoft Studios)
MuseHub -> C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6 [2025-02-01] (Muse) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-02-21] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.331.0_x64__dt26b99r8h8gj [2024-08-04] (Realtek Semiconductor Corp)
SoundCloud - Music & Songs -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_2.0.0.0_neutral__2xc63xn306dnw [2025-02-21] (SoundCloud Global Limited &amp; Co. KG)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0 [2025-03-26] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2514.4.0_x64__cv1g1gvanyjgm [2025-04-10] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-02-17] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-09] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2024-11-14] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-598124734-1471702195-2874904135-1002_Classes\CLSID\{533d465c-3565-dbaa-ef18-0e89c6534c86}\localserver32 -> C:\Program Files\Sony\INZONE Hub\INZONEHub.exe (Sony Corporation -> Sony Corporation)
CustomCLSID: HKU\S-1-5-21-598124734-1471702195-2874904135-1002_Classes\CLSID\{82A6D7A6-FC2E-4DFD-AAEF-E3BBF9AD71AD}\localserver32 -> "C:\Program Files\dm\dm CEWE fotosvet\AutoBookService.exe" -ToastActivated => No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\nvshext.dll [2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Pepík\Desktop\PC Building Sim.lnk -> C:\Users\Pepík\Downloads\PC Building Sim\PC.Building.Simulator.2.v1.9.12\game\_START.bat ()
ShortcutWithArgument: C:\Users\Pepík\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Fiebinger (zskomtu.cz) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2022-10-21 14:38 - 2022-10-21 14:38 - 000106496 _____ () [File not signed] [File is in use] \\?\C:\Program Files\Siemens\Automation\TIAADMIN\server\modules\soft\node_modules\edge-js\lib\native\win32\x64\14.17.4\edge_nativeclr.node
2022-10-21 14:39 - 2022-10-21 14:39 - 000606720 _____ () [File not signed] \\?\C:\Program Files\Siemens\Automation\TIAADMIN\server\node_modules\os-service\build\Release\service.node
2020-11-13 16:34 - 2020-11-13 16:34 - 000110592 _____ () [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\boost_filesystem-vc142-mt-x64-1_71.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 005378048 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll
2025-04-10 20:37 - 2025-04-10 20:37 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2025-02-26 19:07 - 2025-04-10 20:37 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2025-02-04 19:22 - 2025-02-04 19:22 - 002640312 _____ (Rainmeter Team -> Rainmeter) [File not signed] C:\Program Files\Rainmeter\Rainmeter.dll
2022-10-21 14:41 - 2022-10-21 14:41 - 001908224 _____ (SIEMENS AG) [File not signed] \\?\C:\Program Files\Siemens\Automation\TIAADMIN\server\core\modules\login\native\mod.auth.83.node
2022-10-21 14:42 - 2022-10-21 14:42 - 004299776 _____ (SIEMENS AG) [File not signed] \\?\C:\Program Files\Siemens\Automation\TIAADMIN\server\modules\alm\native\Mod_Alm83.node
2022-10-21 14:42 - 2022-10-21 14:42 - 003578368 _____ (SIEMENS AG) [File not signed] \\?\C:\Program Files\Siemens\Automation\TIAADMIN\server\modules\soft\native\Mod_Inventory83.node
2020-11-09 17:46 - 2020-11-09 17:46 - 003293184 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\tia_111g_libcrypto64.dll
2020-11-09 17:46 - 2020-11-09 17:46 - 000657408 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\tia_111g_libssl64.dll
2020-11-13 16:34 - 2020-11-13 16:34 - 000028112 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\imageformats\qsvg.dll
2020-11-13 16:34 - 2020-11-13 16:34 - 000506832 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\imageformats\qwebp.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk:D689419597 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick.lnk:E55F1CDA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022.lnk:F94DB65675 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk:C2E9D79AC5 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7626]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin;C:\Program Files (x86)\Common Files\Siemens\Bin;C:\Program Files (x86)\Common Files\Siemens\CommonArchiving;C:\Program Files (x86)\Common Files\Siemens\ACE\Bin;C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\Interfaces;C:\Program Files (x86)\Common Files\Siemens\;C:\Program Files (x86)\Common Files\Siemens\Interfaces;C:\Program Files (x86)\Common Files\Siemens\ACE\Interfaces;C:\Program Files\dotnet\;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-598124734-1471702195-2874904135-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pepík\Pictures\Tapeta.png
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\themea\img20.jpg
HKU\S-1-5-21-598124734-1471702195-2874904135-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\DesktopSpotlight\Assets\Images\image_0.jpg
HKU\S-1-5-80-2555387271-2328369182-3224626408-3133069167-1886171667\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Ethernet 4: VirtualBox Host-Only Ethernet Adapter -> VBoxNetAdp6.sys
OpenVPN Connect DCO Adapter: OpenVPN Data Channel Offload -> ovpn-dco.sys
Připojení k místní síti: TAP-Windows Adapter V9 for OpenVPN Connect -> tap_ovpnconnect.sys

oracle_VBoxNetLwf: VirtualBox NDIS6 Bridged Networking Driver
s7PnDiscoveryDriver: PROFINET IO protocol (DCP/LLDP)
Siem_ISOTrans: SIMATIC Industrial Ethernet (ISO)
SI_SNPNIO: PROFINET IO RT-Protocol V2.3

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "INZONE Hub.lnk"
HKLM\...\StartupApproved\Run: => "DubbingAI"
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\StartupApproved\Run: => "Rapture Keyboard"
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\StartupApproved\Run: => "Opera GX Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{5A0E4CA6-6B95-4A13-83F6-2F6E92A3C11B}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{94577811-1020-4C86-A890-0B65724BA899}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6872F4ED-426B-4522-9859-FAA58D8D4074}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-21.0.61-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-21.0.61-windows-x64\bin\java.exe
FirewallRules: [TCP Query User{261E0ADC-13BD-46ED-AEB9-BD702486FA38}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-21.0.61-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-21.0.61-windows-x64\bin\java.exe
FirewallRules: [{3C1B078F-2E2A-41C6-A126-55CFC58BE2EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{B6C4F5A9-1551-48F8-B466-5CBB2E791E72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{14F1D773-C81A-487B-A624-31434D8CB300}C:\users\pepík\appdata\local\wemod\app-10.3.0\wemod.exe] => (Block) C:\users\pepík\appdata\local\wemod\app-10.3.0\wemod.exe => No File
FirewallRules: [TCP Query User{231C10EC-A31F-4FE9-B819-F6911B9F3566}C:\users\pepík\appdata\local\wemod\app-10.3.0\wemod.exe] => (Block) C:\users\pepík\appdata\local\wemod\app-10.3.0\wemod.exe => No File
FirewallRules: [UDP Query User{B719D1E1-14B1-4F5A-9165-D7C1CA30B4DA}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [TCP Query User{896D316C-81E9-4B6D-AEB3-EC35FA54DD86}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [UDP Query User{A9E0198B-6B85-4E2D-B150-D7D49610B008}C:\users\pepík\appdata\local\wemod\app-10.0.0\wemod.exe] => (Block) C:\users\pepík\appdata\local\wemod\app-10.0.0\wemod.exe => No File
FirewallRules: [TCP Query User{FBC20D1B-7CDB-49ED-9B40-12D5A520E785}C:\users\pepík\appdata\local\wemod\app-10.0.0\wemod.exe] => (Block) C:\users\pepík\appdata\local\wemod\app-10.0.0\wemod.exe => No File
FirewallRules: [{B82B9808-5DFE-4835-AF0E-FA2E9A4CB1C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jaded\Jaded.exe () [File not signed]
FirewallRules: [{E6961514-1185-48FB-8B0D-4B370DB45361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jaded\Jaded.exe () [File not signed]
FirewallRules: [UDP Query User{2E34CD25-174F-42F7-9371-25628BA6D717}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe
FirewallRules: [TCP Query User{FAA746DC-61CC-4555-9AA4-992DA91FD050}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe
FirewallRules: [{6FF9B3CC-D81E-480F-A777-272EBE4CA9BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO City Undercover\LEGOLCUR_DX11.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{F6B0AED6-5CD5-4C2A-81A1-5E0338363009}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO City Undercover\LEGOLCUR_DX11.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{4813BBCF-2FAA-49A4-9F7A-909D446D2C12}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.exe (Musecy SM Ltd. -> Muse)
FirewallRules: [UDP Query User{01991D65-4709-4F7F-81E2-F234A9802E81}C:\program files (x86)\steam\steamapps\common\trans-siberian railway simulator prologue\trainprologue\binaries\win64\train-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\trans-siberian railway simulator prologue\trainprologue\binaries\win64\train-win64-shipping.exe => No File
FirewallRules: [TCP Query User{CD03E070-8972-452B-9C9C-CCCBFA1DBD5E}C:\program files (x86)\steam\steamapps\common\trans-siberian railway simulator prologue\trainprologue\binaries\win64\train-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\trans-siberian railway simulator prologue\trainprologue\binaries\win64\train-win64-shipping.exe => No File
FirewallRules: [{D5B2FF2A-3CE4-4DA2-87A5-BA42039FFD90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief Simulator\thief.exe () [File not signed]
FirewallRules: [{897640FC-0DBF-44BA-93FD-66584B6D2ABB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief Simulator\thief.exe () [File not signed]
FirewallRules: [{DDF17979-F5ED-4ECE-842F-F28EF1A8302D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Happyhills Homicide\TheHappyHillsHomicide.exe (Copperbolt) [File not signed]
FirewallRules: [{1FD18F0C-E104-45FF-9461-ED97337B8C3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Happyhills Homicide\TheHappyHillsHomicide.exe (Copperbolt) [File not signed]
FirewallRules: [{85F52D0E-1941-41DA-9E80-385BF69DDF9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{AA2E7C1F-448E-488D-AF27-C0E5CC907ADA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{28DEAC18-5C2A-45C3-B39D-FCF280D32E3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trucker\Star Trucker.exe () [File not signed]
FirewallRules: [{F955B036-344B-4EE4-8B0E-C50B492A09A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trucker\Star Trucker.exe () [File not signed]
FirewallRules: [UDP Query User{8DB68085-AD3D-42CB-B0BA-E1C205E9CEAB}C:\users\pepík\appdata\local\programs\edex-ui\edex-ui.exe] => (Block) C:\users\pepík\appdata\local\programs\edex-ui\edex-ui.exe (Gabriel 'Squared' SAILLARD) [File not signed]
FirewallRules: [TCP Query User{3AF01BA1-6622-4562-BF56-6E95FD925B58}C:\users\pepík\appdata\local\programs\edex-ui\edex-ui.exe] => (Block) C:\users\pepík\appdata\local\programs\edex-ui\edex-ui.exe (Gabriel 'Squared' SAILLARD) [File not signed]
FirewallRules: [UDP Query User{03FC48C2-7673-49EF-80BB-89CE9D87BBD8}C:\users\pepík\appdata\local\warthunder\win64\cefprocess.exe] => (Block) C:\users\pepík\appdata\local\warthunder\win64\cefprocess.exe (GAIJIN NETWORK LTD -> )
FirewallRules: [TCP Query User{A7FE8496-EAAF-4A0E-B34D-667548F4BC30}C:\users\pepík\appdata\local\warthunder\win64\cefprocess.exe] => (Block) C:\users\pepík\appdata\local\warthunder\win64\cefprocess.exe (GAIJIN NETWORK LTD -> )
FirewallRules: [UDP Query User{41F033BA-C468-448C-9780-B1A72C153E87}C:\xboxgames\microsoft flight simulator 2024\content\flightsimulator2024.exe] => (Allow) C:\xboxgames\microsoft flight simulator 2024\content\flightsimulator2024.exe => No File
FirewallRules: [TCP Query User{E9FD5916-8AE1-4785-97DF-B1F927C4787A}C:\xboxgames\microsoft flight simulator 2024\content\flightsimulator2024.exe] => (Allow) C:\xboxgames\microsoft flight simulator 2024\content\flightsimulator2024.exe => No File
FirewallRules: [UDP Query User{0B367ADF-FB62-4FE6-9FAA-1DA8D68D8AC6}C:\program files (x86)\steam\steamapps\common\excalibur\needforspeedunbound.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\excalibur\needforspeedunbound.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{BE8B343E-271C-48FA-80DE-563AD23E5740}C:\program files (x86)\steam\steamapps\common\excalibur\needforspeedunbound.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\excalibur\needforspeedunbound.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{4F558E37-6D35-41EB-A1D8-17930C730E2C}C:\program files (x86)\steam\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe (stillalive studios GmbH) [File not signed]
FirewallRules: [TCP Query User{926871D9-26C3-48A9-A5BB-98C8CCEB26A9}C:\program files (x86)\steam\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe (stillalive studios GmbH) [File not signed]
FirewallRules: [{A4DC6457-5540-4348-929C-B05E1ECED7A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [{D6BA7124-206A-48BB-A6CF-C38F947CA77F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [UDP Query User{5FE47813-0EE8-402B-9650-E4506E1860BD}C:\users\pepík\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\pepík\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{0C7741D4-EA30-491C-A695-B5CBD4579874}C:\users\pepík\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\pepík\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{2375E63A-5680-4F0F-9513-29A4C687C411}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{FFC9AD03-ABE6-4F13-8D54-816EDB58626F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{10887CEE-DEA3-4772-9A4C-EE544F25B7A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed]
FirewallRules: [{62A363AA-A27F-44D4-BABB-2BF2523F22C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed]
FirewallRules: [UDP Query User{CC6F67EC-5B37-4077-A456-6FA95335C98A}C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{8B9B4383-601F-448F-BE05-67D6017B8969}C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{09650952-5AAA-4C68-B978-674FD59CF411}C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe] => (Allow) C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe
FirewallRules: [TCP Query User{7E5C6923-B054-4942-91CD-551D6C562C10}C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe] => (Allow) C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe
FirewallRules: [UDP Query User{70684BEF-14E3-482C-9DE9-C179AF486AB3}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe
FirewallRules: [TCP Query User{16A8611A-CD19-479E-B91E-21D437386E18}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe
FirewallRules: [UDP Query User{E860EF5B-150C-40ED-B11F-20F4187E7137}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{A3A1C7BE-1F48-49FC-B41B-87AF0B650AEC}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{9C77EA09-1255-42BC-B9D1-CA495137B542}C:\users\pepík\appdata\roaming\atlauncher\jre\bin\javaw.exe] => (Allow) C:\users\pepík\appdata\roaming\atlauncher\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1AFCB61E-3CE1-4121-B51F-30150EF62E02}C:\users\pepík\appdata\roaming\atlauncher\jre\bin\javaw.exe] => (Allow) C:\users\pepík\appdata\roaming\atlauncher\jre\bin\javaw.exe
FirewallRules: [UDP Query User{84C438FE-1C15-4D79-84FC-422FC119D1CF}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [TCP Query User{1C3D001E-CA84-472B-B05E-0ABADF2FDBC7}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [UDP Query User{0209CFD9-73BB-4BB8-8228-BD22EF640705}C:\users\kubík\appdata\local\crossout\launcher.exe] => (Allow) C:\users\kubík\appdata\local\crossout\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{D49F04DE-5C72-40EF-995B-C28C292F7837}C:\users\kubík\appdata\local\crossout\launcher.exe] => (Allow) C:\users\kubík\appdata\local\crossout\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [UDP Query User{D043DFDB-900B-449A-BECC-5C1513E95561}C:\users\kubík\appdata\local\medal\app-4.2481.0\medal.exe] => (Allow) C:\users\kubík\appdata\local\medal\app-4.2481.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [TCP Query User{C15E1F69-E0FA-4C2A-B7C0-0169FF6F07EB}C:\users\kubík\appdata\local\medal\app-4.2481.0\medal.exe] => (Allow) C:\users\kubík\appdata\local\medal\app-4.2481.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [UDP Query User{E59DDD40-44D3-40E7-9814-6F8E8AF4B0B1}C:\users\kubík\appdata\local\discord\app-1.0.9156\discord.exe] => (Block) C:\users\kubík\appdata\local\discord\app-1.0.9156\discord.exe => No File
FirewallRules: [TCP Query User{0A21380E-4539-48DE-897F-464A3AB9D3D6}C:\users\kubík\appdata\local\discord\app-1.0.9156\discord.exe] => (Block) C:\users\kubík\appdata\local\discord\app-1.0.9156\discord.exe => No File
FirewallRules: [{6B093CD5-A987-40C0-AF87-9A14D32C9BF3}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{56AA3C96-D1A6-4241-A511-90624748C160}] => (Allow) LPort=9009
FirewallRules: [{C1CA235E-E653-4737-B36A-AACD95D2735A}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCUsrAcv.exe (Siemens AG -> Siemens AG)
FirewallRules: [{8E1875B5-2BA0-4C04-BDDF-4533FB9E4D47}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCDmRtChannelHost.exe (SIEMENS AG -> Siemens AG)
FirewallRules: [{C3E89CB7-648E-491A-AE1B-C54A4032962C}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCRtsLoader.exe (SIEMENS AG -> Siemens AG)
FirewallRules: [{F627D9D8-3D29-4C9B-B7A6-0454BD44E38E}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCOnlCmp.exe (SIEMENS AG -> Siemens AG)
FirewallRules: [{278B24C3-76BB-4732-ACCD-9DF61F0084E8}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCProjectMgr.exe (Siemens AG -> Siemens AG)
FirewallRules: [{B8686CEC-CE46-4AC4-8C33-F5D0F9EF09EF}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E40770EF-F72A-48EC-9766-654637BDDE62}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{47B98513-B60C-483D-8D8F-A8705E3400B6}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{3AB6E8DB-A9A8-4D73-9B67-695270A5EC9C}] => (Allow) C:\Program Files\Siemens\Automation\UserManagement\Bin\um.ssrem.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{E3989F70-F6E4-4E78-BA5B-A4DAC47772C0}] => (Allow) C:\Program Files\Siemens\Automation\UserManagement\Bin\um.ris.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{288B8609-FCAC-4749-83E2-2BD38AF7D6F3}] => (Allow) C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\ScsServer.exe (Siemens AG -> )
FirewallRules: [{C2CDECB4-A68A-47E5-9C05-CA0A80DD8343}] => (Allow) C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\SmartServer.exe (Siemens AG -> Siemens AG)
FirewallRules: [{8E8685B6-4566-472E-9668-A14FCC5A8A60}] => (Allow) C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\MiniWeb.exe (Siemens AG -> Siemens AG)
FirewallRules: [{40110F11-7607-4E7B-B773-C2CD0C6CB841}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\ACE\Bin\CCEServer_x64.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{C871448F-5CD0-4477-9AB7-DA31E6C01C3A}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\ACE\Bin\RedundancyControl.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{875A7B82-EF7E-4F65-BBB2-DF26A3FC0FB9}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\ACE\Bin\CCAgent.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{090134D6-4768-4E67-9710-B068E250A651}] => (Allow) LPort=9009
FirewallRules: [{BD774D33-363A-4FF0-9E06-D27F6BC1E49C}] => (Allow) LPort=9009
FirewallRules: [{E2303FDF-37FE-4CE8-BD9F-D7C72CA77E2E}] => (Allow) LPort=9009
FirewallRules: [{59183F92-6577-43DF-BC84-8395F0865CD1}] => (Allow) LPort=9009
FirewallRules: [{4C619DD7-FB25-41A6-A905-63085CB68C25}] => (Allow) LPort=9009
FirewallRules: [{0C9C6228-88DB-4F89-BC8B-BF5774674217}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{9A328B75-8243-4794-A92F-19D2E6E3957A}C:\program files\epic games\destiny2\destiny2.exe] => (Allow) C:\program files\epic games\destiny2\destiny2.exe => No File
FirewallRules: [TCP Query User{5B6A56C3-A5C3-4BD1-9214-6EB548826EFD}C:\program files\epic games\destiny2\destiny2.exe] => (Allow) C:\program files\epic games\destiny2\destiny2.exe => No File
FirewallRules: [{733B0A37-134C-4446-8713-A992B006330B}] => (Allow) LPort=9009
FirewallRules: [{A6879070-97F5-4F11-A330-3A552CB5F9F5}] => (Allow) LPort=9009
FirewallRules: [{D6D859FF-CB21-415E-8508-E897E4EF6B98}] => (Allow) LPort=9009
FirewallRules: [{794EC4A0-F0CA-4DE2-9947-95E42E3C5AD6}] => (Allow) LPort=9009
FirewallRules: [{CEFE9D23-17C7-46B4-B771-03ECA578FD90}] => (Allow) LPort=9009
FirewallRules: [{DB2EEB0B-5811-415B-B45A-B5288454870F}] => (Allow) LPort=9009
FirewallRules: [{3E713B66-8DCC-4D02-9186-1ADC2BB9D533}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{EF3970EA-E3D2-468F-A453-8043C3106ECB}C:\ebpro\easybuilder pro.exe] => (Allow) C:\ebpro\easybuilder pro.exe (Weintek Labs., Inc.) [File not signed]
FirewallRules: [TCP Query User{C336F28F-4D01-4992-AC2C-A8766543E3E1}C:\ebpro\easybuilder pro.exe] => (Allow) C:\ebpro\easybuilder pro.exe (Weintek Labs., Inc.) [File not signed]
FirewallRules: [UDP Query User{22516F46-9870-42C0-AF7B-322576FE92A8}C:\ebpro\gui_e30.exe] => (Allow) C:\ebpro\gui_e30.exe () [File not signed]
FirewallRules: [TCP Query User{6D9CD470-7227-4763-BB77-D590111846A9}C:\ebpro\gui_e30.exe] => (Allow) C:\ebpro\gui_e30.exe () [File not signed]
FirewallRules: [UDP Query User{63106E61-74A0-4FC9-9851-F136CE2DF512}C:\ebpro\com_e30.exe] => (Allow) C:\ebpro\com_e30.exe () [File not signed]
FirewallRules: [TCP Query User{E8FC303C-12F0-4300-91B3-0A21E82E0E65}C:\ebpro\com_e30.exe] => (Allow) C:\ebpro\com_e30.exe () [File not signed]
FirewallRules: [{8F17CBA3-FD68-44E3-8223-B23CFBCEA2D0}] => (Allow) LPort=9009
FirewallRules: [{ED34D941-C557-4B14-94E0-3AA2E3403635}] => (Allow) LPort=9009
FirewallRules: [{F082E317-1F23-46D2-A349-E341A25ED829}] => (Allow) LPort=9009
FirewallRules: [{7D8CC00E-E198-4AAE-9F89-B23E1419F252}] => (Allow) LPort=9009
FirewallRules: [{B6F28DB6-1EAF-40BD-A3C5-604C0CBFC5D4}] => (Allow) LPort=9009
FirewallRules: [{783E592C-4F47-4D1C-A685-077ED6ECD189}] => (Allow) LPort=9009
FirewallRules: [{A74AC1E7-CFBF-4D0B-B116-39A40A13727B}] => (Allow) LPort=9009
FirewallRules: [{78FC3395-A4AB-4AD5-948C-842CB8AACE8E}] => (Allow) LPort=9009
FirewallRules: [{461F62BF-0340-44CD-8880-383B6FC3B732}] => (Allow) LPort=9009
FirewallRules: [{249AF734-0D0B-4BC4-B022-1249188716E9}] => (Allow) LPort=9009
FirewallRules: [{82DFCDAE-DF69-4E2B-8CD8-62F0CA33FD01}] => (Allow) LPort=9009
FirewallRules: [{F9BA619B-F7DC-4E29-8FF4-FBBD634BC3B9}] => (Allow) LPort=9009
FirewallRules: [{B05F23AC-61B7-4BB6-8BCD-4E825CCCCDDA}] => (Allow) LPort=9009
FirewallRules: [{4A2A28A6-8BA9-4324-8E87-289524C19505}] => (Allow) LPort=9009
FirewallRules: [{4542CD90-843C-4596-BD5B-CCA273A40CCB}] => (Allow) LPort=9009
FirewallRules: [{B14E0BE4-52DD-49C7-8DDC-D8C5C175B34C}] => (Allow) LPort=9009
FirewallRules: [{15C59F01-8DB0-4CD1-98CD-1968579A347C}] => (Allow) LPort=9009
FirewallRules: [{60EBE848-DEC5-400C-9762-46EB714753D6}] => (Allow) LPort=9009
FirewallRules: [{0DA774EF-7B4A-4E9A-B8D9-4575CB07EAF8}] => (Allow) LPort=9009
FirewallRules: [{942CC150-7129-495A-BD6B-967660109BBA}] => (Allow) LPort=9009
FirewallRules: [{7CD28C39-C4D7-43FD-813C-FF856205FA48}] => (Allow) LPort=9009
FirewallRules: [{24D62E4E-98F7-449F-BA02-A80AC982E8DA}] => (Allow) LPort=9009
FirewallRules: [{D7941024-7D8C-4EC4-B7F1-D39491767DA8}] => (Allow) LPort=9009
FirewallRules: [{1D82C164-A154-4833-B924-9C13764CA5E3}] => (Allow) LPort=9009
FirewallRules: [{3B0EB37C-C22B-4FF4-9F50-9376C04C20BA}] => (Allow) LPort=9009
FirewallRules: [{A378E831-1578-4D1C-9B72-F0952F0DF23B}] => (Allow) LPort=9009
FirewallRules: [{E55B1AE5-04BC-4A32-87AB-A237E71325D5}] => (Allow) LPort=9009
FirewallRules: [{F1D21679-9983-49F8-9712-DCC9FD39B95A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{EBFF7637-5B29-4389-A9BE-B96F3CF229DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{DE2DDED0-33D5-43F8-9388-A1996576BEA8}] => (Allow) LPort=9009
FirewallRules: [{6FE30D44-7718-4E38-8C97-BA1FE18B8159}] => (Allow) LPort=9009
FirewallRules: [{BE63CDD8-9C4D-4931-9B30-E568F7A442DB}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{D97A08EF-68A2-44A5-9EDE-639BFB20A568}C:\users\kubík\appdata\local\modernwarships\launcher.exe] => (Allow) C:\users\kubík\appdata\local\modernwarships\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{8FC7AC1F-604F-42E2-B9F9-A89A80A744E0}C:\users\kubík\appdata\local\modernwarships\launcher.exe] => (Allow) C:\users\kubík\appdata\local\modernwarships\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{57F8B9C5-2AE9-4407-A5FC-C62FC759496D}] => (Allow) LPort=9009
FirewallRules: [{820CBAFC-F284-422D-B0D7-4D46448CC068}] => (Allow) LPort=9009
FirewallRules: [{A901510F-8293-46B9-85D6-857E55538B9C}] => (Allow) LPort=9009
FirewallRules: [{5B0F8038-C70D-4B04-8A4E-2ADA85FA61E1}] => (Allow) LPort=9009
FirewallRules: [{82D9C7BE-E95F-46D7-A366-3D466A93638B}] => (Allow) LPort=9009
FirewallRules: [{7FE536A7-70DF-49A8-BF0C-B442292D2698}] => (Allow) LPort=9009
FirewallRules: [{B9AED2EB-3478-4656-A172-F94D0EE68716}] => (Allow) LPort=9009
FirewallRules: [{1A2C5269-6D8A-4B59-9475-8F947A447547}] => (Allow) LPort=9009
FirewallRules: [{8F1C2F65-7384-4258-8D26-35CCB7AE46B7}] => (Allow) LPort=9009
FirewallRules: [{02FCBFC6-EF21-4C72-9E5B-5520CC35FA7B}] => (Allow) LPort=9009
FirewallRules: [{49E7C202-BE15-476E-B89A-D35C82C08CB8}] => (Allow) LPort=9009
FirewallRules: [{68FA73A4-851E-42EC-97B9-4F3A30B0A84B}] => (Allow) LPort=9009
FirewallRules: [{6A20D1CE-856A-4B8E-98B7-4C57990517AE}] => (Allow) LPort=9009
FirewallRules: [{80DC631B-BA33-4F1F-B5E6-919BF6D12A2D}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe => No File
FirewallRules: [{D4156EFF-8151-4212-B609-3794A59349F5}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe => No File
FirewallRules: [UDP Query User{8A2B8657-DF16-4F55-80C8-76E767927F93}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => No File
FirewallRules: [TCP Query User{057A6F06-D3BD-46C1-B1C6-6BEFBD558C81}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => No File
FirewallRules: [{188B7497-D1B8-4FAD-A6F0-AC7253665696}] => (Allow) LPort=9009
FirewallRules: [{700BDF8E-70AB-415E-9746-1A9C30E59D00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{820DA580-0848-4BCE-AD41-79BD00143D3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{F04512F3-FAFB-43E0-A874-1186CD1E307D}] => (Allow) LPort=9009
FirewallRules: [{4B39D840-D4F3-459A-B65D-D25DE1BBB339}] => (Allow) LPort=9009
FirewallRules: [{936E948F-689A-4A72-BD7F-A45A977C238C}] => (Allow) LPort=9009
FirewallRules: [{8BBEBBA4-CC05-485F-925A-906EEAA3C8FB}] => (Allow) LPort=9009
FirewallRules: [{CED93CBE-F707-4BF5-83A2-B7986E26017C}] => (Allow) LPort=9009
FirewallRules: [{4689EFE5-5D78-4CB4-B3B3-DA990B6D579B}] => (Allow) LPort=9009
FirewallRules: [{A3096F31-E5A6-4CA5-832E-EFD6AEDF3A72}] => (Allow) LPort=9009
FirewallRules: [{AFB22C35-4F73-425A-AF4F-A970CFBA6E9B}] => (Allow) LPort=9009
FirewallRules: [{62E8F9DA-4E18-4760-AC70-B56555E17F4D}] => (Allow) LPort=9009
FirewallRules: [{0AFD8B91-1C91-427F-9F25-D05D907F17C7}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{47CCC0E4-6F5F-476D-8CE9-75652170F515}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{B692742A-51E9-471A-8757-6D4ED48E1310}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{8D298AE1-A632-4728-AE7D-71EF8C471101}C:\users\pepík\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\pepík\appdata\local\warthunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{3D1279B3-DC0D-4C0A-8920-823DD6A780EC}C:\users\pepík\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\pepík\appdata\local\warthunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [{287AC738-BC66-465E-9547-AD3D938B5AB4}] => (Allow) LPort=9009
FirewallRules: [{689ABA59-22A9-4289-9F2C-C8C81052DE79}] => (Allow) LPort=9009
FirewallRules: [{A31CD135-4A0A-45B1-9D08-C3782466805B}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{B9B8968A-BC43-41F0-B8E9-12EA830F60C5}C:\users\pepík\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\pepík\appdata\local\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{63EEA360-C850-4B18-A426-5C069EF8891B}C:\users\pepík\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\pepík\appdata\local\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{23400821-B1D8-475D-B767-F6B149713DC4}] => (Allow) LPort=9009
FirewallRules: [{E1E06319-70D1-47E9-842D-07997F24F9C4}] => (Allow) LPort=9009
FirewallRules: [{DB747F09-0942-4556-9A9A-BA5C20478D1E}] => (Allow) LPort=9009
FirewallRules: [{D8098B16-F925-4FAD-886B-4BE602C00D6B}] => (Allow) LPort=9009
FirewallRules: [{FD8E7144-78E7-4877-A959-AA612E177B88}] => (Allow) LPort=9009
FirewallRules: [{C404E07B-17FD-4969-B647-55F815CCDB26}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{FC440CC3-FAD2-4C68-B669-4D3635381768}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{1ECAE770-090A-4F06-A9D0-E2FA24B87B57}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{1056FD65-474C-49A6-AA14-2A17BE9DB05E}] => (Allow) LPort=9009
FirewallRules: [{F5CAC198-453B-40A8-A4AD-ED7134DD5FE8}] => (Allow) LPort=9009
FirewallRules: [{4ACB79E2-0B9D-4B98-9467-1EA817C13728}] => (Allow) LPort=9009
FirewallRules: [{13E80A41-F982-48B5-A1E2-F20E6E431C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{3B32D62E-7FCB-4528-9183-5F369E77F543}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{42CC0099-7665-4CA6-91BB-DA38398D3A0A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{607A9327-E614-4824-9C35-9E5D48E43EAC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3E22CA6B-BDD9-4C3C-AD65-849A7F29975C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A5EB07D7-2DBA-4573-AE44-837E401984B6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{53721F09-C883-4EEC-810F-2729C7E4D69B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe => No File
FirewallRules: [{01B61581-8376-46F2-9164-77C7B562E663}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe => No File
FirewallRules: [{B720ED07-C121-4B1D-A1EC-22F5ED21631E}] => (Allow) LPort=9009
FirewallRules: [{073DB76D-17D5-4324-9F65-D9EE9FDCB087}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe => No File
FirewallRules: [{40364FBC-1055-4E13-8E3F-389150C57711}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe => No File
FirewallRules: [{DF521FEF-A392-44F4-82E3-8A4BFEF4D7D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parcel Simulator Demo\parcel.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6E15A088-56B0-487E-8A2C-EBB736840B86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parcel Simulator Demo\parcel.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2EA4DF39-C78A-4273-8CB7-CF356D80C00E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One-armed robber\OAR.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{4FE64261-2999-46CA-A57B-C92F1B5A2C09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One-armed robber\OAR.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{EE8194D6-0619-4F61-A94D-50CD6F284764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (CD PROJEKT S.A. -> CD Projekt RED)
FirewallRules: [{57DBFE6C-D99D-4CFE-8969-27C00DE30F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (CD PROJEKT S.A. -> CD Projekt RED)
FirewallRules: [TCP Query User{8F8173FA-7562-4316-B27E-4811E62D627C}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT S.A. -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{FBC1B40D-C401-4473-94AE-797A2DC0FB97}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT S.A. -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{7B0F8911-8B57-4375-BE78-7E738E17E970}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{F9A69BC1-7A89-42AC-9A3E-49000A08B5F2}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{0991304D-529D-426F-AF06-B1E2A6B31858}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D013C412-72D0-42BC-BEA4-3639F4413BD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6117629-EF34-4082-A335-D91F19B57995}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E41C346A-8618-47CF-BBF6-379D49D4F80F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8D8AF6C0-0593-4952-8AE6-E69474209579}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{978C138F-1FC2-4B18-827E-3D0253D5532D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AC6B7E05-D6A6-4C7B-BD9C-D36B343B2852}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8580ED8E-A1C9-4284-802F-8CA91C1767A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A80AA440-D7EA-44CA-8521-DCDBEF237AEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F61CE2B4-548B-4F3B-A950-DCFE8553BE2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B097C377-83B7-4292-8D03-9240E7C27E8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus World\Bus World.exe () [File not signed]
FirewallRules: [{3E5EC7F3-DA75-4A8F-A39B-136060A07C00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus World\Bus World.exe () [File not signed]
FirewallRules: [{CB5A3F1B-B7E3-4479-BFFA-9FED70030BFE}] => (Allow) C:\Program Files (x86)\Overwolf\0.273.0.22\OverwolfBrowser.exe => No File
FirewallRules: [{F5ACD6DA-F2AE-4CEF-9AF2-6DE3DB71282D}] => (Allow) C:\Program Files (x86)\Overwolf\0.273.0.22\OverwolfBrowser.exe => No File
FirewallRules: [{6E36D6B1-2EE3-4283-9B2F-9417AF0DC6A7}] => (Block) C:\Program Files (x86)\Overwolf\0.273.0.22\OverwolfBrowser.exe => No File
FirewallRules: [{CAC18941-4882-4AAC-A42F-B27C3A2D493F}] => (Block) C:\Program Files (x86)\Overwolf\0.273.0.22\OverwolfBrowser.exe => No File
FirewallRules: [{1B777B81-3243-4FD8-B4F0-F3CA6A830D66}] => (Allow) C:\Program Files (x86)\Overwolf\0.273.1.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2D5D76A1-FCD4-4C2E-B428-279E729DF0DF}] => (Allow) C:\Program Files (x86)\Overwolf\0.273.1.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{08184695-9B4F-4E4C-83B3-B291A2A1DC2D}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{28DB47F4-211E-4441-A162-7C30A6F335A6}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{5F5F6F45-658D-4588-B6ED-6087436CFE1E}] => (Allow) C:\Users\Kubík\AppData\Local\Programs\Opera GX\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{1A8CBE31-04F7-434D-99FB-6D494CDD51BF}C:\users\kubík\appdata\local\medal\app-4.2699.0\medal.exe] => (Allow) C:\users\kubík\appdata\local\medal\app-4.2699.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [UDP Query User{9DEA94D0-E1C2-418C-B888-FA425CF7A918}C:\users\kubík\appdata\local\medal\app-4.2699.0\medal.exe] => (Allow) C:\users\kubík\appdata\local\medal\app-4.2699.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [{A27E9D9B-F7DB-4829-BC8E-933180F38612}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A804A358-5336-4B4D-8C09-1F4914418C66}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2685D7D2-18D3-43A1-B52B-401612DDB4E0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A6C24798-5B8F-4319-8F15-B785581F38D3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{20DEFBE8-2326-48B9-B981-267D4E38CBA5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F6515CD8-82DE-4F87-88D7-9890211276D3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{293B4796-61BF-4532-9C80-2FF46AE7DE56}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{68F34BC2-20E9-410D-BA36-F1C10CE3198A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{27A16BF6-618A-4BCD-8E04-F561B3DA437B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D3381460-F64E-4E23-B7FD-729C1DD0315C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E2503324-4339-4D3E-81BD-DDA3942FFC9B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3C439A24-3235-40CE-BF63-96F4F7DF974E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B478C066-983F-41DC-B843-CAE6363A4987}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6D3ED014-C38D-4A9D-96CE-DD76241753EA}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9C53D0B6-CE53-4080-98AC-A94F6A54F67E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{803C4672-EFA8-4E03-9B2C-5C69151981BE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/13/2025 10:04:45 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/12/2025 10:29:03 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/12/2025 05:30:22 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 11.2501.31.0 programu Notepad.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (04/11/2025 09:39:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (04/11/2025 09:39:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (04/11/2025 09:39:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/11/2025 09:39:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/11/2025 09:39:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..


System errors:
=============
Error: (04/13/2025 10:07:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/13/2025 10:07:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (04/13/2025 10:06:40 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {08728914-3F57-4D52-9E31-49DAECA5A80A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/13/2025 10:06:40 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {08728914-3F57-4D52-9E31-49DAECA5A80A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/13/2025 10:06:40 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {08728914-3F57-4D52-9E31-49DAECA5A80A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/13/2025 10:05:15 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ovladač zjistil interní chybu ovladače na \Device\VBoxNetLwf.

Error: (04/13/2025 10:04:47 AM) (Source: rt68cx21) (EventID: 9) (User: )
Description: Realtek PCIe GbE Family Controller is reset by tx hang.

Error: (04/13/2025 10:04:45 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.


Windows Defender:
================
Date: 2025-04-12 18:33:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan

Date: 2025-04-12 18:21:18
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Pepík\AppData\Local\Microsoft\Windows\INetCache\IE\56OGIRER\Rainmeter-4.5.22[1].exe; file:_C:\Users\Pepík\AppData\Roaming\Rainmeter\Updates\Rainmeter-4.5.22.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Rainmeter\Rainmeter.exe
Security intelligence Version: AV: 1.427.216.0, AS: 1.427.216.0, NIS: 1.427.216.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1

Date: 2025-04-12 18:21:18
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Pepík\AppData\Roaming\Rainmeter\Updates\Rainmeter-4.5.22.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Rainmeter\Rainmeter.exe
Security intelligence Version: AV: 1.427.216.0, AS: 1.427.216.0, NIS: 1.427.216.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1

Date: 2025-04-12 14:42:59
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Pepík\AppData\Local\Microsoft\Windows\INetCache\IE\DF5KYRJA\Rainmeter-4.5.22[1].exe
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\Pepík\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Security intelligence Version: AV: 1.427.216.0, AS: 1.427.216.0, NIS: 1.427.216.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1

Date: 2025-04-12 13:52:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]

Date: 2025-04-01 12:17:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.425.351.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2025-04-01 12:17:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.425.351.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80240022
Error description: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2025-04-13 10:05:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Pepík\AppData\Local\Discord\app-1.0.9188\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.273.1.4\OWClient.dll that did not meet the Microsoft signing level requirements.

Date: 2025-04-13 10:05:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Pepík\AppData\Local\Discord\app-1.0.9188\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.273.1.4\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. F1 12/07/2022
Motherboard: Gigabyte Technology Co., Ltd. B550M DS3H AC
Processor: AMD Ryzen 5 5600 6-Core Processor
Percentage of memory in use: 54%
Total physical RAM: 16307.68 MB
Available physical RAM: 7483.57 MB
Total Virtual: 32615.37 MB
Available Virtual: 21178.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:952.92 GB) (Free:34.82 GB) (Model: XPG GAMMIX S11 Pro) NTFS

\\?\Volume{0cd7bec1-4e17-4c4f-8f2e-006e9157ed10}\ () (Fixed) (Total:0.83 GB) (Free:0.27 GB) NTFS
\\?\Volume{43c79ce8-5c73-47d7-aa67-3b05e829eb8b}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15576
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#3 Příspěvek od JaRon »

Ahoj,
v pripade Wacatac doporucujem PC prescanovat s Avptool/kvrt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Jenda297
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 dub 2025 07:36

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#4 Příspěvek od Jenda297 »

Vyčištěno CCleanerem + proskenováno AVptoolem => výsledek bez hlášení o infikování jakéhokoliv souboru
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15576
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#5 Příspěvek od JaRon »

Pouzi fixlist.txt s obsahom:

Start

CloseProcesses:

Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)

S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk:D689419597 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick.lnk:E55F1CDA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022.lnk:F94DB65675 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk:C2E9D79AC5 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7626]


End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Jenda297
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 dub 2025 07:36

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#6 Příspěvek od Jenda297 »

Dobré ráno všem .... fixlist proveden, zasílám nový log. Prosím o kontrolu, děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
Ran by Pepík (administrator) on GAME_PC (Gigabyte Technology Co., Ltd. B550M DS3H AC) (14-04-2025 07:19:19)
Running from C:\Users\Pepík\Desktop\FRST64.exe
Loaded Profiles: Pepík & SQLTELEMETRY$WINCC
Platform: Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe ->) (Siemens AG -> Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\um.ess.exe
(C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\um.Ris.exe
(C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\um.sso.exe
(Discord Inc. -> Discord Inc.) C:\Users\Pepík\AppData\Local\Discord\app-1.0.9188\Discord.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (GAIJIN NETWORK LTD -> Gaijin) C:\Users\Pepík\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(explorer.exe ->) (Rainmeter Team -> Rainmeter) [File not signed] C:\Program Files\Rainmeter\Rainmeter.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\UMTrayIcon.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN Connect\agent_ovpnconnect.exe
(services.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9f05190a2befb920\RtkAudUService64.exe <2>
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\ace\bin\CCAgent.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\ace\bin\CCEServer_x64.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\ace\bin\SCSDistServiceX.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\ace\bin\SCSMX.exe
(services.exe ->) (SIEMENS AG -> Siemens AG) C:\Program Files (x86)\Common Files\Siemens\bin\CCRemoteService.exe
(services.exe ->) (SIEMENS AG -> Siemens AG) C:\Program Files (x86)\Common Files\Siemens\commonarchiving\CCDBUtils.exe
(services.exe ->) (Siemens AG -> Siemens AG) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCProjectMgr.exe
(services.exe ->) (Siemens AG -> Siemens AG) C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\SmartServer.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oPNDiscoveryx64.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(services.exe ->) (SIEMENS AG -> Siemens AG) C:\Program Files\Common Files\Siemens\ETWEventCollector\bin\Siemens.Automation.Tracing.ETW.EventCollector.ServiceHost.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe
(services.exe ->) (Siemens AG -> SoftwareOption GmbH) C:\Program Files\Common Files\Siemens\SimNetCom\TraceConceptX.exe
(services.exe ->) (Siemens AG) [File not signed] C:\Program Files\Common Files\Siemens\TelemetryConnector\bin\Siemens.Simatic.TelemetryConnector.WindowsService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Siemens AG -> Siemens AG) C:\Program Files\Siemens\Automation\TIAADMIN\server\modules\soft\native\TiaAdminNotifier.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2503.1001.9.0_x64__8wekyb3d8bbwe\XboxPcTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25022.57.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(sihost.exe ->) (Musecy SM Ltd. -> Muse) C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.exe
(svchost.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files\Gigabyte\Control Center\GCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2503.1001.9.0_x64__8wekyb3d8bbwe\XboxPcApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2503.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (SIEMENS AG -> Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4143376 2025-03-19] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9f05190a2befb920\RtkAudUService64.exe [2150760 2024-05-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CCUCSurrogate.exe] => C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCUCSurrogate.exe [342536 2023-11-02] (Siemens AG -> )
HKLM-x32\...\Run: [TIAAdminNotifier] => C:\Program Files\Siemens\Automation\TIAADMIN\server\modules\soft\native\TIAAdminNotifier.exe [45064 2022-10-21] (Siemens AG -> Siemens AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-598124734-1471702195-2874904135-1001\...\Run: [MicrosoftEdgeAutoLaunch_3EB89BCE30DDECA22A17FD5E3B8732EE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4418112 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4694624 2025-04-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37357584 2025-04-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Gaijin.Net Updater] => C:\Users\Pepík\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [3067056 2024-02-14] (GAIJIN NETWORK LTD -> Gaijin)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Opera GX Stable] => C:\Users\Pepík\AppData\Local\Programs\Opera GX\opera.exe [1534856 2025-04-04] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Discord] => C:\Users\Pepík\AppData\Local\Discord\Update.exe [1505792 2024-11-25] (Discord Inc.) [File not signed]
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\Pepík\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45875504 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37357584 2025-04-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Discord] => C:\Users\Kubík\AppData\Local\Discord\Update.exe [1525024 2024-02-20] (Discord Inc. -> GitHub)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [74683360 2025-04-01] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1892608 2025-03-31] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Gaijin.Net Updater] => C:\Users\Kubík\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [3067056 2024-02-14] (GAIJIN NETWORK LTD -> Gaijin)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [launcher] => C:\Program Files\Epic Games\WutheringWavesj3oFh\launcher.exe [15345976 2025-02-23] (KURO TECHNOLOGY (HONG KONG) CO., LIMITED -> Guangzhou Kuro Technology)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Medal] => C:\Users\Kubík\AppData\Local\Medal\update.exe [1962856 2025-04-04] (Ferox Games B.V. -> )
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Opera GX Stable] => C:\Users\Kubík\AppData\Local\Programs\Opera GX\opera.exe [1534856 2025-04-04] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Opera GX Browser Assistant] => C:\Users\Kubík\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [Microsoft.Lists] => C:\Users\Kubík\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\Microsoft.SharePoint.exe [1030440 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3786848 2025-04-03] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-598124734-1471702195-2874904135-1004\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981632 2025-04-12] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-598124734-1471702195-2874904135-1004\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [45980192 2024-11-08] (NGWIN Software co. -> NGWIN)
HKLM\Software\...\AppCompatFlags\Custom\Siemens.Automation.Portal.exe: [{479eafda-32b8-47e0-9c89-d68f3b8a098f}.sdb] -> Siemens.Automation.Portal.exe
HKLM\Software\...\AppCompatFlags\InstalledSDB\{479eafda-32b8-47e0-9c89-d68f3b8a098f}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{479eafda-32b8-47e0-9c89-d68f3b8a098f}.sdb [2021-04-21]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.85\Installer\chrmstp.exe [2025-04-11] (Google LLC -> Google LLC)
Startup: C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2025-02-20]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter Team -> Rainmeter) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\INZONE Hub.lnk [2024-12-25]
ShortcutTarget: INZONE Hub.lnk -> C:\Program Files\Sony\INZONE Hub\INZONEHub.exe (Sony Corporation -> Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UMTrayicon.exe [2021-07-08] (SIEMENS AG) [symlink -> C:\Program Files\Siemens\Automation\UserManagement\BIN\UMTrayicon.exe]

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {67627C21-4C89-415A-B47F-9303E3F579A1} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [672064 2023-11-16] (Advanced Micro Devices Inc. -> )
Task: {0971BB87-D6DF-406C-986B-41950AC133DA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {862F5529-36F1-45F5-B993-05FCB87670AC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "46d77ac1-26d4-4cc9-bd51-883249665e59" --version "6.34.0.11482" --silent
Task: {6D2D24F3-CDC2-40D2-A8AA-7E6173312919} - System32\Tasks\CCleanerSkipUAC - Pepík => C:\Program Files\CCleaner\CCleaner.exe [39616304 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {3BC2FA3B-6524-4385-94FA-C008ABA5B2F2} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Pepík\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2025-01-06] (ESET, spol. s r.o. -> ESET)
Task: {07B90453-047D-46AC-9A0A-FD88F6FA7676} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Pepík\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2025-01-06] (ESET, spol. s r.o. -> ESET)
Task: {48D6DAA8-1BD7-4615-BE57-B6096F9142E4} - System32\Tasks\GCC => C:\Program Files\GIGABYTE\Control Center\GCC.exe [35403888 2024-06-27] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) -> C:\Program Files\GIGABYTE\Control Center\\-b
Task: {6225C0B4-11AE-400F-BE56-D3139C196654} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7115.0{16C3833B-C624-4F5A-AB38-2E341650135D} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7115.0\updater.exe [7360096 2025-04-08] (Google LLC -> Google LLC)
Task: {DB48C1A4-1083-4438-800E-95DAC69A4D48} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [255040 2024-10-26] (Microsoft Corporation -> Microsoft)
Task: {67CCD214-A373-4E2B-A450-7FE097A15919} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-04-09] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {E5150FC2-3919-43F2-9812-C82351280297} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {69A96C23-CEBE-4E2A-8989-EF20D84355BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {145D2929-DCA1-4DEF-97D9-B8BEC97CF2AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A5FAADF-1C4C-4930-B409-80EA0DCFBCCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C402A8C-63FF-4126-9D88-FB0F07C6AE79} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3275808 2025-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4584BFDD-A1B9-4898-922C-34E73312EF33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5BD3E26-0FAF-47A5-B3FE-57034F65E5A8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D4BC268-BB9D-4511-8E85-D2A410A10B54} - System32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1002 => C:\Users\Pepík\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C8CD0AA-CF2B-4D16-8F49-0BCFE5709336} - System32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1003 => C:\Users\Kubík\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6CE320E-E2F7-4283-AFD1-8C666867B6C3} - System32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1004 => C:\Users\Honza\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {93532F16-8937-4FAC-8E98-0A85B2F20AF8} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1731093148 => C:\Users\Kubík\AppData\Local\Programs\Opera GX\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kubík\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {B4F64236-D95C-4264-9C1A-ADCD7D61E06A} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1738499635 => C:\Users\Pepík\AppData\Local\Programs\Opera GX\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Pepík\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {206FA742-111B-44F6-8621-2595CDB3A815} - System32\Tasks\Opera GX scheduled Autoupdate 1727636541 => C:\Users\Kubík\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe [5661064 2025-04-03] (Opera Norway AS -> Opera Software)
Task: {197E35CA-ECB1-4002-AD03-6EA8959A9BE1} - System32\Tasks\Opera GX scheduled Autoupdate 1732297780 => C:\Users\Pepík\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe [5661064 2025-04-03] (Opera Norway AS -> Opera Software)
Task: {11D8B74E-D8CE-44EE-9D06-3717973E6648} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-03-31] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {229B8258-EF0C-490A-8E3D-3C82DA0E9EEA} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [728504 2023-08-04] (Advanced Micro Devices Inc. -> AMD)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a46bb4f-55a0-4cac-ad90-fb16b9cde3f3}: [DhcpNameServer] 192.168.56.27
Tcpip\..\Interfaces\{9af5bb01-570b-4408-82b8-65b3620035bb}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a48c8554-45b6-4342-beae-53bb0042d61b}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\Pepík\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\Pepík\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-13]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Pepík\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-06]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default [2025-04-14]
CHR Extension: (change-language) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2025-03-17]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (All Black - Full Dark Theme/Black Theme) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkplpffahhkjfocfbfapcemhhkgmljpn [2024-03-06]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Shazam: Find song names from your browser) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2025-02-13]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-06]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-04-13]
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-13]
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox","hxxps://www.zskomtu.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-06]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-04-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Pepík\AppData\Local\Google\Chrome\User Data\System Profile [2025-04-13]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-598124734-1471702195-2874904135-1002) Opera GXStable - "C:\Users\Pepík\AppData\Local\Programs\Opera GX\opera.exe"
StartMenuInternet: (HKU\S-1-5-21-598124734-1471702195-2874904135-1003) Opera GXStable - "C:\Users\Kubík\AppData\Local\Programs\Opera GX\opera.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect.exe [4688488 2024-07-17] (OpenVPN Inc. -> )
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [2232328 2022-10-07] (Siemens AG -> SIEMENS AG)
S2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe [527800 2023-08-04] (Advanced Micro Devices Inc. -> AMD)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3319424 2025-04-12] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [20285608 2025-04-04] (BattlEye Innovations e.K. -> )
R2 CCAgent; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\CCAgent.EXE [678224 2023-10-30] (Siemens AG -> SIEMENS AG)
S3 CCAlgIAlarmDataCollector; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCAlgIAlarmDataCollector.exe [226792 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCAlgRtServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CcAlgRtServer.exe [148968 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCArchiveManagerService; C:\Program Files (x86)\Common Files\Siemens\CommonArchiving\CCArchiveManager.EXE [1062888 2021-04-16] (SIEMENS AG -> Siemens AG)
R2 CCDBUtils; C:\Program Files (x86)\Common Files\Siemens\CommonArchiving\CCDBUtils.EXE [158696 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCDeltaLoader; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCDeltaLoader.exe [890856 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCEClient; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\CCEClient_x64.exe [470088 2023-10-30] (Siemens AG -> SIEMENS AG)
R2 CCEServer; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\CCEServer_x64.exe [410160 2023-10-30] (Siemens AG -> SIEMENS AG)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
S3 CCLicenseService; C:\Program Files (x86)\Common Files\Siemens\bin\CCLicenseService.exe [699400 2023-11-02] (Siemens AG -> Siemens AG)
S3 CCNSInfo2Provider; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCNSInfo2Provider.exe [772072 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCOpcUaImporter; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\OPC\UAClient\UaConfigServer\CCOpcUaImporter.exe [2603536 2023-10-31] (Siemens AG -> SIEMENS AG)
S3 CCPackageMgr; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCPackageMgr.exe [556008 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCPerfMon; C:\Program Files (x86)\Common Files\Siemens\bin\CCPerfMon.exe [595344 2016-07-11] (Siemens AG -> Siemens AG)
S3 CCProfileServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCProfileServer.exe [113128 2021-04-16] (SIEMENS AG -> Siemens AG)
R2 CCProjectMgr; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCProjectMgr.exe [8013328 2023-11-02] (Siemens AG -> Siemens AG)
S3 CCRedundancyAgent-Service; C:\Program Files (x86)\Common Files\Siemens\CommonArchiving\CCRedundancyAgent.exe [907752 2021-04-16] (SIEMENS AG -> Siemens AG)
R2 CCRemoteService; C:\Program Files (x86)\Common Files\Siemens\bin\CCRemoteService.exe [139752 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCRtsLoader; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCRtsLoader_x64.exe [154088 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCSystemDiagnosticsHost; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCSystemDiagnosticsHost.exe [102376 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCTextServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCTextServer.exe [663016 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCTlgServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCTlgServer.exe [147944 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CCTMTimeSyncServer; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCTMTimeSyncServer.exe [382952 2021-04-16] (SIEMENS AG -> Siemens AG)
S3 CcUaDAS; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\OPC\UAClient\UaDAS\CcUaDAS.exe [5774344 2023-10-31] (Siemens AG -> SIEMENS AG)
S3 CCUsrAcv; C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCUsrAcv.exe [1773584 2023-11-02] (Siemens AG -> Siemens AG)
U2 cortsmartserver; C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\SmartServer.exe [906760 2023-11-16] (Siemens AG -> Siemens AG)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [18810976 2025-04-03] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-07-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [965872 2024-10-12] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [150640 2023-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3064848 2025-04-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [368088 2025-01-31] (Epic Games Inc. -> Epic Games, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSSQL$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlservr.exe [485048 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S3 MuseHub Updater Service; C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.Updater.exe [7815248 2025-01-31] (Musecy SM Ltd. -> Muse.Updater)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe [1275024 2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)
S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [131184 2023-12-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-03-31] (Overwolf Ltd -> Overwolf LTD)
R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [5218920 2024-07-17] (OpenVPN Inc. -> )
S3 RedundancyControl; C:\Program Files (x86)\Common Files\Siemens\ace\bin\RedundancyControl.exe [777392 2023-10-30] (Siemens AG -> SIEMENS AG)
S3 RedundancyState; C:\Program Files (x86)\Common Files\Siemens\ace\bin\RedundancyState.exe [292928 2023-10-30] (Siemens AG -> SIEMENS AG)
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [185968 2022-12-08] (Siemens AG -> SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [380792 2022-12-08] (Siemens AG -> SIEMENS AG)
R2 SCS Distribution Service; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\SCSDistServiceX.exe [367776 2023-10-30] (Siemens AG -> SIEMENS AG)
S3 SCSFsX; C:\Program Files (x86)\Common Files\Siemens\ACE\bin\SCSFsX.exe [234568 2023-10-30] (Siemens AG -> SIEMENS AG)
R2 SCSMonitor; C:\Program Files (x86)\Common Files\Siemens\ace\bin\SCSMX.exe [308904 2023-10-30] (Siemens AG -> SIEMENS AG)
R2 Siemens Diagnostics Data Collector Service; C:\Program Files\Common Files\Siemens\ETWEventCollector\bin\Siemens.Automation.Tracing.ETW.EventCollector.ServiceHost.exe [31304 2021-04-21] (SIEMENS AG -> Siemens AG)
R2 Siemens Telemetry Connector Service; C:\Program Files\Common Files\Siemens\TelemetryConnector\bin\Siemens.Simatic.TelemetryConnector.WindowsService.exe [8704 2022-08-29] (Siemens AG) [File not signed]
S2 SiemensTiaAdmin; C:\Program Files\Siemens\Automation\TIAADMIN\server\node.exe [57937528 2022-10-21] (OpenJS Foundation -> Node.js)
R2 SIMATIC PnDiscovery Service; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oPNDiscoveryx64.exe [890456 2022-12-08] (Siemens AG -> SIEMENS AG)
S4 SQLAgent$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\SQLAGENT.EXE [578744 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlceip.exe [246968 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 TraceConceptX; C:\Program Files\Common Files\Siemens\SimNetCom\TraceConceptX.exe [114736 2022-06-20] (Siemens AG -> SoftwareOption GmbH)
S4 UMC Service; C:\Program Files\Siemens\Automation\UserManagement\BIN\UMCService.exe [350968 2021-07-08] (Siemens AG -> SIEMENS AG)
R2 umscsvc; C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe [489208 2021-07-08] (Siemens AG -> SIEMENS AG)
S4 UP Service; C:\Program Files\Siemens\Automation\UserManagement\BIN\UPService.exe [195320 2021-07-08] (Siemens AG -> SIEMENS AG)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [763024 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [40071784 2025-03-19] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [42544 2024-10-26] (Microsoft Corporation -> Microsoft)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [144000 2024-09-17] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [861328 2025-04-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [2182128 2024-09-14] (Microsoft Windows Hardware Compatibility Publisher -> ANTICHEATEXPERT.COM)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27920 2024-03-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 AudioMirror; C:\WINDOWS\System32\drivers\AudioMirror.sys [61800 2023-10-26] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 cortkbdrtmwdf; C:\Windows\system32\drivers\cortkbdrtmwdf.sys [25576 2021-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [34920 2024-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 dpmconv; C:\WINDOWS\System32\drivers\dpmconv.sys [268160 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Siemens AG)
R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [52432 2024-08-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 HoYoProtect; C:\Windows\system32\HoYoKProtect.sys [3875992 2025-02-18] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
S3 INZONEHS; C:\WINDOWS\System32\DriverStore\FileRepository\inzoneheadset.inf_amd64_596822367d9ba756\INZONEHeadset.sys [187840 2024-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-01] (Microsoft Windows -> Microsoft Corporation)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [92664 2024-05-22] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
S4 RsFx0500; C:\WINDOWS\System32\DRIVERS\RsFx0500.sys [261848 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_0ca603ee5d51e3b2\rt68cx21x64.sys [810328 2024-03-19] (Realtek Semiconductor Corp. -> Realtek)
R3 s7odpx2x64; C:\WINDOWS\System32\drivers\s7odpx2x64.sys [101568 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7oppilx64; C:\WINDOWS\System32\Drivers\s7oppilx64.sys [47808 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7oppinx64; C:\WINDOWS\System32\drivers\s7oppinx64.sys [124608 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7oserix64; C:\WINDOWS\System32\Drivers\s7oserix64.sys [148160 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7osmcax64; C:\WINDOWS\System32\drivers\s7osmcax64.sys [236736 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7osobux64; C:\WINDOWS\System32\drivers\s7osobux64.sys [121536 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7otmcd64x; C:\WINDOWS\System32\Drivers\s7otmcd64x.sys [211136 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7otranx64; C:\WINDOWS\System32\drivers\s7otranx64.sys [281792 2020-02-10] (Siemens AG -> SIEMENS AG)
R3 s7otsadx64; C:\WINDOWS\System32\drivers\s7otsadx64.sys [230592 2020-02-10] (Siemens AG -> SIEMENS AG)
R2 s7ousbu64x; C:\WINDOWS\System32\drivers\s7ousbu64x.sys [157888 2020-02-10] (Siemens AG -> SIEMENS AG)
R2 s7PnDiscoveryDriver; C:\WINDOWS\system32\DRIVERS\s7PnDiscoveryDriver.sys [46272 2020-02-10] (Siemens AG -> SIEMENS AG)
R2 Snpnio; C:\WINDOWS\system32\DRIVERS\snpnio.sys [100216 2021-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Siemens AG)
R2 SNTIE; C:\WINDOWS\system32\DRIVERS\sntie.sys [227288 2022-09-14] (Siemens AG -> Siemens AG)
R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [41112 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-09] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [246200 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [256520 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1051944 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [195560 2024-10-10] (Oracle America, Inc. -> Oracle and/or its affiliates)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [27067392 2025-03-19] (Riot Games, Inc. -> Riot Games, Inc.)
R3 vsnl2ada; C:\WINDOWS\System32\drivers\vsnl2ada.sys [137088 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> SIEMENS AG)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-01] (Microsoft Windows -> Microsoft Corporation)
R3 WinCCRtKbdFilter; C:\Windows\system32\drivers\WinCCRtKbdFilter.sys [24800 2021-04-16] (Siemens AG -> Windows (R) Win 7 DDK provider)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-04-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-14 07:17 - 2025-04-14 07:17 - 000002742 _____ C:\Users\Pepík\Desktop\Fixlog.txt
2025-04-13 16:45 - 2025-04-13 16:46 - 000000000 ____D C:\Temp
2025-04-13 14:37 - 2025-04-13 14:37 - 113831784 _____ (AO Kaspersky Lab) C:\Users\Pepík\Downloads\KVRT.exe
2025-04-13 14:37 - 2025-04-13 14:37 - 000000000 ____D C:\KVRT2020_Data
2025-04-13 14:32 - 2025-04-13 14:32 - 000000000 ____D C:\ProgramData\Piriform
2025-04-13 14:30 - 2025-04-14 07:19 - 000000000 ____D C:\Program Files\CCleaner
2025-04-13 14:30 - 2025-04-13 14:30 - 087988576 _____ (Gen Digital Inc.) C:\Users\Pepík\Downloads\ccsetup634.exe
2025-04-13 14:30 - 2025-04-13 14:30 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-04-13 14:30 - 2025-04-13 14:30 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Pepík
2025-04-13 14:30 - 2025-04-13 14:30 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2025-04-13 14:30 - 2025-04-13 14:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2025-04-13 14:30 - - 000000000 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-04-13 11:10 - 2025-04-13 11:10 - 000826668 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-13 11:10 - 2025-04-13 11:10 - 000199566 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-13 10:11 - 2025-04-14 07:19 - 000044504 _____ C:\Users\Pepík\Desktop\FRST.txt
2025-04-13 10:11 - 2025-04-14 07:19 - 000000000 ____D C:\FRST
2025-04-13 10:10 - 2025-04-13 10:10 - 002404864 _____ (Farbar) C:\Users\Pepík\Desktop\FRST64.exe
2025-04-12 18:20 - 2025-04-12 18:20 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-04-10 20:37 - 2025-04-10 20:37 - 000001391 _____ C:\Users\Pepík\Desktop\Roblox Player.lnk
2025-04-10 20:36 - 2025-04-10 20:36 - 000001219 _____ C:\Users\Pepík\Desktop\Roblox Studio.lnk
2025-04-10 20:31 - 2025-04-10 20:31 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-04-10 20:31 - 2025-04-10 20:31 - 000000000 ____D C:\inetpub
2025-04-10 14:11 - 2025-04-13 14:46 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-09 16:11 - 2025-04-09 16:11 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-09 16:11 - 2025-04-09 16:11 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-04-06 13:42 - 2025-04-06 13:42 - 000881336 _____ C:\Users\Kubík\Downloads\AutoClicker-3.1.exe
2025-04-06 13:42 - 2025-04-06 13:42 - 000000000 ____D C:\Users\Kubík\Downloads\ACLib
2025-04-03 20:39 - 2025-04-03 20:40 - 000000000 ____D C:\Users\Pepík\Downloads\Wormhole bLWkLO
2025-04-03 20:38 - 2025-04-03 20:39 - 063448577 _____ C:\Users\Pepík\Downloads\Wormhole bLWkLO.zip
2025-04-03 20:12 - 2025-04-03 20:12 - 000005942 _____ C:\Users\Pepík\Downloads\traincraft 1.7.10.zip
2025-04-02 14:24 - 2025-04-02 14:25 - 000000000 ____D C:\Users\Pepík\AppData\Local\User Data
2025-04-02 14:24 - 2025-04-02 14:24 - 000000000 ____D C:\Users\Pepík\AppData\Local\nwjs
2025-04-01 15:44 - 2025-04-01 15:45 - 000000000 ___RD C:\Users\Pepík\Downloads\MicrosoftWindows.Client.CBS_cw5n1h2txyewy!InputApp
2025-03-31 11:06 - 2025-03-31 11:06 - 000000000 ____D C:\Users\Kubík\AppData\Local\EACrashReporter
2025-03-29 13:25 - 2025-03-29 13:25 - 000000000 ____D C:\ProgramData\CD Projekt Red
2025-03-28 20:10 - 2025-03-28 20:10 - 000000000 ____D C:\Users\Pepík\AppData\LocalLow\KishMish
2025-03-28 19:09 - 2025-03-28 19:09 - 000000223 _____ C:\Users\Pepík\Desktop\Bus World.url
2025-03-23 13:56 - 2025-03-29 18:26 - 000000000 ____D C:\Users\Pepík\AppData\LocalLow\Unity
2025-03-20 16:16 - 2025-03-29 12:13 - 000000000 ____D C:\Users\Kubík\AppData\Local\REDEngine
2025-03-20 16:16 - 2025-03-20 16:16 - 000000000 ____D C:\Users\Kubík\AppData\Local\CD Projekt Red
2025-03-20 10:11 - 2025-03-20 10:11 - 000000223 _____ C:\Users\Kubík\Desktop\Cyberpunk 2077.url
2025-03-20 10:11 - 2025-03-20 10:11 - 000000223 _____ C:\Users\Kubík\Desktop\Cyberpunk 2077 Bonus Content.url
2025-03-16 22:07 - 2025-03-16 22:07 - 000000000 ____D C:\Users\Pepík\AppData\LocalLow\EM Games

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-14 07:20 - 2024-10-27 12:19 - 000000000 ____D C:\Users\Pepík\AppData\Local\Muse Hub
2025-04-14 07:20 - 2024-03-07 15:46 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\discord
2025-04-14 07:19 - 2024-11-27 15:08 - 000000000 ____D C:\Users\Pepík\AppData\Local\Discord
2025-04-14 07:19 - 2024-10-27 12:19 - 000000000 ____D C:\Users\Pepík\AppData\Local\MuseSampler
2025-04-14 07:19 - 2024-10-27 12:19 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-04-14 07:19 - 2024-05-01 20:16 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Rainmeter
2025-04-14 07:19 - 2024-03-06 22:07 - 000000000 ____D C:\Program Files (x86)\Steam
2025-04-14 07:18 - 2025-02-21 21:41 - 000003432 _____ C:\WINDOWS\system32\Tasks\GCC
2025-04-14 07:18 - 2025-02-21 21:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-14 07:18 - 2025-02-21 21:39 - 000012118 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-14 07:18 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-14 07:18 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-14 07:18 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-14 07:18 - 2024-04-01 09:21 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-04-14 07:18 - 2024-03-07 20:01 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2025-04-14 07:18 - 2024-03-06 22:01 - 000000000 ___RD C:\Users\Pepík\OneDrive
2025-04-14 07:18 - 2024-03-06 21:49 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2025-04-14 07:18 - 2024-03-06 21:43 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-14 07:18 - 2024-03-06 21:35 - 000875536 _____ C:\WINDOWS\system32\wpbbin.exe
2025-04-14 07:18 - 2024-03-06 21:35 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2025-04-14 07:18 - 2024-03-06 21:35 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-14 07:17 - 2024-03-06 22:02 - 000000000 ____D C:\Users\Pepík\AppData\Local\D3DSCache
2025-04-13 18:18 - 2024-03-06 22:20 - 000000000 ____D C:\Users\Pepík\AppData\Local\Roblox
2025-04-13 14:33 - 2025-02-21 16:02 - 000000000 ___DC C:\WINDOWS\Panther
2025-04-13 14:33 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-04-13 14:33 - 2024-03-08 19:37 - 000000000 ____D C:\Users\Pepík\AppData\Local\CrashDumps
2025-04-13 14:32 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-13 11:10 - 2025-02-21 21:41 - 002021898 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-13 10:06 - 2024-03-10 20:02 - 000000000 ____D C:\Users\Honza\AppData\Local\Battle.net
2025-04-13 09:53 - 2024-03-10 20:02 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-04-12 17:30 - 2025-01-06 16:51 - 000001272 _____ C:\Users\Pepík\Desktop\ESET Online Scanner.lnk
2025-04-12 17:30 - 2024-03-07 17:38 - 000001378 _____ C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-04-12 11:47 - 2024-03-09 20:38 - 000000000 ____D C:\Users\Honza\AppData\Local\D3DSCache
2025-04-12 11:44 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-12 11:13 - 2024-03-09 20:36 - 000000000 ____D C:\Users\Honza\AppData\Local\Packages
2025-04-12 11:11 - 2024-03-06 21:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-12 11:10 - 2025-02-21 21:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-598124734-1471702195-2874904135-1004
2025-04-12 11:10 - 2025-02-21 21:41 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1004
2025-04-12 11:10 - 2025-02-21 21:41 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-598124734-1471702195-2874904135-1004
2025-04-12 11:10 - 2024-03-09 20:37 - 000002377 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-12 11:09 - 2024-03-09 20:36 - 000000000 ____D C:\Users\Honza\AppData\Local\NVIDIA Corporation
2025-04-11 19:18 - 2024-03-06 22:01 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-11 19:18 - 2024-03-06 22:01 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-04-10 20:43 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-10 20:37 - 2025-02-26 19:07 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-04-10 20:37 - 2025-02-26 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2025-04-10 20:37 - 2024-03-08 19:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-04-10 20:37 - 2024-03-06 22:20 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2025-04-10 20:37 - 2024-03-06 22:17 - 000000000 ____D C:\Users\Pepík\AppData\Local\NVIDIA Corporation
2025-04-10 20:35 - 2024-11-08 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2025-04-10 20:32 - 2025-02-21 21:37 - 000371552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-10 20:31 - 2025-02-21 20:30 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-10 20:31 - 2025-02-21 20:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2025-04-10 20:31 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-04-10 20:31 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-04-10 20:31 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-10 20:31 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-10 20:31 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-10 20:31 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-10 20:30 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\Medal
2025-04-10 20:30 - 2024-03-07 18:16 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\discord
2025-04-10 17:46 - 2024-03-06 23:21 - 000000000 ____D C:\Users\Kubík\AppData\Local\D3DSCache
2025-04-10 16:55 - 2024-03-07 18:16 - 000000000 ____D C:\Users\Kubík\AppData\Local\Discord
2025-04-10 15:50 - 2024-09-14 10:27 - 134222904 _____ C:\WINDOWS\392667600.dat
2025-04-10 15:46 - 2024-08-04 11:58 - 000001493 _____ C:\Users\Public\Desktop\Riot Client.lnk
2025-04-10 15:46 - 2024-03-07 19:28 - 000000000 ____D C:\ProgramData\Riot Games
2025-04-10 14:28 - 2024-03-07 19:30 - 000001426 _____ C:\Users\Kubík\Desktop\Roblox Player.lnk
2025-04-10 14:28 - 2024-03-07 19:30 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2025-04-10 14:28 - 2024-03-07 19:30 - 000000000 ____D C:\Users\Kubík\AppData\Local\Roblox
2025-04-10 14:27 - 2024-03-08 21:29 - 000000000 ____D C:\Users\Kubík\AppData\Local\CrashDumps
2025-04-10 14:27 - 2024-03-07 19:30 - 000001229 _____ C:\Users\Kubík\Desktop\Roblox Studio.lnk
2025-04-10 13:55 - 2024-10-25 21:12 - 000002317 _____ C:\Users\Kubík\Desktop\Mobius.lnk
2025-04-10 13:55 - 2024-09-29 21:20 - 000002317 _____ C:\Users\Kubík\Desktop\CurseForge.lnk
2025-04-10 13:55 - 2024-08-11 11:19 - 000001271 _____ C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medal.lnk
2025-04-10 13:55 - 2024-08-11 11:19 - 000001263 _____ C:\Users\Kubík\Desktop\Medal.lnk
2025-04-10 13:55 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\Documents\Medal
2025-04-10 13:55 - 2024-08-11 11:19 - 000000000 ____D C:\Medal
2025-04-10 13:55 - 2024-08-04 12:01 - 000002317 _____ C:\Users\Kubík\Desktop\Control.lnk
2025-04-10 13:55 - 2024-06-29 12:54 - 000002317 _____ C:\Users\Kubík\Desktop\Valorant Tracker.lnk
2025-04-10 13:55 - 2024-04-27 20:30 - 000000000 ____D C:\Users\Kubík\AppData\Local\Overwolf
2025-04-10 13:55 - 2024-03-06 23:20 - 000000000 ___RD C:\Users\Kubík\OneDrive
2025-04-09 18:31 - 2025-02-21 21:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-598124734-1471702195-2874904135-1003
2025-04-09 18:31 - 2025-02-21 21:41 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1003
2025-04-09 18:31 - 2025-02-21 21:41 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-598124734-1471702195-2874904135-1003
2025-04-09 18:31 - 2024-03-06 23:20 - 000002377 _____ C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-09 17:40 - 2025-02-21 21:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-598124734-1471702195-2874904135-1002
2025-04-09 17:40 - 2025-02-21 21:41 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-598124734-1471702195-2874904135-1002
2025-04-09 17:40 - 2025-02-21 21:41 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-598124734-1471702195-2874904135-1002
2025-04-09 17:40 - 2024-03-06 22:01 - 000002377 _____ C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-09 16:11 - 2025-02-21 21:40 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-09 15:38 - 2024-03-08 20:49 - 000000000 ____D C:\Users\Pepík\AppData\Local\WarThunder
2025-04-08 20:28 - 2024-12-25 21:44 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\WeMod
2025-04-08 19:43 - 2024-03-06 23:24 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\EasyAntiCheat
2025-04-08 17:40 - 2024-12-25 21:44 - 000002201 _____ C:\Users\Pepík\Desktop\WeMod.lnk
2025-04-08 17:40 - 2024-12-25 21:44 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2025-04-08 17:40 - 2024-12-25 21:44 - 000000000 ____D C:\Users\Pepík\AppData\Local\WeMod
2025-04-08 17:40 - 2024-03-07 15:46 - 000000000 ____D C:\Users\Pepík\AppData\Local\SquirrelTemp
2025-04-08 17:18 - 2024-03-07 20:09 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\riot-client-ux
2025-04-08 15:02 - 2024-08-25 10:39 - 000000000 ____D C:\Program Files\DubbingAI
2025-04-07 18:14 - 2025-02-26 19:07 - 003114016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2025-04-07 18:14 - 2025-02-26 19:07 - 002403360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2025-04-07 18:14 - 2024-03-08 19:26 - 000271392 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2025-04-07 18:14 - 2024-03-08 19:26 - 000245792 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2025-04-07 17:52 - 2024-03-08 19:26 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2025-04-07 17:52 - 2024-03-08 19:26 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2025-04-07 17:51 - 2024-03-08 19:26 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2025-04-06 10:05 - 2025-02-21 21:41 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-06 10:05 - 2025-02-21 21:41 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-06 09:56 - 2024-03-06 22:12 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-04-04 09:41 - 2025-02-21 21:41 - 000004234 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1727636541
2025-04-04 09:41 - 2024-09-29 21:02 - 000001473 _____ C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2025-04-04 09:41 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medal B.V
2025-04-04 09:41 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Local\Medal
2025-04-04 09:40 - 2025-02-21 21:41 - 000004230 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1732297780
2025-04-04 09:40 - 2024-11-22 19:49 - 000001473 _____ C:\Users\Pepík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2025-04-03 20:37 - 2024-09-29 15:43 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\.minecraft
2025-04-03 19:21 - 2024-03-20 15:41 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\Microsoft\MMC
2025-04-03 18:56 - 2024-09-28 17:57 - 000002243 _____ C:\Users\Pepík\Desktop\Discord.lnk
2025-04-03 17:20 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Local\log
2025-04-03 15:32 - 2024-12-08 00:05 - 000000000 ____D C:\ProgramData\EA Desktop
2025-04-02 17:20 - 2024-03-07 18:16 - 000002243 _____ C:\Users\Kubík\Desktop\Discord.lnk
2025-04-01 12:23 - 2024-03-06 21:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-01 12:06 - 2024-04-27 20:31 - 000000000 ____D C:\Program Files (x86)\Overwolf
2025-03-31 11:48 - 2024-09-29 21:02 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\.minecraft
2025-03-31 11:41 - 2024-09-29 21:02 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\.tlauncher
2025-03-30 17:50 - 2025-02-21 21:41 - 000003842 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2025-03-30 17:50 - 2025-02-21 21:41 - 000003400 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2025-03-30 12:57 - 2024-03-06 23:02 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\EasyAntiCheat
2025-03-30 10:39 - 2025-01-19 18:03 - 000000000 ____D C:\Users\Pepík\VirtualBox VMs
2025-03-30 10:39 - 2024-12-10 15:52 - 000000000 ____D C:\Users\Pepík\.VirtualBox
2025-03-29 19:42 - 2024-03-06 22:00 - 000000000 ____D C:\Users\Pepík\AppData\Local\Packages
2025-03-29 17:40 - 2024-08-11 11:19 - 000000000 ____D C:\Users\Kubík\AppData\Local\Ferox_Games_B.V
2025-03-29 17:38 - 2024-03-07 19:43 - 000000000 ____D C:\Program Files\Riot Vanguard
2025-03-28 17:02 - 2024-05-01 21:40 - 000000000 ____D C:\Users\Kubík\AppData\Local\ModernWarships
2025-03-27 18:15 - 2024-08-25 18:32 - 000000000 ____D C:\Users\Kubík\AppData\Local\Crossout
2025-03-27 16:17 - 2024-03-06 23:19 - 000000000 ____D C:\Users\Kubík\AppData\Local\Packages
2025-03-23 14:08 - 2024-10-31 16:40 - 000000000 ____D C:\Users\Pepík\AppData\Roaming\r2modman
2025-03-20 16:15 - 2024-12-08 00:05 - 000000000 ____D C:\Users\Kubík\AppData\Local\cache
2025-03-20 10:11 - 2024-12-07 23:43 - 000000000 ____D C:\Users\Kubík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-03-18 21:45 - 2024-11-23 19:51 - 000000000 ____D C:\Users\Kubík\AppData\Local\Steam
2025-03-18 16:53 - 2025-01-05 16:58 - 000000000 ____D C:\Users\Pepík\Documents\Euro Truck Simulator 2
2025-03-18 16:16 - 2024-03-06 22:07 - 000000000 ____D C:\Users\Pepík\AppData\Local\Steam
2025-03-18 15:55 - 2024-08-25 10:39 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dubbing AI.lnk
2025-03-18 15:55 - 2024-08-25 10:39 - 000000865 _____ C:\Users\Public\Desktop\Dubbing AI.lnk
2025-03-15 14:22 - 2024-03-06 23:20 - 000000000 ____D C:\Users\Kubík\AppData\Local\PlaceholderTileLogoFolder
2025-03-15 12:15 - 2024-09-29 15:34 - 002897472 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-03-15 12:15 - 2024-09-29 15:34 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-03-15 12:15 - 2024-09-29 15:34 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-03-15 12:15 - 2024-09-29 15:34 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-03-15 12:14 - 2024-09-29 15:34 - 000788008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-03-15 12:14 - 2024-09-29 15:34 - 000267816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-03-15 12:14 - 2024-09-29 15:34 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll

==================== Files in the root of some directories ========

2024-04-01 19:45 - 2024-04-04 21:21 - 000000098 _____ () C:\Users\Pepík\AppData\Roaming\LauncherSettings_live.cfg
2024-04-04 21:01 - 2024-04-04 21:01 - 000002636 _____ () C:\Users\Pepík\AppData\Roaming\TheHunterSettings_live.bin
2024-04-04 21:12 - 2024-04-04 21:19 - 000000048 _____ () C:\Users\Pepík\AppData\Roaming\TheHunterSettings_steam_live.cfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Jenda297
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 dub 2025 07:36

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#7 Příspěvek od Jenda297 »

a druhý log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by Pepík (14-04-2025 07:20:43)
Running from C:\Users\Pepík\Desktop
Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) (2025-02-21 19:41:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-598124734-1471702195-2874904135-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-598124734-1471702195-2874904135-503 - Limited - Disabled)
Guest (S-1-5-21-598124734-1471702195-2874904135-501 - Limited - Disabled)
Honza (S-1-5-21-598124734-1471702195-2874904135-1004 - Administrator - Enabled) => C:\Users\Honza
janfi (S-1-5-21-598124734-1471702195-2874904135-1001 - Administrator - Enabled) => C:\Users\janfi
Kubík (S-1-5-21-598124734-1471702195-2874904135-1003 - Administrator - Enabled) => C:\Users\Kubík
Pepík (S-1-5-21-598124734-1471702195-2874904135-1002 - Administrator - Enabled) => C:\Users\Pepík
WDAGUtilityAccount (S-1-5-21-598124734-1471702195-2874904135-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.28.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.13.0.2771 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.13.0.2771 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{f738e81d-6f36-4eae-83b9-c4a2d7d7a868}) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.) Hidden
Aplikace NVIDIA 11.0.3.232 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.3.232 - NVIDIA Corporation)
ATLauncher Setup (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\{2F5FDA11-45A5-4CC3-8E51-5E11E2481697}_is1) (Version: 1.2.0.0 - ATLauncher)
Audacity 3.7.0 (HKLM\...\Audacity_is1) (Version: 3.7.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.34 - Piriform)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{BDF8C840-5B9A-4D9B-9BCA-CE4163973563}) (Version: 4.8.09256 - Microsoft Corporation) Hidden
Control (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_bdgnjepnpdepdpndclppjhimnoeamdchlkjdlgfk) (Version: 0.2.77 - Overwolf app)
Crossout Launcher 1.0.3.213 (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\CrossOutLauncher_is1) (Version: - )
CurseForge (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 1.275.5.4706 - Overwolf app)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DiagnosticsHub_CollectionService (HKLM\...\{9C551783-3830-4366-9103-195E5AFA84FC}) (Version: 17.11.35317 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Discord) (Version: 1.0.9172 - Discord Inc.)
Discord (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Discord) (Version: 1.0.9034 - Discord Inc.)
Dubbing AI version v1.7.0 (HKLM-x32\...\{C28AF184-0180-4766-A0C0-C3DE5A5624D8}_is1) (Version: v1.7.0 - HALO INTERACTIVE PTE. LTD.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.433.0.5946 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{5106b932-0116-4839-b279-773a1ceec919}) (Version: 13.433.0.5946 - Electronic Arts)
EBpro V6.09.02.338 (HKLM-x32\...\{FB65FE55-D6AA-471C-B02A-99C1E14DF73F}_is1) (Version: - Weintek Labs., Inc.)
eDEX-UI 2.2.8 (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\82c1c72c-4db6-57c2-bb24-743f60eb274f) (Version: 2.2.8 - Gabriel 'Squared' SAILLARD)
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{B6309BF9-CFD5-4AA0-BE86-C58A6A917DA1}) (Version: 1.0.12.2 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{25ed5e8e-dbd3-4fa0-a28a-1b7de48b7bee}) (Version: 1.0.12.2 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{a7b1cf47-d8f0-423d-9494-568195f1c864}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{0E28D23D-A3C1-4381-AA5B-12E7C0E368CA}) (Version: 1.3.131.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{C7D679C2-04A8-434A-8799-4C2F001388BE}) (Version: 2.9.0 - Epic Games, Inc.)
Fortnite Tracker (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_lchehejhdkhdkfledgjmchiblkmimnhfoeacjcni) (Version: 3.11.4 - Overwolf app)
GBT_MB_Update (HKLM\...\GBT_MB_Update) (Version: 24.06.25.01 - GIGABYTE)
GBT_RGB_Sync_Control 24.06.18.01 (HKLM\...\GBT_RGB_Sync_Control) (Version: 24.06.18.01 - GIGABYTE)
GBT_rgbMotherboard_UC 24.06.20.01 (HKLM\...\GBT_rgbMotherboard_UC) (Version: 24.06.20.01 - GIGABYTE)
GIGABYTE Control Center 24.06.27.01 (HKLM\...\GIGABYTE Control Center) (Version: 24.06.27.01 - GIGABYTE)
GIGABYTE Performance Library (HKLM\...\MBEasyTune) (Version: 24.06.21.01 - GIGABYTE)
GIGABYTE Storage Library (HKLM\...\MBStorage) (Version: 24.07.05.01 - GIGABYTE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.85 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{58D16D0C-E3A5-44F4-B44D-FE43AD45F251}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{A7BC9345-F48F-4F6C-8F23-222F6B64B737}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{57D14DE5-C298-440D-BC54-818AA0B08939}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{97A2AC6F-D312-4356-82CA-083A8312469D}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
INZONE Hub (HKLM\...\{C1C9572A-17C2-FFFC-E3E8-B2D586EABACA}) (Version: 1.0.13.0 - Sony Corporation)
Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Medal (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Medal) (Version: 4.2699.0 - Medal B.V.)
Microsoft .NET 6.0 Templates 8.0.403 (x64) (HKLM\...\{685CAC03-9584-457A-B49A-00A5077AB577}) (Version: 24.8.23125 - Microsoft Corporation) Hidden
Microsoft .NET 8.0 Templates 8.0.403 (x64) (HKLM\...\{61DDF3F6-B199-45CB-9483-88C2A4BF8D8A}) (Version: 32.10.55893 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.35 (x64) (HKLM\...\{33409B86-35CA-4000-A2FC-54B9AD74474C}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.35 (x64_arm) (HKLM\...\{11A5E018-28AA-43DB-9434-29940C72E7CA}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.35 (x64_arm64) (HKLM\...\{B6D1CAAB-094D-44D4-A5E6-0377349AB364}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.35 (x64_x86) (HKLM\...\{059C32BA-74D1-43F6-9C13-16CC9D5822CE}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.10 (x64) (HKLM\...\{E20F860B-E692-4DD4-82E7-2FF06E222031}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.10 (x64_arm64) (HKLM\...\{141C7DD4-05D4-46E7-A924-5FDD57D47633}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.10 (x64_x86) (HKLM\...\{938CE44A-DE2E-4B59-BDB7-D515A41AA029}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime For CoreCon (HKLM-x32\...\{48A8F171-52F2-372B-8414-EA50617708BE}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime SDK (HKLM-x32\...\{12702494-9E6A-3F5E-9441-2B7D258A639B}) (Version: 1.1.27004.0 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.10 (x64) (HKLM\...\{3A80EBC5-6B68-49B9-BEBD-E1A6C966B416}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.10 (x86) (HKLM-x32\...\{E209487C-1BC1-4D23-87B7-010178837448}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.10 (x64) (HKLM\...\{062CD1ED-0A3C-483C-A871-50173240C545}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.10 (x86) (HKLM-x32\...\{9781F700-28C4-4F55-8552-643807AACB18}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Native SDK (HKLM-x32\...\{EF0C772D-F5E3-36D0-BDAB-FD378533CD40}) (Version: 15.0.24211.07 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.35 (x64) (HKLM\...\{C79F6EEC-3A2B-487D-A3B6-EDF4057B4E4B}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.35 (x86) (HKLM-x32\...\{BBEA8EBD-9170-4B66-8343-9A763011DED4}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.10 (x64) (HKLM\...\{15B7D0C2-F209-4C28-AF1C-FD8326F4D58A}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.10 (x86) (HKLM-x32\...\{25513E9F-031D-4A70-94D5-AD08C1CDE5FB}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET SDK 8.0.403 (x64) from Visual Studio (HKLM\...\{2CDAFBED-4278-4225-83C0-A7615DFEDEFF}) (Version: 8.4.324.47413 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.35 (x64) (HKLM\...\{78BA8806-ABF1-4DE7-B3A4-AD805488F75A}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.35 (x86) (HKLM-x32\...\{C9A16259-1565-4C3D-8B99-C9CEB6DCFAF4}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 8.0.10 (x64) (HKLM\...\{8F115CBC-3741-42EA-8F2E-B8D0A63593D7}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 8.0.10 (x86) (HKLM-x32\...\{C32AD807-EDD6-416D-A91E-3C2E99C3053C}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 8.0.403 (x64) (HKLM\...\{EFB9E0CC-AA8A-4D24-8FDA-33E693C22688}) (Version: 32.8.55893 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.35 Shared Framework (x64) (HKLM\...\{EF5C4694-AACF-3220-B485-970EA04B6770}) (Version: 6.0.35.24462 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.35 Shared Framework (x86) (HKLM-x32\...\{979F8AF4-9BF1-3978-AEC1-4BC62F883903}) (Version: 6.0.35.24462 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.35 Targeting Pack (x64) (HKLM\...\{11EE35B2-43EC-37ED-8BFA-2F2227CCDF10}) (Version: 6.0.35.24462 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.35 Targeting Pack (x86) (HKLM-x32\...\{3B49C02B-35F3-348E-84AA-714CE0CF1C1F}) (Version: 6.0.35.24462 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.10 Shared Framework (x64) (HKLM\...\{D7156216-38DA-3370-A1EF-CEA07751D873}) (Version: 8.0.10.24468 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.10 Shared Framework (x86) (HKLM-x32\...\{430E625C-A84F-302E-A7F7-5708E8E7F7E2}) (Version: 8.0.10.24468 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.10 Targeting Pack (x64) (HKLM\...\{62EAD19D-3122-3A47-9BB4-0B802B106314}) (Version: 8.0.10.24468 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.10 Targeting Pack (x86) (HKLM-x32\...\{FADB53F7-88E1-3BDC-A095-72F29EE839C9}) (Version: 8.0.10.24468 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.73 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.73 - Microsoft Corporation) Hidden
Microsoft NetStandard SDK (HKLM-x32\...\{737FDDA7-B944-4CB5-92D9-3D56373BD301}) (Version: 15.0.51105 - Microsoft Corporation) Hidden
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{76CF9EF4-ABA0-484E-8042-12B99499AF5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-598124734-1471702195-2874904135-1001\...\OneDriveSetup.exe) (Version: 24.025.0204.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-598124734-1471702195-2874904135-1004\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{B9274744-8BAE-4874-8E59-2610919CD419}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 RsFx Driver (HKLM\...\{7123D29F-9197-4686-A619-C7E8EA289718}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{405252DC-ADF7-4BC8-95F5-F89DE513DD62}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 (HKLM\...\{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.04401 - Microsoft)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{7F86DEBA-AF7D-43F2-8312-DBCB65F116A9}) (Version: 17.10.0.9037153 - Microsoft) Hidden
Microsoft UniversalWindowsPlatform SDK (HKLM-x32\...\{C756420B-C91C-4410-8092-F49C24CEF594}) (Version: 15.9.16 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.11.2180.21897 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{EE86461C-2B52-4E27-A5ED-4D59819BDD08}) (Version: 3.11.2133.16870 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{A59EAC01-288D-41BA-B6F2-3DF78DEA16E0}) (Version: 3.11.2133.16870 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.35 (x64) (HKLM\...\{8AA69679-CCD6-42D9-BCDA-99BE386D57B7}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.35 (x86) (HKLM-x32\...\{0963AE98-F2C6-42A0-BF25-F0BC52787B35}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM\...\{614C9740-3FD4-4788-A277-7C35CB4C323B}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.10 (x86) (HKLM-x32\...\{F6940347-D27B-455F-B875-BC58150D99F2}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.35 (x64) (HKLM\...\{A916ED6C-1BCE-4A05-B8D0-378DF81DB765}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.35 (x86) (HKLM-x32\...\{118B7664-3706-4DDA-82C0-D81674800E79}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 8.0.10 (x64) (HKLM\...\{F79CCA7E-7D6C-4F43-951F-B8C0C74F87E8}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 8.0.10 (x86) (HKLM-x32\...\{911CA210-235B-42D6-9A12-7C17F84ED3C0}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-8.0.100 (x64) (HKLM\...\{82E988D4-4794-49D0-8185-B49CD842BFFB}) (Version: 34.0.113 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Aspire.Manifest-8.0.100 (x64) (HKLM\...\{38DF0526-2425-4999-B77C-82281D15F35C}) (Version: 64.64.18482 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-8.0.100 (x64) (HKLM\...\{4E76E90C-B8F1-4291-B925-618FD9BAA552}) (Version: 18.0.8303 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-8.0.100 (x64) (HKLM\...\{2512FF45-7553-4A70-84CF-CDBE67D55427}) (Version: 18.0.8303 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-8.0.100 (x64) (HKLM\...\{468C3839-0E49-46DC-8D54-D9F0507AD7B1}) (Version: 15.0.8303 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-8.0.100 (x64) (HKLM\...\{14F733B0-0CC9-44B0-81EA-03BC8AB7D6FE}) (Version: 8.0.82 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-8.0.100 (x64) (HKLM\...\{7782168D-9009-4035-9C3D-9C57884B2414}) (Version: 18.0.8303 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Current.Manifest (x64) (HKLM\...\{A38AF6BC-35AD-4ECB-B3F6-2A5F7A9080F4}) (Version: 64.40.21345 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{86A3E677-8EC8-4080-9359-FBCEAD039C72}) (Version: 64.40.21345 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{68C5A4AE-1B0D-4F8C-A319-DEDFA9519A08}) (Version: 64.40.21345 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Current.Manifest (x64) (HKLM\...\{B3D8DBC1-1868-40CA-89C0-002D193E7490}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{F9B6FB6E-239E-4D46-BE06-9042F0B64887}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{D077A86E-0289-4522-A635-783DB1DB7E28}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Mobius (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_igkpgccbkkidbboffbokhfidimlhpnldmgkphbpi) (Version: 1.5.0.5 - Overwolf app)
ModernWarshipsLauncher 1.0.3.34 (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\{e5ec707a-ad6c-4607-95bd-93c625670d0d}}_is1) (Version: - Gaijin Network)
MSI Afterburner 4.6.6 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.6 Beta 3 - MSI Co., LTD)
NVIDIA FrameView SDK 1.5.10920.35420203 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10920.35420203 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OPC Core Components Redistributable (x64) 3.0.107.24 (HKLM\...\{725FFCF9-5D38-4249-8697-9BDB415E6B00}) (Version: 3.0.10700 - OPC Foundation)
OpenVPN Connect (HKLM\...\{476194D5-A162-4677-A53F-1DE4ED5F27CF}) (Version: 3.5.0 - OpenVPN Inc.)
Opera GX Stable 117.0.5408.205 (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Opera GX 117.0.5408.205) (Version: 117.0.5408.205 - Opera Software)
Opera GX Stable 117.0.5408.205 (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Opera GX 117.0.5408.205) (Version: 117.0.5408.205 - Opera Software)
Oracle VirtualBox 7.1.4 (HKLM\...\{B7EE9AB2-4188-4B5F-8499-43114E7AD7DA}) (Version: 7.1.4 - Oracle and/or its affiliates)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.273.1.4 - Overwolf Ltd.)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.1 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{07236f40-ec25-4646-8cb6-b6aaf1597324}) (Version: 1.1.0.1 - Patriot Memory) Hidden
PicPick (HKLM-x32\...\PicPick) (Version: 7.2.9 - NGWIN)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.1.0 - Advanced Micro Devices, Inc.) Hidden
r2modman 3.1.57 (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\ac231ef6-6414-5f8d-b36f-3b57705721dd) (Version: 3.1.57 - ebkr)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.5.21 - Rainmeter)
Rapture COBRA (HKLM-x32\...\{DB1238C2-B3F6-487B-B2F2-C866445E7E0C}_is1) (Version: 1.0 - Alza.cz a.s.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9689.1 - Realtek Semiconductor Corp.)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.8.1030.200908 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.18.0312.2024 - Realtek)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0045 - REALTEK Semiconductor Corp.)
RealVNC Viewer 7.12.0 (HKLM\...\{F19953AA-4E83-42DE-852C-E6C2114D96B3}) (Version: 7.12.0.14 - RealVNC)
REDlauncher (HKLM-x32\...\{DDAB335A-D2ED-45F8-A921-8597CC411E20}) (Version: 3.4.0.5 - CD Projekt RED) Hidden
Riot Client (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for Kubík (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\roblox-player) (Version: - Roblox Corporation)
Roblox Player for Pepík (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\roblox-player) (Version: - Roblox Corporation)
Siemens Automation License Manager (HKLM\...\{A719986D-104A-4DD4-84E3-65C214B699E8}) (Version: 06.00.0904 - Siemens AG) Hidden
Siemens Automation License Manager V6.0 + SP9 + Upd4 (HKLM\...\{A719986D-104A-4DD4-84E3-65C214B699E8}LicenseManager) (Version: 06.00.0904 - Siemens AG)
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package 0 V17.0 (HKLM\...\{BA4E9D15-087D-502B-93BA-076719BC4236}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package 02 V17.0 (HKLM\...\{37D9C58D-2705-5E07-93DD-268635B26F24}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package 03 V17.0 (HKLM\...\{EB949E8C-F9D4-546D-A02E-29947C18A016}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package 04 V17.0 (HKLM\...\{D3B9FDC3-2379-5B12-9653-C830E5AE4F8C}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Hardware Support Base Package WCF-01 V17.0 (HKLM\...\{1623081C-E461-5DD2-9F1B-6FA09A24BED2}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - HM All Editions Single SetupPackage V17.0 UPD7 (HKLM\...\{079A2623-93DA-4B5D-ACF4-A7FC672B32BE}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - HM NoBasic Single SetupPackage V17.0 UPD7 (HKLM\...\{2FD255DF-547F-44F6-A1E5-69FC21504FA8}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Multiuser Client Single SetupPackage V17.0 UPD7 (HKLM\...\{E61C0A53-CE13-427E-968D-D82DA1C66FB7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Openness SetupPackage V17.0 UPD7 (HKLM\...\{C2F22C69-426B-4263-A50B-B1EBDFBF6FE7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Simatic Single SetupPackage V17.0 UPD7 (HKLM\...\{E535649B-41A8-4ED3-870C-DDB37D14195E}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Simatic Single SetupPackage 32 Bit V17.0 (HKLM-x32\...\{97666CA6-3A5A-422D-B742-7865268AD661}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS Startdrive Advanced G110M, G120, G120C, G120D, G120P, G115D V17.0 + SP1 + Upd1 (HKLM\...\{8F50D010-5C1A-45E7-BF03-6928A1E6D75C}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS Startdrive Advanced G130, G150, S120, S150, SINAMICS MV, S210 V17.0 + SP1 + Upd1 (HKLM\...\{C29CA7AB-04D9-4BE7-AE89-29E51FF0D54E}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS-STARTDRIVE-COMMON V17.0 + SP1 + Upd1 (HKLM\...\{0F1AB8B0-992C-4038-B745-1EB2B0B6322B}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS-STARTDRIVE-COMMON-OPENNESS V17.0 + SP1 + Upd1 (HKLM\...\{8E4FC754-7A38-43E6-9B17-D9E6582252F9}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - SINAMICS-STARTDRIVE-COMMON-SAT V17.0 + SP1 + Upd1 (HKLM\...\{99C7A0C1-ECD6-405D-8517-00BE947CF3F2}) (Version: 17.00.0101 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Startdrive Hardware Support Base Package 1 V17.0 (HKLM\...\{3063B9BF-2D02-4170-8025-FC6999AF2BAE}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Startdrive Hardware Support Base Package 1 V17.0 (HKLM\...\{CE45B07A-BEA0-4632-9C47-F335EE2BEF68}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - STEP 7 Safety Single SetupPackage V17.0 UPD6 (HKLM\...\{C16EFDE1-821E-4A84-91AD-424E6ACD92F3}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - STEP 7 Single SetupPackage V17.0 UPD7 (HKLM\...\{2E885E83-8749-49DE-9A20-303EECB03FE7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Support Base Package TO-01 V17.0 (HKLM\...\{5C7D1BBE-1A75-5ECD-9C17-1590268CF484}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Support Base Package TO-02 V17.0 (HKLM\...\{B36FE3B3-0496-5D64-A1BC-EF747539B1E8}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - TIACOMPCHECK Single SetupPackage V17.0 + Upd7 (HKLM\...\{9504CA56-C9BA-4D89-B1D2-7BCF44E5E214}) (Version: 17.00.0007 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - Version Control Interface SetupPackage V17.0 UPD7 (HKLM\...\{05774324-9146-46E4-992B-FB8DB87B6C20}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - WinCC Single SetupPackage V17.0 UPD7 (HKLM\...\{BE58C64B-16AB-4781-8AD1-31E4494F6DA7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - WinCC Single SetupPackage 32 Bit V17.0 (HKLM-x32\...\{0515F9DC-377B-4629-B94D-6F7C171563C7}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 - WinCC Transfer Mandatory Single SetupPackage V17.0 UPD7 (HKLM\...\{7FDB85E1-9117-464A-B3A9-78970442A025}) (Version: 17.00.0000 - Siemens AG) Hidden
Siemens Totally Integrated Automation Portal V17 (HKLM-x32\...\Siemens Installer Assistant - TIAP17) (Version: V17 - Siemens AG)
SIMATIC ProSave (HKLM-x32\...\{B816FFB4-20E1-498E-8C8F-EF0D4D928FBB}) (Version: 17.00.0001 - Siemens AG) Hidden
SIMATIC ProSave V17.0 Upd1 (HKLM-x32\...\{B816FFB4-20E1-498E-8C8F-EF0D4D928FBB}Prosave) (Version: 17.00.0001 - Siemens AG)
SIMATIC WinCC Runtime Advanced V17.0 UPD7 (HKLM-x32\...\Siemens Installer Assistant - HMIRTM_V11) (Version: V17.0 UPD7 - Siemens AG)
SIMATIC WinCC Runtime Professional V17.0 Upd7 (HKLM-x32\...\Siemens Installer Assistant - SCADA-RT_V11) (Version: V17.0 Upd7 - Siemens AG)
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop (HKU\S-1-5-21-598124734-1471702195-2874904135-1004\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.5.5 - Telegram FZ-LLC)
TIA Administrator - TIA Administrator V1.0 SP8 (HKLM\...\{A9854F14-BE7A-4A7E-A1AF-91DC2B4880C5}) (Version: 01.00.0800 - Siemens AG) Hidden
TIA Administrator - AWB Licensing Module V1.0 + SP8 (HKLM\...\{1251807E-4FB0-4A98-BEF0-E287DD36FF40}) (Version: 01.00.0800 - Siemens AG) Hidden
TIA Administrator - AWB Software Management V1.0 + SP8 (HKLM\...\{AEC22818-49AE-433D-9243-2268912CA418}) (Version: 01.00.0800 - Siemens AG) Hidden
TIA Administrator - TIA UMC Agent Configurator Module V1.0 + SP8 (HKLM\...\{04A5F46A-15D7-44DF-9D71-17A6E7BD41E2}) (Version: 01.00.0800 - Siemens AG) Hidden
TIA Administrator (HKLM-x32\...\Siemens Installer Assistant - TIAADMIN) (Version: V1.0 - Siemens AG)
TIA Portal Project Server V17 - TIA Portal Project Server Single SetupPackage V17.0 Upd7 (HKLM\...\{C8C3D3E8-CFAE-489D-86D7-1C200FD9E7DC}) (Version: 17.00.0007 - Siemens AG) Hidden
TIA Portal Project Server V17 (HKLM-x32\...\Siemens Installer Assistant - MUSERVERV17) (Version: V17.0 Upd7 - Siemens AG)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.9289 - TLauncher Inc.)
Totally Integrated Automation Portal V17 - TIA Portal Single SetupPackage V17.0 (HKLM\...\{B2C6F7A3-528A-4AEA-8C7E-3DEBB940480B}) (Version: 17.00.0000 - Siemens AG) Hidden
User Management Component - UserManagementComponentx64 V2.9 SP3 Upd2 (HKLM\...\{F8FB36E7-28F3-49A5-A571-A297774FB30E}) (Version: 02.09.03.02 - Siemens AG) Hidden
User Management Component - umtrayiconx64 V2.9 + SP3 + Upd2 (HKLM\...\{0D7D6BDA-0DCC-4E83-82A0-766B1C99E2F3}) (Version: 02.09.03.02 - Siemens AG) Hidden
User Management Component (HKLM-x32\...\Siemens Installer Assistant - UMC64) (Version: V2.9 SP3 UPD2 - Siemens AG)
VALORANT (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Valorant Tracker (HKU\S-1-5-21-598124734-1471702195-2874904135-1003\...\Overwolf_ipmlnnogholfmdmenfijjifldcpjoecappfccceh) (Version: 1.27.1 - Overwolf app)
vcpp_crt.redist.clickonce (HKLM-x32\...\{6F16E6B5-1260-4335-9719-44570F14B065}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{E503D4B9-DD36-4B58-BA27-F01631BF9253}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{E6B29AFF-6C30-45DE-939F-4CE8028D25C0}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Resource Package (HKLM-x32\...\{492AF3D9-EA20-4276-B948-76BAD704E602}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{383B01AE-764D-43B4-8AF8-3170D2A48139}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{6F489261-387F-42F1-ACD3-AF2D9B2E642A}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{E0CF1190-35BC-483E-B32D-9450ED3DEF6A}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{FDE7EDF2-2BD3-4ECC-9CE0-F5DE297A7AE6}) (Version: 14.41.34120 - Microsoft Corporation) Hidden
Visual Studio Community 2022 (HKLM-x32\...\4c3e37b3) (Version: 17.11.5 - Microsoft Corporation)
VS Immersive Activate Helper (HKLM-x32\...\{BE00F49A-2FA1-46E6-B30F-A2653BF7CD75}) (Version: 17.0.157.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{F82603BE-9975-4B01-B586-84E5E6301C0D}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{890533B4-4F0A-4726-8F54-A8A1B27BC42B}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{BA2E09EF-8839-49DC-A949-639C569FB2F4}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6CAA3F5E-6F43-48D7-9465-2543DCD3EB62}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{19F3857D-93AC-4B31-BB34-C9BEAE643F3D}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{A4A2A751-37FE-4EEA-89CC-12004BFD4C86}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{DCF89732-E559-4900-8844-7C6B27F28808}) (Version: 17.11.35103 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{1851460E-0E63-4117-B5BA-25A2F045801B}) (Version: 17.7.40001 - Microsoft Corporation)
vs_devenvsharedmsi (HKLM-x32\...\{F8821BBC-45BE-481C-9A8C-EA9C87174F44}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{67B8CF3A-C2F5-424F-B172-E0A2B8D5D2D5}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{5845E00D-7409-475B-B7F3-D88C2598D7D4}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{5E7CA2F5-FE75-4D40-8533-653524E82407}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{F6235A6B-586B-4B74-91F5-B108C407085D}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_githubprotocolhandlermsi (HKLM-x32\...\{AB3E3E33-5938-42C8-8A56-DD883DA35667}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{850190D6-F1E2-42BB-89F9-6E73A0836599}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{B219BF5E-0743-49F3-9ADD-543A18FFAE79}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B6DC1A71-48F8-47E1-BD23-A2EC000BB76B}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{2A1FB39E-C04E-4DD1-A8E9-5AF8E4DC5DDA}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{DFE9C1B1-B059-46C6-8272-A4975CE7C844}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{9CBEF6C3-C91E-4838-A4BE-EEC6FB65AC5E}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{39D747CD-E324-4687-B068-7E2EC1066B2C}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{45BF09E7-745C-4EA8-AB3D-2F734AB57EB2}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{BCEEE64D-6A17-42DD-9E9D-70FADB47F243}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
War Thunder Launcher 1.0.3.409 (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Network)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WeMod (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\WeMod) (Version: 10.10.4 - WeMod)
WinCC Runtime Advanced V17.0 - SIMATIC WinCC Runtime Advanced V17.0 (HKLM-x32\...\{517C78B0-FC51-415D-81F0-D6428FEF4AEE}) (Version: 17.00.0000 - Siemens AG) Hidden
WinCC Runtime Advanced V17.0 - HMIRTM Tagging Package 01 Single SetupPackage V17.0 UPD7 (HKLM-x32\...\{174D465B-7CEB-4DA0-8AA3-1A38416B9994}) (Version: 17.00.0000 - Siemens AG) Hidden
WinCC Runtime Professional V17 - SIMATIC WinCC Runtime V17.0 (HKLM-x32\...\{F5506AFC-4561-4BCA-9CF0-1E79EC938138}) (Version: 17.00.0000 - Siemens AG) Hidden
WinCC Runtime Professional V17 - OPCUA_Client V1.1 + SP2 + Upd5 (HKLM-x32\...\{98434C05-C0D7-4600-A170-79762CB917CD}) (Version: 01.01.0205 - Siemens AG) Hidden
WinCC Runtime Professional V17 - SCADA Simulation Single SetupPackage V17.0 UPD7 (HKLM-x32\...\{75F72449-AD40-4D01-8413-9A7EFF77BC72}) (Version: 17.00.0000 - Siemens AG) Hidden
windows_toolscorepkg (HKLM-x32\...\{44001BA1-EEA5-4EE9-9FEC-2F3F52FDB74C}) (Version: 17.11.35102 - Microsoft Corporation) Hidden
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Yenkee AURA (HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\Yenkee AURA) (Version: 1.0.0.0 - YENKEE)

Packages:
=========
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-10] (Microsoft Windows)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-03-16] (Microsoft Corp.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-28] (Microsoft Corporation)
Minecraft for Windows -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.21.7301.0_x64__8wekyb3d8bbwe [2025-04-12] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_2.2.2.0_x64__8wekyb3d8bbwe [2025-02-19] (Microsoft Studios)
Minecraft: Java Edition -> C:\Program Files\WindowsApps\Microsoft.MinecraftJavaEdition_1.0.5.0_x64__8wekyb3d8bbwe [2024-09-29] (Microsoft Studios)
MuseHub -> C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6 [2025-02-01] (Muse) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-02-21] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.331.0_x64__dt26b99r8h8gj [2024-08-04] (Realtek Semiconductor Corp)
SoundCloud - Music & Songs -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_2.0.0.0_neutral__2xc63xn306dnw [2025-02-21] (SoundCloud Global Limited &amp; Co. KG)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0 [2025-03-26] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2514.4.0_x64__cv1g1gvanyjgm [2025-04-10] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-02-17] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-09] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2024-11-14] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-598124734-1471702195-2874904135-1002_Classes\CLSID\{533d465c-3565-dbaa-ef18-0e89c6534c86}\localserver32 -> C:\Program Files\Sony\INZONE Hub\INZONEHub.exe (Sony Corporation -> Sony Corporation)
CustomCLSID: HKU\S-1-5-21-598124734-1471702195-2874904135-1002_Classes\CLSID\{82A6D7A6-FC2E-4DFD-AAEF-E3BBF9AD71AD}\localserver32 -> "C:\Program Files\dm\dm CEWE fotosvet\AutoBookService.exe" -ToastActivated => No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\nvshext.dll [2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Pepík\Desktop\PC Building Sim.lnk -> C:\Users\Pepík\Downloads\PC Building Sim\PC.Building.Simulator.2.v1.9.12\game\_START.bat ()
ShortcutWithArgument: C:\Users\Pepík\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Fiebinger (zskomtu.cz) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2022-10-21 14:39 - 2022-10-21 14:39 - 000606720 _____ () [File not signed] \\?\C:\Program Files\Siemens\Automation\TIAADMIN\server\node_modules\os-service\build\Release\service.node
2020-11-13 16:34 - 2020-11-13 16:34 - 000110592 _____ () [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\boost_filesystem-vc142-mt-x64-1_71.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 005378048 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-11-08 19:12 - 2024-12-03 22:40 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll
2025-04-10 20:37 - 2025-04-10 20:37 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2025-02-26 19:07 - 2025-04-10 20:37 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2025-02-04 19:22 - 2025-02-04 19:22 - 002640312 _____ (Rainmeter Team -> Rainmeter) [File not signed] C:\Program Files\Rainmeter\Rainmeter.dll
2022-10-21 14:41 - 2022-10-21 14:41 - 001908224 _____ (SIEMENS AG) [File not signed] \\?\C:\Program Files\Siemens\Automation\TIAADMIN\server\core\modules\login\native\mod.auth.83.node
2020-11-09 17:46 - 2020-11-09 17:46 - 003293184 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\tia_111g_libcrypto64.dll
2020-11-09 17:46 - 2020-11-09 17:46 - 000657408 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\tia_111g_libssl64.dll
2020-11-13 16:34 - 2020-11-13 16:34 - 000028112 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\imageformats\qsvg.dll
2020-11-13 16:34 - 2020-11-13 16:34 - 000506832 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\Siemens\Automation\UserManagement\BIN\imageformats\qwebp.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin;C:\Program Files (x86)\Common Files\Siemens\Bin;C:\Program Files (x86)\Common Files\Siemens\CommonArchiving;C:\Program Files (x86)\Common Files\Siemens\ACE\Bin;C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\Interfaces;C:\Program Files (x86)\Common Files\Siemens\;C:\Program Files (x86)\Common Files\Siemens\Interfaces;C:\Program Files (x86)\Common Files\Siemens\ACE\Interfaces;C:\Program Files\dotnet\;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-598124734-1471702195-2874904135-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pepík\Pictures\Tapeta.png
HKU\S-1-5-21-598124734-1471702195-2874904135-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\themea\img20.jpg
HKU\S-1-5-21-598124734-1471702195-2874904135-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\DesktopSpotlight\Assets\Images\image_0.jpg
HKU\S-1-5-80-2555387271-2328369182-3224626408-3133069167-1886171667\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Ethernet 4: VirtualBox Host-Only Ethernet Adapter -> VBoxNetAdp6.sys
OpenVPN Connect DCO Adapter: OpenVPN Data Channel Offload -> ovpn-dco.sys
Připojení k místní síti: TAP-Windows Adapter V9 for OpenVPN Connect -> tap_ovpnconnect.sys

oracle_VBoxNetLwf: VirtualBox NDIS6 Bridged Networking Driver
s7PnDiscoveryDriver: PROFINET IO protocol (DCP/LLDP)
Siem_ISOTrans: SIMATIC Industrial Ethernet (ISO)
SI_SNPNIO: PROFINET IO RT-Protocol V2.3

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "INZONE Hub.lnk"
HKLM\...\StartupApproved\Run: => "DubbingAI"
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\StartupApproved\Run: => "Rapture Keyboard"
HKU\S-1-5-21-598124734-1471702195-2874904135-1002\...\StartupApproved\Run: => "Opera GX Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{5A0E4CA6-6B95-4A13-83F6-2F6E92A3C11B}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{94577811-1020-4C86-A890-0B65724BA899}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6872F4ED-426B-4522-9859-FAA58D8D4074}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-21.0.61-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-21.0.61-windows-x64\bin\java.exe
FirewallRules: [TCP Query User{261E0ADC-13BD-46ED-AEB9-BD702486FA38}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-21.0.61-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-21.0.61-windows-x64\bin\java.exe
FirewallRules: [{3C1B078F-2E2A-41C6-A126-55CFC58BE2EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{B6C4F5A9-1551-48F8-B466-5CBB2E791E72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{14F1D773-C81A-487B-A624-31434D8CB300}C:\users\pepík\appdata\local\wemod\app-10.3.0\wemod.exe] => (Block) C:\users\pepík\appdata\local\wemod\app-10.3.0\wemod.exe => No File
FirewallRules: [TCP Query User{231C10EC-A31F-4FE9-B819-F6911B9F3566}C:\users\pepík\appdata\local\wemod\app-10.3.0\wemod.exe] => (Block) C:\users\pepík\appdata\local\wemod\app-10.3.0\wemod.exe => No File
FirewallRules: [UDP Query User{B719D1E1-14B1-4F5A-9165-D7C1CA30B4DA}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [TCP Query User{896D316C-81E9-4B6D-AEB3-EC35FA54DD86}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [UDP Query User{A9E0198B-6B85-4E2D-B150-D7D49610B008}C:\users\pepík\appdata\local\wemod\app-10.0.0\wemod.exe] => (Block) C:\users\pepík\appdata\local\wemod\app-10.0.0\wemod.exe => No File
FirewallRules: [TCP Query User{FBC20D1B-7CDB-49ED-9B40-12D5A520E785}C:\users\pepík\appdata\local\wemod\app-10.0.0\wemod.exe] => (Block) C:\users\pepík\appdata\local\wemod\app-10.0.0\wemod.exe => No File
FirewallRules: [{B82B9808-5DFE-4835-AF0E-FA2E9A4CB1C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jaded\Jaded.exe () [File not signed]
FirewallRules: [{E6961514-1185-48FB-8B0D-4B370DB45361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jaded\Jaded.exe () [File not signed]
FirewallRules: [UDP Query User{2E34CD25-174F-42F7-9371-25628BA6D717}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe
FirewallRules: [TCP Query User{FAA746DC-61CC-4555-9AA4-992DA91FD050}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe
FirewallRules: [{6FF9B3CC-D81E-480F-A777-272EBE4CA9BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO City Undercover\LEGOLCUR_DX11.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{F6B0AED6-5CD5-4C2A-81A1-5E0338363009}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO City Undercover\LEGOLCUR_DX11.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{4813BBCF-2FAA-49A4-9F7A-909D446D2C12}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.exe (Musecy SM Ltd. -> Muse)
FirewallRules: [UDP Query User{01991D65-4709-4F7F-81E2-F234A9802E81}C:\program files (x86)\steam\steamapps\common\trans-siberian railway simulator prologue\trainprologue\binaries\win64\train-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\trans-siberian railway simulator prologue\trainprologue\binaries\win64\train-win64-shipping.exe => No File
FirewallRules: [TCP Query User{CD03E070-8972-452B-9C9C-CCCBFA1DBD5E}C:\program files (x86)\steam\steamapps\common\trans-siberian railway simulator prologue\trainprologue\binaries\win64\train-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\trans-siberian railway simulator prologue\trainprologue\binaries\win64\train-win64-shipping.exe => No File
FirewallRules: [{D5B2FF2A-3CE4-4DA2-87A5-BA42039FFD90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief Simulator\thief.exe () [File not signed]
FirewallRules: [{897640FC-0DBF-44BA-93FD-66584B6D2ABB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief Simulator\thief.exe () [File not signed]
FirewallRules: [{DDF17979-F5ED-4ECE-842F-F28EF1A8302D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Happyhills Homicide\TheHappyHillsHomicide.exe (Copperbolt) [File not signed]
FirewallRules: [{1FD18F0C-E104-45FF-9461-ED97337B8C3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Happyhills Homicide\TheHappyHillsHomicide.exe (Copperbolt) [File not signed]
FirewallRules: [{85F52D0E-1941-41DA-9E80-385BF69DDF9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{AA2E7C1F-448E-488D-AF27-C0E5CC907ADA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{28DEAC18-5C2A-45C3-B39D-FCF280D32E3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trucker\Star Trucker.exe () [File not signed]
FirewallRules: [{F955B036-344B-4EE4-8B0E-C50B492A09A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trucker\Star Trucker.exe () [File not signed]
FirewallRules: [UDP Query User{8DB68085-AD3D-42CB-B0BA-E1C205E9CEAB}C:\users\pepík\appdata\local\programs\edex-ui\edex-ui.exe] => (Block) C:\users\pepík\appdata\local\programs\edex-ui\edex-ui.exe (Gabriel 'Squared' SAILLARD) [File not signed]
FirewallRules: [TCP Query User{3AF01BA1-6622-4562-BF56-6E95FD925B58}C:\users\pepík\appdata\local\programs\edex-ui\edex-ui.exe] => (Block) C:\users\pepík\appdata\local\programs\edex-ui\edex-ui.exe (Gabriel 'Squared' SAILLARD) [File not signed]
FirewallRules: [UDP Query User{03FC48C2-7673-49EF-80BB-89CE9D87BBD8}C:\users\pepík\appdata\local\warthunder\win64\cefprocess.exe] => (Block) C:\users\pepík\appdata\local\warthunder\win64\cefprocess.exe (GAIJIN NETWORK LTD -> )
FirewallRules: [TCP Query User{A7FE8496-EAAF-4A0E-B34D-667548F4BC30}C:\users\pepík\appdata\local\warthunder\win64\cefprocess.exe] => (Block) C:\users\pepík\appdata\local\warthunder\win64\cefprocess.exe (GAIJIN NETWORK LTD -> )
FirewallRules: [UDP Query User{41F033BA-C468-448C-9780-B1A72C153E87}C:\xboxgames\microsoft flight simulator 2024\content\flightsimulator2024.exe] => (Allow) C:\xboxgames\microsoft flight simulator 2024\content\flightsimulator2024.exe => No File
FirewallRules: [TCP Query User{E9FD5916-8AE1-4785-97DF-B1F927C4787A}C:\xboxgames\microsoft flight simulator 2024\content\flightsimulator2024.exe] => (Allow) C:\xboxgames\microsoft flight simulator 2024\content\flightsimulator2024.exe => No File
FirewallRules: [UDP Query User{0B367ADF-FB62-4FE6-9FAA-1DA8D68D8AC6}C:\program files (x86)\steam\steamapps\common\excalibur\needforspeedunbound.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\excalibur\needforspeedunbound.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{BE8B343E-271C-48FA-80DE-563AD23E5740}C:\program files (x86)\steam\steamapps\common\excalibur\needforspeedunbound.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\excalibur\needforspeedunbound.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{4F558E37-6D35-41EB-A1D8-17930C730E2C}C:\program files (x86)\steam\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe (stillalive studios GmbH) [File not signed]
FirewallRules: [TCP Query User{926871D9-26C3-48A9-A5BB-98C8CCEB26A9}C:\program files (x86)\steam\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\bus simulator 18\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe (stillalive studios GmbH) [File not signed]
FirewallRules: [{A4DC6457-5540-4348-929C-B05E1ECED7A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [{D6BA7124-206A-48BB-A6CF-C38F947CA77F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [UDP Query User{5FE47813-0EE8-402B-9650-E4506E1860BD}C:\users\pepík\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\pepík\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{0C7741D4-EA30-491C-A695-B5CBD4579874}C:\users\pepík\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\pepík\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{2375E63A-5680-4F0F-9513-29A4C687C411}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{FFC9AD03-ABE6-4F13-8D54-816EDB58626F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{10887CEE-DEA3-4772-9A4C-EE544F25B7A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed]
FirewallRules: [{62A363AA-A27F-44D4-BABB-2BF2523F22C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lethal Company\Lethal Company.exe () [File not signed]
FirewallRules: [UDP Query User{CC6F67EC-5B37-4077-A456-6FA95335C98A}C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{8B9B4383-601F-448F-BE05-67D6017B8969}C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{09650952-5AAA-4C68-B978-674FD59CF411}C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe] => (Allow) C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe
FirewallRules: [TCP Query User{7E5C6923-B054-4942-91CD-551D6C562C10}C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe] => (Allow) C:\users\kubík\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe
FirewallRules: [UDP Query User{70684BEF-14E3-482C-9DE9-C179AF486AB3}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe
FirewallRules: [TCP Query User{16A8611A-CD19-479E-B91E-21D437386E18}C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe] => (Allow) C:\users\kubík\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe
FirewallRules: [UDP Query User{E860EF5B-150C-40ED-B11F-20F4187E7137}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{A3A1C7BE-1F48-49FC-B41B-87AF0B650AEC}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{9C77EA09-1255-42BC-B9D1-CA495137B542}C:\users\pepík\appdata\roaming\atlauncher\jre\bin\javaw.exe] => (Allow) C:\users\pepík\appdata\roaming\atlauncher\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1AFCB61E-3CE1-4121-B51F-30150EF62E02}C:\users\pepík\appdata\roaming\atlauncher\jre\bin\javaw.exe] => (Allow) C:\users\pepík\appdata\roaming\atlauncher\jre\bin\javaw.exe
FirewallRules: [UDP Query User{84C438FE-1C15-4D79-84FC-422FC119D1CF}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [TCP Query User{1C3D001E-CA84-472B-B05E-0ABADF2FDBC7}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File
FirewallRules: [UDP Query User{0209CFD9-73BB-4BB8-8228-BD22EF640705}C:\users\kubík\appdata\local\crossout\launcher.exe] => (Allow) C:\users\kubík\appdata\local\crossout\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{D49F04DE-5C72-40EF-995B-C28C292F7837}C:\users\kubík\appdata\local\crossout\launcher.exe] => (Allow) C:\users\kubík\appdata\local\crossout\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [UDP Query User{D043DFDB-900B-449A-BECC-5C1513E95561}C:\users\kubík\appdata\local\medal\app-4.2481.0\medal.exe] => (Allow) C:\users\kubík\appdata\local\medal\app-4.2481.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [TCP Query User{C15E1F69-E0FA-4C2A-B7C0-0169FF6F07EB}C:\users\kubík\appdata\local\medal\app-4.2481.0\medal.exe] => (Allow) C:\users\kubík\appdata\local\medal\app-4.2481.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [UDP Query User{E59DDD40-44D3-40E7-9814-6F8E8AF4B0B1}C:\users\kubík\appdata\local\discord\app-1.0.9156\discord.exe] => (Block) C:\users\kubík\appdata\local\discord\app-1.0.9156\discord.exe => No File
FirewallRules: [TCP Query User{0A21380E-4539-48DE-897F-464A3AB9D3D6}C:\users\kubík\appdata\local\discord\app-1.0.9156\discord.exe] => (Block) C:\users\kubík\appdata\local\discord\app-1.0.9156\discord.exe => No File
FirewallRules: [{6B093CD5-A987-40C0-AF87-9A14D32C9BF3}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{56AA3C96-D1A6-4241-A511-90624748C160}] => (Allow) LPort=9009
FirewallRules: [{C1CA235E-E653-4737-B36A-AACD95D2735A}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCUsrAcv.exe (Siemens AG -> Siemens AG)
FirewallRules: [{8E1875B5-2BA0-4C04-BDDF-4533FB9E4D47}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCDmRtChannelHost.exe (SIEMENS AG -> Siemens AG)
FirewallRules: [{C3E89CB7-648E-491A-AE1B-C54A4032962C}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCRtsLoader.exe (SIEMENS AG -> Siemens AG)
FirewallRules: [{F627D9D8-3D29-4C9B-B7A6-0454BD44E38E}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCOnlCmp.exe (SIEMENS AG -> Siemens AG)
FirewallRules: [{278B24C3-76BB-4732-ACCD-9DF61F0084E8}] => (Allow) C:\Program Files (x86)\Siemens\Automation\SCADA-RT_V11\WinCC\bin\CCProjectMgr.exe (Siemens AG -> Siemens AG)
FirewallRules: [{B8686CEC-CE46-4AC4-8C33-F5D0F9EF09EF}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E40770EF-F72A-48EC-9766-654637BDDE62}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL14.WINCC\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{47B98513-B60C-483D-8D8F-A8705E3400B6}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{3AB6E8DB-A9A8-4D73-9B67-695270A5EC9C}] => (Allow) C:\Program Files\Siemens\Automation\UserManagement\Bin\um.ssrem.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{E3989F70-F6E4-4E78-BA5B-A4DAC47772C0}] => (Allow) C:\Program Files\Siemens\Automation\UserManagement\Bin\um.ris.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{288B8609-FCAC-4749-83E2-2BD38AF7D6F3}] => (Allow) C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\ScsServer.exe (Siemens AG -> )
FirewallRules: [{C2CDECB4-A68A-47E5-9C05-CA0A80DD8343}] => (Allow) C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\SmartServer.exe (Siemens AG -> Siemens AG)
FirewallRules: [{8E8685B6-4566-472E-9668-A14FCC5A8A60}] => (Allow) C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\MiniWeb.exe (Siemens AG -> Siemens AG)
FirewallRules: [{40110F11-7607-4E7B-B773-C2CD0C6CB841}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\ACE\Bin\CCEServer_x64.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{C871448F-5CD0-4477-9AB7-DA31E6C01C3A}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\ACE\Bin\RedundancyControl.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{875A7B82-EF7E-4F65-BBB2-DF26A3FC0FB9}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\ACE\Bin\CCAgent.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{090134D6-4768-4E67-9710-B068E250A651}] => (Allow) LPort=9009
FirewallRules: [{BD774D33-363A-4FF0-9E06-D27F6BC1E49C}] => (Allow) LPort=9009
FirewallRules: [{E2303FDF-37FE-4CE8-BD9F-D7C72CA77E2E}] => (Allow) LPort=9009
FirewallRules: [{59183F92-6577-43DF-BC84-8395F0865CD1}] => (Allow) LPort=9009
FirewallRules: [{4C619DD7-FB25-41A6-A905-63085CB68C25}] => (Allow) LPort=9009
FirewallRules: [{0C9C6228-88DB-4F89-BC8B-BF5774674217}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{9A328B75-8243-4794-A92F-19D2E6E3957A}C:\program files\epic games\destiny2\destiny2.exe] => (Allow) C:\program files\epic games\destiny2\destiny2.exe => No File
FirewallRules: [TCP Query User{5B6A56C3-A5C3-4BD1-9214-6EB548826EFD}C:\program files\epic games\destiny2\destiny2.exe] => (Allow) C:\program files\epic games\destiny2\destiny2.exe => No File
FirewallRules: [{733B0A37-134C-4446-8713-A992B006330B}] => (Allow) LPort=9009
FirewallRules: [{A6879070-97F5-4F11-A330-3A552CB5F9F5}] => (Allow) LPort=9009
FirewallRules: [{D6D859FF-CB21-415E-8508-E897E4EF6B98}] => (Allow) LPort=9009
FirewallRules: [{794EC4A0-F0CA-4DE2-9947-95E42E3C5AD6}] => (Allow) LPort=9009
FirewallRules: [{CEFE9D23-17C7-46B4-B771-03ECA578FD90}] => (Allow) LPort=9009
FirewallRules: [{DB2EEB0B-5811-415B-B45A-B5288454870F}] => (Allow) LPort=9009
FirewallRules: [{3E713B66-8DCC-4D02-9186-1ADC2BB9D533}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{EF3970EA-E3D2-468F-A453-8043C3106ECB}C:\ebpro\easybuilder pro.exe] => (Allow) C:\ebpro\easybuilder pro.exe (Weintek Labs., Inc.) [File not signed]
FirewallRules: [TCP Query User{C336F28F-4D01-4992-AC2C-A8766543E3E1}C:\ebpro\easybuilder pro.exe] => (Allow) C:\ebpro\easybuilder pro.exe (Weintek Labs., Inc.) [File not signed]
FirewallRules: [UDP Query User{22516F46-9870-42C0-AF7B-322576FE92A8}C:\ebpro\gui_e30.exe] => (Allow) C:\ebpro\gui_e30.exe () [File not signed]
FirewallRules: [TCP Query User{6D9CD470-7227-4763-BB77-D590111846A9}C:\ebpro\gui_e30.exe] => (Allow) C:\ebpro\gui_e30.exe () [File not signed]
FirewallRules: [UDP Query User{63106E61-74A0-4FC9-9851-F136CE2DF512}C:\ebpro\com_e30.exe] => (Allow) C:\ebpro\com_e30.exe () [File not signed]
FirewallRules: [TCP Query User{E8FC303C-12F0-4300-91B3-0A21E82E0E65}C:\ebpro\com_e30.exe] => (Allow) C:\ebpro\com_e30.exe () [File not signed]
FirewallRules: [{8F17CBA3-FD68-44E3-8223-B23CFBCEA2D0}] => (Allow) LPort=9009
FirewallRules: [{ED34D941-C557-4B14-94E0-3AA2E3403635}] => (Allow) LPort=9009
FirewallRules: [{F082E317-1F23-46D2-A349-E341A25ED829}] => (Allow) LPort=9009
FirewallRules: [{7D8CC00E-E198-4AAE-9F89-B23E1419F252}] => (Allow) LPort=9009
FirewallRules: [{B6F28DB6-1EAF-40BD-A3C5-604C0CBFC5D4}] => (Allow) LPort=9009
FirewallRules: [{783E592C-4F47-4D1C-A685-077ED6ECD189}] => (Allow) LPort=9009
FirewallRules: [{A74AC1E7-CFBF-4D0B-B116-39A40A13727B}] => (Allow) LPort=9009
FirewallRules: [{78FC3395-A4AB-4AD5-948C-842CB8AACE8E}] => (Allow) LPort=9009
FirewallRules: [{461F62BF-0340-44CD-8880-383B6FC3B732}] => (Allow) LPort=9009
FirewallRules: [{249AF734-0D0B-4BC4-B022-1249188716E9}] => (Allow) LPort=9009
FirewallRules: [{82DFCDAE-DF69-4E2B-8CD8-62F0CA33FD01}] => (Allow) LPort=9009
FirewallRules: [{F9BA619B-F7DC-4E29-8FF4-FBBD634BC3B9}] => (Allow) LPort=9009
FirewallRules: [{B05F23AC-61B7-4BB6-8BCD-4E825CCCCDDA}] => (Allow) LPort=9009
FirewallRules: [{4A2A28A6-8BA9-4324-8E87-289524C19505}] => (Allow) LPort=9009
FirewallRules: [{4542CD90-843C-4596-BD5B-CCA273A40CCB}] => (Allow) LPort=9009
FirewallRules: [{B14E0BE4-52DD-49C7-8DDC-D8C5C175B34C}] => (Allow) LPort=9009
FirewallRules: [{15C59F01-8DB0-4CD1-98CD-1968579A347C}] => (Allow) LPort=9009
FirewallRules: [{60EBE848-DEC5-400C-9762-46EB714753D6}] => (Allow) LPort=9009
FirewallRules: [{0DA774EF-7B4A-4E9A-B8D9-4575CB07EAF8}] => (Allow) LPort=9009
FirewallRules: [{942CC150-7129-495A-BD6B-967660109BBA}] => (Allow) LPort=9009
FirewallRules: [{7CD28C39-C4D7-43FD-813C-FF856205FA48}] => (Allow) LPort=9009
FirewallRules: [{24D62E4E-98F7-449F-BA02-A80AC982E8DA}] => (Allow) LPort=9009
FirewallRules: [{D7941024-7D8C-4EC4-B7F1-D39491767DA8}] => (Allow) LPort=9009
FirewallRules: [{1D82C164-A154-4833-B924-9C13764CA5E3}] => (Allow) LPort=9009
FirewallRules: [{3B0EB37C-C22B-4FF4-9F50-9376C04C20BA}] => (Allow) LPort=9009
FirewallRules: [{A378E831-1578-4D1C-9B72-F0952F0DF23B}] => (Allow) LPort=9009
FirewallRules: [{E55B1AE5-04BC-4A32-87AB-A237E71325D5}] => (Allow) LPort=9009
FirewallRules: [{F1D21679-9983-49F8-9712-DCC9FD39B95A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{EBFF7637-5B29-4389-A9BE-B96F3CF229DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{DE2DDED0-33D5-43F8-9388-A1996576BEA8}] => (Allow) LPort=9009
FirewallRules: [{6FE30D44-7718-4E38-8C97-BA1FE18B8159}] => (Allow) LPort=9009
FirewallRules: [{BE63CDD8-9C4D-4931-9B30-E568F7A442DB}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{D97A08EF-68A2-44A5-9EDE-639BFB20A568}C:\users\kubík\appdata\local\modernwarships\launcher.exe] => (Allow) C:\users\kubík\appdata\local\modernwarships\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{8FC7AC1F-604F-42E2-B9F9-A89A80A744E0}C:\users\kubík\appdata\local\modernwarships\launcher.exe] => (Allow) C:\users\kubík\appdata\local\modernwarships\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{57F8B9C5-2AE9-4407-A5FC-C62FC759496D}] => (Allow) LPort=9009
FirewallRules: [{820CBAFC-F284-422D-B0D7-4D46448CC068}] => (Allow) LPort=9009
FirewallRules: [{A901510F-8293-46B9-85D6-857E55538B9C}] => (Allow) LPort=9009
FirewallRules: [{5B0F8038-C70D-4B04-8A4E-2ADA85FA61E1}] => (Allow) LPort=9009
FirewallRules: [{82D9C7BE-E95F-46D7-A366-3D466A93638B}] => (Allow) LPort=9009
FirewallRules: [{7FE536A7-70DF-49A8-BF0C-B442292D2698}] => (Allow) LPort=9009
FirewallRules: [{B9AED2EB-3478-4656-A172-F94D0EE68716}] => (Allow) LPort=9009
FirewallRules: [{1A2C5269-6D8A-4B59-9475-8F947A447547}] => (Allow) LPort=9009
FirewallRules: [{8F1C2F65-7384-4258-8D26-35CCB7AE46B7}] => (Allow) LPort=9009
FirewallRules: [{02FCBFC6-EF21-4C72-9E5B-5520CC35FA7B}] => (Allow) LPort=9009
FirewallRules: [{49E7C202-BE15-476E-B89A-D35C82C08CB8}] => (Allow) LPort=9009
FirewallRules: [{68FA73A4-851E-42EC-97B9-4F3A30B0A84B}] => (Allow) LPort=9009
FirewallRules: [{6A20D1CE-856A-4B8E-98B7-4C57990517AE}] => (Allow) LPort=9009
FirewallRules: [{80DC631B-BA33-4F1F-B5E6-919BF6D12A2D}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe => No File
FirewallRules: [{D4156EFF-8151-4212-B609-3794A59349F5}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe => No File
FirewallRules: [UDP Query User{8A2B8657-DF16-4F55-80C8-76E767927F93}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => No File
FirewallRules: [TCP Query User{057A6F06-D3BD-46C1-B1C6-6BEFBD558C81}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe => No File
FirewallRules: [{188B7497-D1B8-4FAD-A6F0-AC7253665696}] => (Allow) LPort=9009
FirewallRules: [{700BDF8E-70AB-415E-9746-1A9C30E59D00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{820DA580-0848-4BCE-AD41-79BD00143D3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{F04512F3-FAFB-43E0-A874-1186CD1E307D}] => (Allow) LPort=9009
FirewallRules: [{4B39D840-D4F3-459A-B65D-D25DE1BBB339}] => (Allow) LPort=9009
FirewallRules: [{936E948F-689A-4A72-BD7F-A45A977C238C}] => (Allow) LPort=9009
FirewallRules: [{8BBEBBA4-CC05-485F-925A-906EEAA3C8FB}] => (Allow) LPort=9009
FirewallRules: [{CED93CBE-F707-4BF5-83A2-B7986E26017C}] => (Allow) LPort=9009
FirewallRules: [{4689EFE5-5D78-4CB4-B3B3-DA990B6D579B}] => (Allow) LPort=9009
FirewallRules: [{A3096F31-E5A6-4CA5-832E-EFD6AEDF3A72}] => (Allow) LPort=9009
FirewallRules: [{AFB22C35-4F73-425A-AF4F-A970CFBA6E9B}] => (Allow) LPort=9009
FirewallRules: [{62E8F9DA-4E18-4760-AC70-B56555E17F4D}] => (Allow) LPort=9009
FirewallRules: [{0AFD8B91-1C91-427F-9F25-D05D907F17C7}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{47CCC0E4-6F5F-476D-8CE9-75652170F515}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{B692742A-51E9-471A-8757-6D4ED48E1310}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{8D298AE1-A632-4728-AE7D-71EF8C471101}C:\users\pepík\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\pepík\appdata\local\warthunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{3D1279B3-DC0D-4C0A-8920-823DD6A780EC}C:\users\pepík\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\pepík\appdata\local\warthunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [{287AC738-BC66-465E-9547-AD3D938B5AB4}] => (Allow) LPort=9009
FirewallRules: [{689ABA59-22A9-4289-9F2C-C8C81052DE79}] => (Allow) LPort=9009
FirewallRules: [{A31CD135-4A0A-45B1-9D08-C3782466805B}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{B9B8968A-BC43-41F0-B8E9-12EA830F60C5}C:\users\pepík\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\pepík\appdata\local\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{63EEA360-C850-4B18-A426-5C069EF8891B}C:\users\pepík\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\pepík\appdata\local\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{23400821-B1D8-475D-B767-F6B149713DC4}] => (Allow) LPort=9009
FirewallRules: [{E1E06319-70D1-47E9-842D-07997F24F9C4}] => (Allow) LPort=9009
FirewallRules: [{DB747F09-0942-4556-9A9A-BA5C20478D1E}] => (Allow) LPort=9009
FirewallRules: [{D8098B16-F925-4FAD-886B-4BE602C00D6B}] => (Allow) LPort=9009
FirewallRules: [{FD8E7144-78E7-4877-A959-AA612E177B88}] => (Allow) LPort=9009
FirewallRules: [{C404E07B-17FD-4969-B647-55F815CCDB26}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{FC440CC3-FAD2-4C68-B669-4D3635381768}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{1ECAE770-090A-4F06-A9D0-E2FA24B87B57}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{1056FD65-474C-49A6-AA14-2A17BE9DB05E}] => (Allow) LPort=9009
FirewallRules: [{F5CAC198-453B-40A8-A4AD-ED7134DD5FE8}] => (Allow) LPort=9009
FirewallRules: [{4ACB79E2-0B9D-4B98-9467-1EA817C13728}] => (Allow) LPort=9009
FirewallRules: [{13E80A41-F982-48B5-A1E2-F20E6E431C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{3B32D62E-7FCB-4528-9183-5F369E77F543}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MonBazou\Mon Bazou.exe () [File not signed]
FirewallRules: [{42CC0099-7665-4CA6-91BB-DA38398D3A0A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{607A9327-E614-4824-9C35-9E5D48E43EAC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3E22CA6B-BDD9-4C3C-AD65-849A7F29975C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A5EB07D7-2DBA-4573-AE44-837E401984B6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{53721F09-C883-4EEC-810F-2729C7E4D69B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe => No File
FirewallRules: [{01B61581-8376-46F2-9164-77C7B562E663}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe => No File
FirewallRules: [{B720ED07-C121-4B1D-A1EC-22F5ED21631E}] => (Allow) LPort=9009
FirewallRules: [{073DB76D-17D5-4324-9F65-D9EE9FDCB087}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe => No File
FirewallRules: [{40364FBC-1055-4E13-8E3F-389150C57711}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe => No File
FirewallRules: [{DF521FEF-A392-44F4-82E3-8A4BFEF4D7D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parcel Simulator Demo\parcel.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6E15A088-56B0-487E-8A2C-EBB736840B86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parcel Simulator Demo\parcel.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2EA4DF39-C78A-4273-8CB7-CF356D80C00E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One-armed robber\OAR.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{4FE64261-2999-46CA-A57B-C92F1B5A2C09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One-armed robber\OAR.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{EE8194D6-0619-4F61-A94D-50CD6F284764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (CD PROJEKT S.A. -> CD Projekt RED)
FirewallRules: [{57DBFE6C-D99D-4CFE-8969-27C00DE30F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (CD PROJEKT S.A. -> CD Projekt RED)
FirewallRules: [TCP Query User{8F8173FA-7562-4316-B27E-4811E62D627C}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT S.A. -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{FBC1B40D-C401-4473-94AE-797A2DC0FB97}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT S.A. -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{7B0F8911-8B57-4375-BE78-7E738E17E970}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{F9A69BC1-7A89-42AC-9A3E-49000A08B5F2}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{0991304D-529D-426F-AF06-B1E2A6B31858}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D013C412-72D0-42BC-BEA4-3639F4413BD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6117629-EF34-4082-A335-D91F19B57995}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E41C346A-8618-47CF-BBF6-379D49D4F80F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8D8AF6C0-0593-4952-8AE6-E69474209579}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{978C138F-1FC2-4B18-827E-3D0253D5532D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AC6B7E05-D6A6-4C7B-BD9C-D36B343B2852}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8580ED8E-A1C9-4284-802F-8CA91C1767A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A80AA440-D7EA-44CA-8521-DCDBEF237AEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F61CE2B4-548B-4F3B-A950-DCFE8553BE2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B097C377-83B7-4292-8D03-9240E7C27E8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus World\Bus World.exe () [File not signed]
FirewallRules: [{3E5EC7F3-DA75-4A8F-A39B-136060A07C00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus World\Bus World.exe () [File not signed]
FirewallRules: [{CB5A3F1B-B7E3-4479-BFFA-9FED70030BFE}] => (Allow) C:\Program Files (x86)\Overwolf\0.273.0.22\OverwolfBrowser.exe => No File
FirewallRules: [{F5ACD6DA-F2AE-4CEF-9AF2-6DE3DB71282D}] => (Allow) C:\Program Files (x86)\Overwolf\0.273.0.22\OverwolfBrowser.exe => No File
FirewallRules: [{6E36D6B1-2EE3-4283-9B2F-9417AF0DC6A7}] => (Block) C:\Program Files (x86)\Overwolf\0.273.0.22\OverwolfBrowser.exe => No File
FirewallRules: [{CAC18941-4882-4AAC-A42F-B27C3A2D493F}] => (Block) C:\Program Files (x86)\Overwolf\0.273.0.22\OverwolfBrowser.exe => No File
FirewallRules: [{1B777B81-3243-4FD8-B4F0-F3CA6A830D66}] => (Allow) C:\Program Files (x86)\Overwolf\0.273.1.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2D5D76A1-FCD4-4C2E-B428-279E729DF0DF}] => (Allow) C:\Program Files (x86)\Overwolf\0.273.1.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{08184695-9B4F-4E4C-83B3-B291A2A1DC2D}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{28DB47F4-211E-4441-A162-7C30A6F335A6}C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\pepík\appdata\roaming\atlauncher\runtimes\minecraft\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{5F5F6F45-658D-4588-B6ED-6087436CFE1E}] => (Allow) C:\Users\Kubík\AppData\Local\Programs\Opera GX\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{1A8CBE31-04F7-434D-99FB-6D494CDD51BF}C:\users\kubík\appdata\local\medal\app-4.2699.0\medal.exe] => (Allow) C:\users\kubík\appdata\local\medal\app-4.2699.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [UDP Query User{9DEA94D0-E1C2-418C-B888-FA425CF7A918}C:\users\kubík\appdata\local\medal\app-4.2699.0\medal.exe] => (Allow) C:\users\kubík\appdata\local\medal\app-4.2699.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [{A27E9D9B-F7DB-4829-BC8E-933180F38612}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A804A358-5336-4B4D-8C09-1F4914418C66}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2685D7D2-18D3-43A1-B52B-401612DDB4E0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A6C24798-5B8F-4319-8F15-B785581F38D3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{20DEFBE8-2326-48B9-B981-267D4E38CBA5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F6515CD8-82DE-4F87-88D7-9890211276D3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{293B4796-61BF-4532-9C80-2FF46AE7DE56}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{68F34BC2-20E9-410D-BA36-F1C10CE3198A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{27A16BF6-618A-4BCD-8E04-F561B3DA437B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D3381460-F64E-4E23-B7FD-729C1DD0315C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E2503324-4339-4D3E-81BD-DDA3942FFC9B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B478C066-983F-41DC-B843-CAE6363A4987}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6D3ED014-C38D-4A9D-96CE-DD76241753EA}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9C53D0B6-CE53-4080-98AC-A94F6A54F67E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{803C4672-EFA8-4E03-9B2C-5C69151981BE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

13-04-2025 14:46:34 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/14/2025 07:17:58 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/13/2025 07:53:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (04/13/2025 07:53:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/13/2025 07:53:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (04/13/2025 07:53:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/13/2025 10:04:45 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/12/2025 10:29:03 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/12/2025 05:30:22 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 11.2501.31.0 programu Notepad.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.


System errors:
=============
Error: (04/14/2025 07:20:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/14/2025 07:20:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (04/14/2025 07:18:25 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ovladač zjistil interní chybu ovladače na \Device\VBoxNetLwf.

Error: (04/14/2025 07:17:58 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.

Error: (04/14/2025 07:17:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD User Experience Program Data Uploader byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/14/2025 07:17:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba TIA Administrator byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/14/2025 07:17:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/14/2025 07:17:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2025-04-13 14:48:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-12 18:33:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan

Date: 2025-04-12 18:21:18
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Pepík\AppData\Local\Microsoft\Windows\INetCache\IE\56OGIRER\Rainmeter-4.5.22[1].exe; file:_C:\Users\Pepík\AppData\Roaming\Rainmeter\Updates\Rainmeter-4.5.22.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Rainmeter\Rainmeter.exe
Security intelligence Version: AV: 1.427.216.0, AS: 1.427.216.0, NIS: 1.427.216.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1

Date: 2025-04-12 18:21:18
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Pepík\AppData\Roaming\Rainmeter\Updates\Rainmeter-4.5.22.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Rainmeter\Rainmeter.exe
Security intelligence Version: AV: 1.427.216.0, AS: 1.427.216.0, NIS: 1.427.216.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1

Date: 2025-04-12 14:42:59
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Pepík\AppData\Local\Microsoft\Windows\INetCache\IE\DF5KYRJA\Rainmeter-4.5.22[1].exe
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\Pepík\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Security intelligence Version: AV: 1.427.216.0, AS: 1.427.216.0, NIS: 1.427.216.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1
Event[0]

Date: 2025-04-01 12:17:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.425.351.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2025-04-01 12:17:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.425.351.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80240022
Error description: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2025-04-14 07:19:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Pepík\AppData\Local\Discord\app-1.0.9188\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.273.1.4\OWClient.dll that did not meet the Microsoft signing level requirements.

Date: 2025-04-14 07:19:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Pepík\AppData\Local\Discord\app-1.0.9188\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.273.1.4\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. F1 12/07/2022
Motherboard: Gigabyte Technology Co., Ltd. B550M DS3H AC
Processor: AMD Ryzen 5 5600 6-Core Processor
Percentage of memory in use: 47%
Total physical RAM: 16307.68 MB
Available physical RAM: 8577.46 MB
Total Virtual: 32615.37 MB
Available Virtual: 23033.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:952.92 GB) (Free:35.87 GB) (Model: XPG GAMMIX S11 Pro) NTFS

\\?\Volume{0cd7bec1-4e17-4c4f-8f2e-006e9157ed10}\ () (Fixed) (Total:0.83 GB) (Free:0.27 GB) NTFS
\\?\Volume{43c79ce8-5c73-47d7-aa67-3b05e829eb8b}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15576
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#8 Příspěvek od JaRon »

Subor C:\Program Files\Rainmeter\Rainmeter.exe otestuj na www.virustotal.com
Podla vysledkov ho bud odinstaluj, alebo islo o falosny poplach
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Jenda297
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 dub 2025 07:36

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#9 Příspěvek od Jenda297 »

Provedena kontrola výsledek vše ok, respektive "undetected" až na jeden řádek viz níže

SecureAge - Malicious
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15576
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#10 Příspěvek od JaRon »

Takze PC bude v poriadku :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Jenda297
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 dub 2025 07:36

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#11 Příspěvek od Jenda297 »

Děkuji velice za pomoc, posílám příspěvek :thumbsup:
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15576
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logů - výskyt Trojan:Win32/Wacatac

#12 Příspěvek od JaRon »

Rado sa stalo :) dakujeme
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“