Dle Defenderu vir v PC

[kockopes]

Ahoj/Dobrý den,
dle Microsoft Defender byl nějaký vir v PC, který Defender smazal, prosím tímto o kontrolu logu.
Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Ran by Hladk (administrator) on DESKTOP-1T75NO9 (09-02-2022 20:27:24)
Running from C:\Users\Hladk\AppData\Local\Temp\scoped_dir8220_678203837
Loaded Profiles: Hladk
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\atiesrxx.exe
(Bagelcode) C:\Program Files\WindowsApps\BagelcodeInc.47921C88A920C_120.0.21.0_x64__5dvc9f3b38e20\Club Vegas.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Hladk\AppData\Local\Programs\Opera\83.0.4254.27\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe <32>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2177160 2019-03-03] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\Run: [Opera Browser Assistant] => C:\Users\Hladk\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\MountPoints2: {0be8b383-756a-11ea-9e0c-7085c262d76e} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [221696 2019-02-15] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-08] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {012AF9A8-C10B-4759-9017-F7384F27E0BB} - System32\Tasks\Opera scheduled Autoupdate 1555151344 => C:\Users\Hladk\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software)
Task: {10A3784B-E3D4-4867-997B-1B6FD31C4F26} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {35A50CFD-66BB-470C-BDE4-7F2F2AD50979} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D8A2B39-A76D-42CC-82B9-986D86B87B98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-29] (Google Inc -> Google LLC)
Task: {4E814242-EC28-47EA-A742-87A5C257FD57} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {59700CA8-F849-4731-B8B6-515D6805F876} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Hladk\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-02-09] (ESET, spol. s r.o. -> ESET)
Task: {6C0E15A0-5D86-4BC0-9909-C90DA6F6A00F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {93154DC5-99BE-416F-8C1D-84BC5325D23C} - System32\Tasks\ProtonVPN Update => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-10-23] (ProtonVPN AG -> )
Task: {A0F93F01-0E78-4645-B972-8EB7E3D8CCDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2E7804E-1B6E-4F97-BD23-A65514BD6090} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Hladk\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-02-09] (ESET, spol. s r.o. -> ESET)
Task: {B270A711-E269-48B0-B7D9-6AA86A5CC466} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-29] (Google Inc -> Google LLC)
Task: {B28B71C1-1718-4E11-9AC4-2ED506D1E0C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {C635DB5F-695A-47CA-A255-14BC58AFC748} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C96C4C39-16BE-407E-BC18-7BF77669CD38} - System32\Tasks\Opera scheduled assistant Autoupdate 1582748983 => C:\Users\Hladk\AppData\Local\Programs\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Hladk\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {CDDA4ADD-A396-4673-AD06-0302F1F1DA74} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{31f344b7-4480-4955-86df-c15fb8461db6}: [DhcpNameServer] 86.49.5.221 86.49.5.222

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Hladk\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-09]

FireFox:
========
FF DefaultProfile: 5i7y9o4g.default
FF ProfilePath: C:\Users\Hladk\AppData\Roaming\Mozilla\Firefox\Profiles\5i7y9o4g.default [2020-03-16]
FF ProfilePath: C:\Users\Hladk\AppData\Roaming\Mozilla\Firefox\Profiles\uzwrieov.default-release [2022-02-09]
FF Session Restore: Mozilla\Firefox\Profiles\uzwrieov.default-release -> is enabled.
FF Extension: (Linkificator) - C:\Users\Hladk\AppData\Roaming\Mozilla\Firefox\Profiles\uzwrieov.default-release\Extensions\linkificator@markapola.xpi [2020-04-18]
FF Extension: (Lightshot (Nástroje snímků)) - C:\Users\Hladk\AppData\Roaming\Mozilla\Firefox\Profiles\uzwrieov.default-release\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}.xpi [2021-08-12]
FF Extension: (Hlídač Shopů) - C:\Users\Hladk\AppData\Roaming\Mozilla\Firefox\Profiles\uzwrieov.default-release\Extensions\{d6f0f975-91a3-4d78-96f7-5f1859ad18b6}.xpi [2021-11-10]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default [2022-01-07]
CHR Extension: (Prezentace) - C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-29]
CHR Extension: (Dokumenty) - C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-29]
CHR Extension: (Disk Google) - C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-10]
CHR Extension: (YouTube) - C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-29]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2021-06-20]
CHR Extension: (Tabulky) - C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-20]
CHR Extension: (Gmail) - C:\Users\Hladk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-10]

Opera:
=======
OPR Profile: C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable [2022-02-09]
OPR Notifications: Opera Stable -> hxxps://messages.google.com; hxxps://prekladyher.eu; hxxps://zdopravy.cz
OPR StartupUrls: Opera Stable -> "hxxp://www.idnes.cz/","hxxps://www.mujrozhlas. ... adiozurnal"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Real-Debrid extension) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\cbhlgmcclhchabkenpacjhlcjpcceljf [2020-09-08]
OPR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\ccnckbpmaceehanjmeomladnmlffdjgn [2021-12-09]
OPR Extension: (Rich Hints Agent) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-01-27]
OPR Extension: (ČD Body - zitranavylet.cz) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\fedjfkcpbabccidicbfocikcpmohkpca [2019-06-09]
OPR Extension: (Notifier for Gmail™) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\flkijckbigolpahbkklilflpmkalfohc [2021-07-10]
OPR Extension: (I don't care about cookies) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\iambaeepkgdclnmbfdnnohkjjpdglbeo [2022-01-24]
OPR Extension: (Porovnání cen) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\jmhkgcmmgjblnkjkbgjggkaeifacakgi [2020-06-28]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-11]
OPR Extension: (Install Chrome Extensions) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2019-12-13]
OPR Extension: (Clickable Links) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\mgamelhnfokapndfdodnmfiningckjia [2019-04-13]
OPR Extension: (Hlídač Shopů) - C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2021-12-08]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-10-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99136 2020-10-23] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-10-23] (ProtonVPN AG -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\amdkmdag.sys [80538504 2021-11-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-10-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-10-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 HWiNFO_161; \??\C:\Users\Hladk\AppData\Local\Temp\HWiNFO64A_161.SYS [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-09 20:27 - 2022-02-09 20:27 - 001222144 _____ C:\Users\Hladk\Downloads\RSITx64.exe.opdownload
2022-02-09 20:27 - 2022-02-09 20:27 - 000000000 ____D C:\FRST
2022-02-09 20:26 - 2022-02-09 20:26 - 002311680 _____ (Farbar) C:\Users\Hladk\Downloads\FRST64.exe
2022-02-09 10:59 - 2022-02-09 11:34 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-09 09:21 - 2022-02-09 09:21 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-02-09 09:21 - 2022-02-09 09:21 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-02-09 09:13 - 2022-02-09 09:21 - 000001382 _____ C:\Users\Hladk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-02-09 09:13 - 2022-02-09 09:21 - 000001276 _____ C:\Users\Hladk\Desktop\ESET Online Scanner.lnk
2022-02-09 09:13 - 2022-02-09 09:13 - 015274968 _____ (ESET) C:\Users\Hladk\Downloads\esetonlinescanner.exe
2022-02-09 07:13 - 2022-02-09 07:13 - 000000000 ___HD C:\$WinREAgent
2022-02-07 22:08 - 2022-02-07 22:08 - 001785765 _____ C:\Users\Hladk\Downloads\nz - projekt fuze_klikpojisteni - stejnopis.pdf
2022-02-07 22:07 - 2022-02-07 22:07 - 000286641 _____ C:\Users\Hladk\Downloads\sc_konec (1).pdf
2022-02-07 22:06 - 2022-02-07 22:06 - 000286641 _____ C:\Users\Hladk\Downloads\sc_konec.pdf
2022-02-06 20:49 - 2022-02-06 20:49 - 000023298 _____ C:\Users\Hladk\Downloads\Prehled_navaznych_spoju_v_autobusove_doprave_platn.xlsx
2022-02-06 20:47 - 2022-02-06 20:47 - 000119582 _____ C:\Users\Hladk\Downloads\Garantovane_cekaci_doby_v_Pardubickem_kraji_s_plat.xlsx
2022-02-05 21:37 - 2022-02-05 22:35 - 1071988714 _____ C:\Users\Hladk\Downloads\The Little Drummer Girl s01e05 CZ.avi
2022-02-05 21:37 - 2022-02-05 22:27 - 930889416 _____ C:\Users\Hladk\Downloads\The Little Drummer Girl s01e04 CZ.avi
2022-02-05 21:16 - 2022-02-06 00:26 - 2096696388 _____ C:\Users\Hladk\Downloads\Vlkochodci [Wolfwalkers] (2020) CZ titulky HD 1080p.mkv
2022-02-03 18:48 - 2022-02-03 18:48 - 000474320 _____ C:\Users\Hladk\Downloads\cestovní.smlouva.pdf
2022-02-03 18:42 - 2022-02-03 18:42 - 000476214 _____ C:\Users\Hladk\Downloads\Hladky_Kooperativa_KOL_5045217782_smlouva_220203_171719.pdf
2022-02-03 17:36 - 2022-02-03 17:36 - 000207548 _____ C:\Users\Hladk\Downloads\Smlouva_DPS.pdf
2022-02-03 17:35 - 2022-02-03 17:35 - 000125177 _____ C:\Users\Hladk\Downloads\Smlouva (2).pdf
2022-02-03 17:31 - 2022-02-03 17:31 - 000198083 _____ C:\Users\Hladk\Downloads\Navrh_smlouvy.pdf
2022-02-03 17:30 - 2022-02-03 17:30 - 000055549 _____ C:\Users\Hladk\Desktop\Smlouva (1).pdf
2022-02-03 17:29 - 2022-02-03 17:29 - 000055549 _____ C:\Users\Hladk\Downloads\Smlouva (1).pdf
2022-02-03 17:26 - 2022-02-03 17:26 - 000549410 _____ C:\Users\Hladk\Downloads\Darovací smlouva - 2022000012 31.12.2022.pdf
2022-02-03 17:26 - 2022-02-03 17:26 - 000094674 _____ C:\Users\Hladk\Downloads\Navrh_na_vklad_ID_2022000012.pdf
2022-02-03 17:17 - 2022-02-03 17:17 - 001229514 _____ C:\Users\Hladk\Desktop\contract.jsf.pdf
2022-02-03 17:09 - 2022-02-03 17:09 - 000262675 _____ C:\Users\Hladk\Desktop\My bookings.pdf
2022-01-28 09:07 - 2022-01-28 09:07 - 000120508 _____ C:\Users\Hladk\Downloads\Čestné-prohlášení-o-nulových-příjmech-pdf-ke-stažení-online.pdf
2022-01-27 21:21 - 2022-01-27 21:21 - 000217553 _____ C:\Users\Hladk\Downloads\Detail_faktura_VS_7924000040_vystaveno_06012022_EIC_27ZG500Z0310599U (1).xlsx
2022-01-27 21:15 - 2022-01-27 21:15 - 000218966 _____ C:\Users\Hladk\Downloads\Vyuctovaci_faktura_bD_VS_7924000040_vystaveno_06012022.pdf
2022-01-27 21:15 - 2022-01-27 21:15 - 000217553 _____ C:\Users\Hladk\Downloads\Detail_faktura_VS_7924000040_vystaveno_06012022_EIC_27ZG500Z0310599U.xlsx
2022-01-26 11:31 - 2022-01-26 11:31 - 000000000 ____D C:\Users\Hladk\AppData\Local\FreeGrabApp
2022-01-26 11:11 - 2022-01-26 11:11 - 000000000 ____D C:\Users\Hladk\AppData\Roaming\FreeGrabApp
2022-01-26 11:11 - 2022-01-26 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeGrabApp
2022-01-26 11:11 - 2022-01-26 11:11 - 000000000 ____D C:\ProgramData\FreeGrabApp
2022-01-26 11:11 - 2022-01-26 11:11 - 000000000 ____D C:\Program Files (x86)\FreeGrabApp
2022-01-24 13:11 - 2022-01-24 13:11 - 000222185 _____ C:\Users\Hladk\Downloads\Výpověď k področní platbě.pdf
2022-01-24 10:58 - 2022-01-24 10:58 - 000107284 _____ C:\Users\Hladk\Downloads\hb_potvrzeni_uroky_267294-1_20220101_934 (1).pdf
2022-01-23 09:05 - 2022-01-23 12:13 - 3447458292 _____ C:\Users\Hladk\Downloads\The.Little.Drummer.Girl.01x03.1080i.HDTV.CZ.mkv
2022-01-22 20:16 - 2022-01-22 23:34 - 3621678942 _____ C:\Users\Hladk\Downloads\The.Little.Drummer.Girl.01x02.1080i.HDTV.CZ.mkv
2022-01-22 20:16 - 2022-01-22 23:26 - 3468664360 _____ C:\Users\Hladk\Downloads\The.Little.Drummer.Girl.01x01.1080i.HDTV.CZ.mkv
2022-01-21 08:42 - 2022-01-21 08:42 - 000050900 _____ C:\Users\Hladk\Desktop\potvrzeni-2021-nadace-via-o1icdnbcgl.pdf
2022-01-18 20:34 - 2022-01-18 20:34 - 000097438 _____ C:\Users\Hladk\Downloads\DS Hladký (1).pdf
2022-01-18 19:38 - 2022-01-18 19:38 - 000006029 _____ C:\Users\Hladk\Downloads\DNEDP4-7610253519-20220118-193751-1625384214-potvrzeni.p7s
2022-01-18 19:33 - 2022-01-18 19:33 - 000127069 _____ C:\Users\Hladk\Desktop\DPN CB.pdf
2022-01-18 19:28 - 2022-01-18 19:28 - 000109499 _____ C:\Users\Hladk\Desktop\DPN.pdf
2022-01-17 10:25 - 2022-01-17 10:25 - 000001323 _____ C:\Users\Hladk\Downloads\DNEDP4-7610253519-20220117-102516-pracovni.xml
2022-01-14 16:11 - 2022-01-14 16:11 - 000000000 ____D C:\Users\Hladk\AppData\Local\PCHealthCheck
2022-01-14 10:57 - 2022-01-14 10:57 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-14 10:57 - 2022-01-14 10:57 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-14 10:57 - 2022-01-14 10:57 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 14:18 - 2022-01-13 14:18 - 000155536 _____ C:\Users\Hladk\Downloads\document.pdf
2022-01-11 09:10 - 2022-01-11 09:10 - 003311528 _____ C:\Users\Hladk\Downloads\GdYNUNFPe9MB.pdf.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-09 20:18 - 2020-03-16 07:22 - 000000000 ____D C:\Users\Hladk\AppData\LocalLow\Mozilla
2022-02-09 20:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-09 19:56 - 2019-05-29 18:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-09 15:46 - 2019-10-10 06:43 - 000000000 ____D C:\Users\Hladk\AppData\Local\ClassicShell
2022-02-09 14:52 - 2020-08-12 20:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-09 11:39 - 2020-08-12 20:11 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-09 11:39 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-02-09 11:39 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-02-09 11:39 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-09 11:32 - 2020-08-12 20:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-09 11:32 - 2020-08-12 20:03 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-09 11:32 - 2020-08-12 11:48 - 000000000 ____D C:\Users\Hladk
2022-02-09 11:32 - 2020-03-16 07:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-02-09 11:32 - 2020-03-16 07:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-09 11:32 - 2019-04-23 21:36 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-09 11:32 - 2019-04-22 18:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-02-09 10:59 - 2021-09-10 18:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-09 10:59 - 2020-03-16 07:22 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-09 10:59 - 2020-03-16 07:22 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-08 18:58 - 2019-05-29 18:23 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-08 07:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-08 07:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-06 00:27 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-02-04 17:14 - 2020-06-25 09:50 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-01 16:34 - 2020-08-12 20:09 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1555151344
2022-02-01 16:34 - 2019-04-13 11:29 - 000001409 _____ C:\Users\Hladk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-01-28 07:08 - 2020-08-12 20:09 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-28 07:08 - 2020-08-12 20:09 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-25 08:16 - 2020-12-16 11:14 - 000000000 ____D C:\Users\Hladk\Desktop\Dokumenty Táta
2022-01-22 12:54 - 2020-08-12 20:03 - 000258176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-22 06:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-22 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-22 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-22 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-22 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-22 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-22 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-22 06:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-21 21:51 - 2020-08-12 20:09 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 21:51 - 2020-08-12 20:09 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-17 10:43 - 2021-01-07 08:50 - 000000000 ____D C:\Users\Hladk\AppData\Roaming\.dsgui
2022-01-17 09:45 - 2019-12-28 19:21 - 000000000 ____D C:\Users\Hladk\AppData\Local\cache
2022-01-15 06:14 - 2019-05-13 19:57 - 000000000 ____D C:\Users\Hladk\AppData\Local\Adobe
2022-01-14 16:11 - 2021-06-24 19:51 - 000001349 _____ C:\Users\Hladk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-01-14 10:59 - 2020-08-12 20:09 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-14 10:58 - 2019-05-13 19:59 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-14 10:57 - 2019-04-13 10:54 - 000413786 __RSH C:\bootmgr
2022-01-14 10:46 - 2019-04-13 13:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-14 10:45 - 2019-04-13 13:28 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-11 11:58 - 2019-04-28 06:01 - 000000000 ____D C:\Users\Hladk\AppData\Roaming\vlc

==================== Files in the root of some directories ========

2019-04-30 18:32 - 2018-10-25 21:00 - 000006026 _____ () C:\Program Files (x86)\current.btskin
2019-04-30 18:37 - 2019-04-30 18:43 - 000003754 _____ () C:\Program Files (x86)\dht.dat
2019-04-30 18:37 - 2019-04-30 18:37 - 000003676 _____ () C:\Program Files (x86)\dht.dat.old
2019-04-30 18:43 - 2019-04-30 18:37 - 000000058 _____ () C:\Program Files (x86)\resume.20190430.194316.dat
2019-04-30 18:37 - 2019-04-30 18:43 - 000000058 _____ () C:\Program Files (x86)\resume.dat
2019-04-30 18:37 - 2019-04-30 18:37 - 000000058 _____ () C:\Program Files (x86)\resume.dat.old
2019-04-30 18:37 - 2019-04-30 18:43 - 000000099 _____ () C:\Program Files (x86)\rss.dat
2019-04-30 18:37 - 2019-04-30 18:37 - 000000099 _____ () C:\Program Files (x86)\rss.dat.old
2019-04-30 18:32 - 2019-04-30 18:43 - 000005623 _____ () C:\Program Files (x86)\settings.dat.old
2019-04-30 18:32 - 2018-10-25 21:00 - 000027702 _____ () C:\Program Files (x86)\toolbar.bmp
2019-04-30 18:31 - 2018-08-28 18:30 - 000294384 _____ (emc) C:\Program Files (x86)\uninstall.exe
2019-04-30 18:32 - 2018-10-25 21:00 - 000189334 _____ () C:\Program Files (x86)\utorrent-221-25534.chm
2019-04-30 18:32 - 2018-10-25 21:00 - 000039237 _____ () C:\Program Files (x86)\utorrent.lng
2019-04-30 18:32 - 2018-10-25 21:00 - 000000049 _____ () C:\Program Files (x86)\utorrent.url
2019-04-30 18:32 - 2018-10-25 21:00 - 000184498 _____ () C:\Program Files (x86)\webui.zip
2021-12-25 21:03 - 2021-12-25 21:03 - 000003584 _____ () C:\Users\Hladk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by Hladk (09-02-2022 20:30:37)
Running from C:\Users\Hladk\AppData\Local\Temp\scoped_dir8220_678203837
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2020-08-12 19:09:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1001266131-2733610755-3133150411-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1001266131-2733610755-3133150411-503 - Limited - Disabled)
Guest (S-1-5-21-1001266131-2733610755-3133150411-501 - Limited - Disabled)
Hladk (S-1-5-21-1001266131-2733610755-3133150411-1001 - Administrator - Enabled) => C:\Users\Hladk
WDAGUtilityAccount (S-1-5-21-1001266131-2733610755-3133150411-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bullzip PDF Printer 11.9.0.2735 (HKLM\...\Bullzip PDF Printer_is1) (Version: 11.9.0.2735 - Bullzip)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Datovka (HKLM-x32\...\Datovka) (Version: 4.15.6 - CZ.NIC, z. s. p. o.)
Divinity Original Sin 2 MULTi5 (HKLM-x32\...\Divinity Original Sin 2 MULTi5_is1) (Version: - )
Divinity: Original Sin 2 (HKLM-x32\...\1584823040_is1) (Version: 3.6.37.7694_kr3 - GOG.com)
EasePaint Watermark Remover 1.03 (HKLM-x32\...\EasePaint Watermark Remover) (Version: 1.03 - hxxp://www.easepaint.com/)
EMCO Ping Monitor Free 6.3 (HKLM\...\{71897DBE-7D98-47FC-88E7-73246EDB829E}) (Version: 6.3.0.5014 - EMCO Software)
Free Netflix Download (HKLM-x32\...\Free Netflix Download_is1) (Version: 5.0.35.1202 - FreeGrabApp LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\HearthstoneDeckTracker) (Version: 1.14.16 - HearthSim)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Logitech Options (HKLM\...\LogiOptions) (Version: 7.12.43 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 97.0 (x64 cs)) (Version: 97.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
NVIDIA Ovladače grafiky 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
Opera Stable 83.0.4254.27 (HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\Opera 83.0.4254.27) (Version: 83.0.4254.27 - Opera Software)
ProtonVPN (HKLM-x32\...\{D19979C9-8B5B-4500-AA6A-EF331F658074}) (Version: 1.17.5 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.17.5) (Version: 1.17.5 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.24.5 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)

Packages:
=========
Club Vegas -> C:\Program Files\WindowsApps\BagelcodeInc.47921C88A920C_120.0.21.0_x64__5dvc9f3b38e20 [2022-01-29] (Bagelcode)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-24] (Microsoft Corporation)
IrfanView64 -> C:\Program Files\WindowsApps\30067IrfanSkiljanIrfanVie.IrfanView64_4.5.9.0_x64__psgec73n2n7ne [2021-12-18] (Irfan Skiljan (IrfanView))
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-13] (Microsoft Corporation) [MS Ad]
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2019-04-27] (Microsoft Platform Extensions)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-13] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2022-01-07] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-20] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0 [2022-02-05] (Spotify AB) [Startup Task]
WPS Office for Free -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOfficeforFree_10.2.7636.0_x86__924xes6e8q1tw [2019-04-27] (Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\nvshext.dll [2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-01-29 18:00 - 2022-01-29 18:00 - 005851136 _____ () [File not signed] C:\Program Files\WindowsApps\BagelcodeInc.47921C88A920C_120.0.21.0_x64__5dvc9f3b38e20\BagelcodeInc.47921C88A920C.dll
2022-01-29 18:00 - 2022-01-29 18:00 - 051404288 _____ () [File not signed] C:\Program Files\WindowsApps\BagelcodeInc.47921C88A920C_120.0.21.0_x64__5dvc9f3b38e20\GameAssembly.dll
2019-04-25 18:29 - 2019-02-15 16:13 - 000221696 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll
2017-08-13 07:49 - 2017-08-13 07:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2019-12-15 09:24 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\StartupApproved\Run: => "utweb"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{AEC13BEE-7FCE-4619-8C27-63ADE0F1C9B9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe => No File
FirewallRules: [TCP Query User{3FB1CB04-AB40-4BCF-9E10-7A0B95FF2AE0}C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe => No File
FirewallRules: [UDP Query User{2BD3D3B0-AF4A-4AB1-A736-6C279A1B97C9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe => No File
FirewallRules: [TCP Query User{A6221505-6CF3-402E-A921-B701F5E4E82E}C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe => No File
FirewallRules: [UDP Query User{36AAD69A-19FF-4610-87A5-24C373B8D06C}C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{6EA2B64B-5C54-447B-ACDA-3C716255F518}C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [UDP Query User{FC90B73D-B5ED-444F-8AC2-39D0D7C4E383}C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe => No File
FirewallRules: [TCP Query User{7F387485-89C1-4742-A0BE-2278198C43D8}C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe => No File
FirewallRules: [UDP Query User{80ADBB38-C3A9-4F4B-A64D-20A7F1CB9549}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{72E9A4F1-0F1E-4157-9810-B6A90D105C90}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{F3189B20-1311-43E4-A00A-8B90E16FFDF8}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{C0CEC372-FABE-4965-AB99-659649FCA6D3}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{B5C534CA-DD90-4F00-A9DC-7AA1D67F503D}C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe => No File
FirewallRules: [TCP Query User{21DF427C-07AB-4687-B000-215151C9D8D6}C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe => No File
FirewallRules: [UDP Query User{908618FE-CC52-4A9A-8CFD-B0D4FD1BFFD9}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4B00823D-32CE-46E5-B498-E26DE4638092}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4442A42E-65E3-4716-952B-475688E868FF}C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{92BFC1D3-BA0B-41E8-A911-90F9EC26A79E}C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [UDP Query User{9253AB2C-7D13-4D93-BCF9-3415F7B3B48F}C:\program files\nová složka\bin\javaw.exe] => (Allow) C:\program files\nová složka\bin\javaw.exe
FirewallRules: [TCP Query User{48E0F537-E9AC-43DC-8170-0C64992FAFA8}C:\program files\nová složka\bin\javaw.exe] => (Allow) C:\program files\nová složka\bin\javaw.exe
FirewallRules: [UDP Query User{D6FAED8E-7A2C-4E93-9FEB-70FA3FC41A0E}C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe => No File
FirewallRules: [TCP Query User{A3D7CEDF-5096-422A-9F28-995975DE50C1}C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe => No File
FirewallRules: [UDP Query User{6BF4A7B2-BC35-4450-A564-9AB82F22B2A0}C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [TCP Query User{13E0D06C-162C-4AAA-9C43-0E0C08E7B523}C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [UDP Query User{235AE8F5-02D1-4521-921A-892F1E1B71CB}C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe => No File
FirewallRules: [TCP Query User{DF7B7697-6433-4D50-85C2-827A1636BF1D}C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe => No File
FirewallRules: [UDP Query User{F7C94FFB-E06D-43EB-90E2-4F863D0F45C5}C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [TCP Query User{915C8622-F87F-49F1-BE74-3C4E5A70741D}C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [{5C43BB95-AC66-4BC4-8CE4-83D7A4E57F08}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C1D8ACE-A4EB-43AC-9609-37A25BA1EC20}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0D61D0BF-830C-485C-9EFA-ACFBD65BF807}C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe => No File
FirewallRules: [TCP Query User{CFC8FE14-DD0E-45DB-9177-89804D9845CA}C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe => No File
FirewallRules: [UDP Query User{154925E9-895E-4064-8E02-F855198144FF}C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [TCP Query User{71B9F9AD-9D16-4D2C-9D78-A0C614D4042E}C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [UDP Query User{6097984C-D97B-492C-9A07-F4B8A52A21BF}C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{C4CC4BE6-CA68-4AEE-BF64-61F0710225F5}C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{CD9399B9-240E-4624-84FF-A76C4BF50A94}C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{58534CAB-DBC9-4018-B5EA-AE3AEDB8B716}C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [UDP Query User{A03B30D3-8138-4755-A246-04124C3CECA7}C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{7E18BFFB-ED71-482C-BF31-09899779D2F4}C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{7C1683A2-CBE1-435E-A8F0-2B410EC56B1A}C:\gog games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) C:\gog games\divinity - original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{555844A4-C5B2-4F24-A023-7E8CB235EBE3}C:\gog games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) C:\gog games\divinity - original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{8DD0C2F1-88B3-46E6-A253-45A1061A6497}C:\program files\nová složka\bin\javaw.exe] => (Allow) C:\program files\nová složka\bin\javaw.exe
FirewallRules: [TCP Query User{651A057B-734B-4FCF-AC7E-79516B6A06AC}C:\program files\nová složka\bin\javaw.exe] => (Allow) C:\program files\nová složka\bin\javaw.exe
FirewallRules: [UDP Query User{A2A60AB5-8E13-443B-A46D-3C33AD6FB706}C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{CD907C87-0A34-4854-A3D2-A7CBB4F1D180}C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{01FE5073-FD07-4C54-ABB4-9A2800D99785}C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [TCP Query User{0CE15A22-6C01-425A-8D7D-572C42ABF0BC}C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [UDP Query User{E7EF39A2-3D9F-43E8-B981-99566F76651B}C:\gog games\divinity - original sin 2\classic\eocapp.exe] => (Allow) C:\gog games\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{56F37981-C9BC-4AA1-AE8B-F9CAF543E069}C:\gog games\divinity - original sin 2\classic\eocapp.exe] => (Allow) C:\gog games\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{17521C2F-AD1B-461C-9C1B-F8D501E52505}C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [TCP Query User{C598D783-777A-4EBF-85C7-646BF25CAE1E}C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [UDP Query User{83FFB050-CD4F-4511-9E9C-7C7189F928CC}C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{648ABAE2-65AE-467C-9F48-81304EB5A9F7}C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [UDP Query User{797FE114-DC6F-449F-8BA2-305AE3CE12A5}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [TCP Query User{AEF95643-E1DD-4F0E-8E71-2FFFBC253EA0}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [UDP Query User{EDC27545-5BF3-4D0E-BF64-7A2E88E38ADD}C:\users\hladk\downloads\divinity original sin 2 multi5\bin\eocapp.exe] => (Allow) C:\users\hladk\downloads\divinity original sin 2 multi5\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{A279A69B-E698-4EC3-B9E4-9BBE1EAF73D9}C:\users\hladk\downloads\divinity original sin 2 multi5\bin\eocapp.exe] => (Allow) C:\users\hladk\downloads\divinity original sin 2 multi5\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{2BC1F1A8-B422-456C-9F41-F2341EE9EA85}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{77F15D8E-B478-4C82-AA6F-8C4CCBF1ABB1}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{42FFCE23-8ABF-42CB-8EED-BFE8B47302A3}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{8870A970-7BB9-49CC-BA25-BC47DCB5C2C1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{5EF78676-80DB-487C-9757-1562BF45A950}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{407893BF-943B-4F17-B04F-00F258680FB1}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [{D2247CA7-CF3D-4B68-A6DF-B895CA833728}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A5DC32B9-D0EB-4CCD-88F0-C7668B67E69A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{537ECD41-1A17-4530-A8B9-8BC143CC2445}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{33AD07A3-9CDD-4FE2-9547-1380D9B44B1E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{35B12E08-13D8-4621-901C-A47EE7E42F6B}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe => No File
FirewallRules: [UDP Query User{A7E9158F-D429-4B37-97C8-8BDAF0E08F8C}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe => No File
FirewallRules: [{5B68CDC7-3BFF-40ED-8502-E91BB11F713B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{5233E68C-3582-46D9-A6E1-40B09C49F909}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{F42F9F03-7347-4E1A-AEC6-FFCD080CCFD4}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe => No File
FirewallRules: [UDP Query User{D9197196-9980-453A-AFB2-67F94269D10D}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe => No File
FirewallRules: [{2DE037A7-01D4-45E5-A1A4-DF76F111F791}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{2D79C30D-BB7F-4D34-BF86-D9682FD6E80F}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{849A800C-FADA-4368-B463-4CA0AF49AC97}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{7C138555-9143-4D6A-9DC7-90E1DB5940D9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [UDP Query User{EF545FAE-C620-4053-A16C-7277E7506F0D}C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [TCP Query User{5562B3B0-3416-46BE-A488-08E2362044AE}C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe => No File
FirewallRules: [UDP Query User{5ED12D5F-3182-4775-B489-FEE713D9E0F6}C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe => No File
FirewallRules: [TCP Query User{DCB0923E-31E8-4BFA-9418-7AF1BCF76186}C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{909145B2-3AA4-4D3E-A4D2-77C102322219}C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{7E00704A-A48F-4DB4-841B-26DE584CBD2E}C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{C05BA804-3886-4637-A912-0240FA199996}C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{558FF623-ED78-460F-B7A4-BDE2D4B843C4}C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe => No File
FirewallRules: [UDP Query User{D88D9356-1CE5-43B8-AFA6-A7D568A51AE9}C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe => No File
FirewallRules: [TCP Query User{B9361DCB-5714-45DB-BA31-9F18B970B4B7}C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{78994A18-CCA1-4C2B-8DD1-6005D5AF8DBC}C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [TCP Query User{E1928307-104F-43E5-BB36-E6FB6947A5F8}C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{EFE5D62E-DD74-4B99-9DEC-C16ED4E1F38B}C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{838ABB31-B739-4952-91AE-A938FF0F6B38}C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{A31A733E-60D2-403C-83E8-96BC19EB3E43}C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [TCP Query User{74293A31-40F4-4010-B82E-DB28630FC1F7}C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{6DCD16B6-DA09-43A4-9CB0-EEBC155AC81E}C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{41BC202C-3896-4D89-9832-35AF68DBEFE1}C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{E20A8878-3EFA-4245-B149-5BA50A4D4CF1}C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{747B9B7E-BABD-48E6-B310-BF3AD6ABAA72}C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{6B5F7A21-AD66-4E4A-8FD7-C0F808642F7E}C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{70183EC0-9735-40A4-83BA-B65D9A44FECB}C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{80B2B39A-41A2-4DB4-B2CE-3494DF3337E4}C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{8E40A96E-88A5-4260-84C7-6194532CC0BF}C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [UDP Query User{1D200F28-6EF9-4DFF-9CA2-C405E2846E04}C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [TCP Query User{5F770C7C-7222-4E45-A754-D0E4C74E8552}C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [UDP Query User{02E9DE4D-2227-4777-A894-B9ECC55E71ED}C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [TCP Query User{A63A85B0-EE53-45AE-A505-6097DDA77A34}C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe => No File
FirewallRules: [UDP Query User{6F631C14-2AFD-4718-A64B-46E0AFB24FC9}C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe => No File
FirewallRules: [TCP Query User{9183235A-BC47-4373-86E5-81535948CCBB}C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe => No File
FirewallRules: [UDP Query User{ABF56DDE-D0D8-48E5-9950-CF0823DA22D5}C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe => No File
FirewallRules: [TCP Query User{7924D7F9-35B5-4323-8CD6-BF7FB02C27D1}C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [UDP Query User{CE9F2AB9-F350-4173-99FE-8C9EA59BABEA}C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{627D6D88-BCD9-4B11-8752-7033CE67A43E}C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [UDP Query User{BF44925E-976B-4681-A7BC-ADD952905D4A}C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [TCP Query User{2B7C2FCC-8FE5-4DA7-BD8B-D927A75B3B71}C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [UDP Query User{5F64FDD9-1BB6-480D-9924-05DBE3BCEFFD}C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [TCP Query User{1986AD46-BD8E-4F25-B06C-EDAABD15F373}C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [UDP Query User{E73F905E-2295-4172-B8AF-F6CAADEC2864}C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [TCP Query User{84A9739B-671F-4E4A-BE63-6EE1BD489B64}C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [UDP Query User{E21BB260-186E-4361-A69F-BA7AB9DF0FD8}C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [{6AD2C198-35E1-41D5-93C8-BEF3AF17B699}] => (Allow) C:\Users\Hladk\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{5727A7C0-41CE-441B-9285-61A040416076}] => (Allow) C:\Users\Hladk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{2CB56624-7D8F-45E3-93D6-FF7D65E68D9A}] => (Allow) C:\Users\Hladk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{0B8B5CD6-3EF7-4242-A04C-FDBB1A94F158}C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [UDP Query User{DDC5EE6F-2E52-4F48-A8B5-F521E1552474}C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [TCP Query User{2A9894EC-FF19-4E3B-B092-0F1FDEB04C97}C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [UDP Query User{B21566DA-243C-47F3-BA01-30BE370CA6B1}C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [TCP Query User{D81E2147-F2A2-4105-A36B-8EF7FEA04452}C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [UDP Query User{36D19403-1991-4E8E-8145-7E804CC73AD6}C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [{5F3EA87A-90F3-4626-AACA-7916A3BFD2EA}] => (Allow) C:\Program Files\BlueStacks_bgp64\HD-Player.exe => No File
FirewallRules: [TCP Query User{E18E0E38-4030-45E9-BC07-B643BC3C4B39}C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [UDP Query User{F626C883-92B2-44B3-9E54-9A2F8C1CE7DE}C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [TCP Query User{A719F233-9069-481B-8DB5-6F601CAAC967}C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe => No File
FirewallRules: [UDP Query User{233055A1-F9BA-432C-8A80-5B4EE0D15D71}C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe => No File
FirewallRules: [TCP Query User{2E264129-0F0B-45CD-B679-095140BBDFF1}C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [UDP Query User{F1F29FE8-D9E0-40E7-AB99-CEEA1A86F4A7}C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [TCP Query User{7E44BE17-DFE1-4760-8240-B35BBF487BCE}C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{D07DE422-719C-41B7-8B09-27862BEAFE7B}C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{7F6993DF-F557-4498-967B-3704A1682B76}C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe => No File
FirewallRules: [UDP Query User{47B5B3C4-AD76-4198-B173-3303DA734D9E}C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe => No File
FirewallRules: [TCP Query User{A456D408-B363-4D5D-82F2-6FE057DB27F4}C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe => No File
FirewallRules: [UDP Query User{AA101A67-B4FA-46B8-85C8-7F36645BDDB5}C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe => No File
FirewallRules: [TCP Query User{E51C7860-7EBA-4373-B473-B93210B56DBC}C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [UDP Query User{90595795-29E6-41AA-89FC-9352F12EEDA0}C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [TCP Query User{C01512D0-38D4-4C20-95A2-E585C4B03216}C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [UDP Query User{58EF3087-3590-4AFF-B2CC-C249EAB2FC28}C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [TCP Query User{F23A8FDD-D625-420E-A53D-69641E93598A}C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [UDP Query User{0AC75736-2CD5-4885-B77F-992CF97D2E78}C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [TCP Query User{760BDFEB-F33E-4689-995B-8F4F61C78C5A}C:\users\hladk\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{AADA818B-AD5A-4D84-B0A5-143CE63FB9B8}C:\users\hladk\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{FD50663E-8A65-4975-9C1B-3C10D164B9A7}C:\users\hladk\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{806C1030-C04C-4C00-AA79-B4BA3E7C9A13}C:\users\hladk\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{ACC24E13-5D18-4503-8CE7-4993EA376E8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D3D0F170-3737-4016-AE79-6AD35FE41FB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B07B4BFB-A714-4F05-A364-6A7137AECAD6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E2C7161C-4B74-44D4-9C09-60948711F109}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D289E749-8986-475A-8F7D-1651CA56DAB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{916C6619-BA54-40CD-B82F-44A0E15156F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89452BB3-BD71-452B-AE1B-F307B427A9D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5239BDA-39BB-4DFF-9AE6-03EDA85D6DE1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77212C9C-1635-43A5-AD94-607DD5AAEB5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{512FF42D-D80D-4FCE-97D6-59980ED20D64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{03C8581D-69F0-4A6B-969A-E90CEA7EAA68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2C45E231-1AF5-4B0A-9065-D916F3050F32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{323B7796-02E4-4D6F-B742-515804475D13}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

02-02-2022 18:03:38 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: AMD Radeon(TM) Vega 8 Graphics
Description: AMD Radeon(TM) Vega 8 Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdwddmg
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/04/2022 03:55:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Club Vegas.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 5340

Čas spuštění: 01d8012e72bcaa63

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\BagelcodeInc.47921C88A920C_116.0.13.0_x64__5dvc9f3b38e20\Club Vegas.exe

ID hlášení: 9518ac9a-a91b-4fa4-8377-dad470520854

Úplný název balíčku s chybou: BagelcodeInc.47921C88A920C_116.0.13.0_x64__5dvc9f3b38e20

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (11/26/2021 12:26:28 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029

Error: (11/26/2021 12:26:28 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/10/2021 05:40:08 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: DESKTOP-1T75NO9)
Description: Microsoft.YourPhone_8wekyb3d8bbwe-2147023878

Error: (10/24/2021 04:57:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (10/12/2021 05:33:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: datovka.exe, verze: 4.15.6.0, časové razítko: 0x5fbbbbb5
Název chybujícího modulu: qsqlite.dll, verze: 5.15.1.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000054d3e
ID chybujícího procesu: 0x1db0
Čas spuštění chybující aplikace: 0x01d7bf2236f3ac68
Cesta k chybující aplikaci: C:\Program Files\CZ.NIC\Datovka\datovka.exe
Cesta k chybujícímu modulu: C:\Program Files\CZ.NIC\Datovka\plugins\sqldrivers\qsqlite.dll
ID zprávy: 217f8799-1a47-4436-a636-6ab6dc2abbae
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/02/2021 02:09:53 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029

Error: (07/02/2021 02:09:53 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (02/09/2022 11:32:41 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:17:40, ‎09.‎02.‎2022) bylo neočekávané.

Error: (02/09/2022 09:22:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (02/09/2022 09:22:25 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Hladk\AppData\Local\Temp\ehdrv.sys

Error: (02/09/2022 09:22:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (02/09/2022 09:22:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Hladk\AppData\Local\Temp\ehdrv.sys

Error: (02/09/2022 09:22:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (02/09/2022 09:22:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Hladk\AppData\Local\Temp\ehdrv.sys

Error: (02/09/2022 09:22:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


Windows Defender:
================
Date: 2022-02-09 20:18:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:PowerShell/Obfuse.SM!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Hladk\AppData\Local\Temp\d127fe0b-873a-40cb-960f-1ebf18f61cbb.tmp
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1T75NO9\Hladk
Název procesu: C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.357.347.0, AS: 1.357.347.0, NIS: 1.357.347.0
Verze modulu: AM: 1.1.18900.2, NIS: 1.1.18900.2

Date: 2022-02-09 11:33:42
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:PowerShell/Obfuse.SM!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Hladk\AppData\Local\Temp\22a5be45-6ec2-43cb-a7c6-1ce30a881e4f.tmp; file:_C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\adblocker_data\fe59aa748b9000bb96afc12e6b7f71e5.easylist
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1T75NO9\Hladk
Název procesu: C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.357.335.0, AS: 1.357.335.0, NIS: 1.357.335.0
Verze modulu: AM: 1.1.18900.2, NIS: 1.1.18900.2

Date: 2022-02-09 11:33:24
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:PowerShell/Obfuse.SM!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Hladk\AppData\Local\Temp\22a5be45-6ec2-43cb-a7c6-1ce30a881e4f.tmp; file:_C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\adblocker_data\fe59aa748b9000bb96afc12e6b7f71e5.easylist
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1T75NO9\Hladk
Název procesu: C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.357.335.0, AS: 1.357.335.0, NIS: 1.357.335.0
Verze modulu: AM: 1.1.18900.2, NIS: 1.1.18900.2

Date: 2022-02-09 11:33:21
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:PowerShell/Obfuse.SM!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\adblocker_data\fe59aa748b9000bb96afc12e6b7f71e5.easylist
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1T75NO9\Hladk
Název procesu: C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.357.335.0, AS: 1.357.335.0, NIS: 1.357.335.0
Verze modulu: AM: 1.1.18900.2, NIS: 1.1.18900.2

Date: 2022-02-09 11:33:08
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:PowerShell/Obfuse.SM!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\adblocker_data\fe59aa748b9000bb96afc12e6b7f71e5.easylist
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1T75NO9\Hladk
Název procesu: C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe
Verze bezpečnostních informací: AV: 1.357.335.0, AS: 1.357.335.0, NIS: 1.357.335.0
Verze modulu: AM: 1.1.18900.2, NIS: 1.1.18900.2

CodeIntegrity:
===============
Date: 2022-01-07 21:30:02
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\NvCamera\NvCameraAllowlisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-09-16 21:52:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\Hladk\AppData\Local\Programs\Opera\70.0.3728.189\opera.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-05 20:50:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\Hladk\AppData\Local\Programs\Opera\70.0.3728.106\opera.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. P4.70 02/09/2018
Motherboard: ASRock AB350M Pro4
Processor: AMD Ryzen 3 2200G with Radeon Vega Graphics
Percentage of memory in use: 35%
Total physical RAM: 15289.96 MB
Available physical RAM: 9870.55 MB
Total Virtual: 17593.96 MB
Available Virtual: 10568.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.53 GB) (Free:47.11 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{03d1bb58-0000-0000-0000-30c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 03D1BB58)
Partition 1: (Active) - (Size=222.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=515 MB) - (Type=27)

==================== End of Addition.txt =======================

[kockopes]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Hladk at 2022-02-09 20:34:33
Microsoft Windows 10 Home
System drive C: has 48 GB (21%) free of 228 GB
Total RAM: 15290 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:34:37, on 09.02.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Hladk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.43\BHO\ie_to_edge_bho.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\Hladk\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\atiesrxx.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_67f64 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: ProtonVPN Service - Unknown owner - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
O23 - Service: ProtonVPN Update Service - Unknown owner - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8640 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
atieclxx
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
"C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe" -f %ProgramData%\NVIDIA\DisplaySessionContainer%d.log -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\plugins\Session -r -l 3 -p 30000 -cfg NVDisplay.ContainerLocalSystem\Session -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
dashost.exe {b88f4cfc-db92-4a08-b91537ebb969edca}
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
ClassicStartMenu.exe -startup
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca

C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21121.256.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc

"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\WINDOWS\system32\AUDIODG.EXE 0x70c
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21121.256.0_x64__8wekyb3d8bbwe\YourPhoneServer/YourPhoneServer.exe" -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Program Files\WindowsApps\BagelcodeInc.47921C88A920C_120.0.21.0_x64__5dvc9f3b38e20\Club Vegas.exe" -ServerName:App.AppXv19trdsb7ss5tr4bev2jgr8pdfmj10wh.mca
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time

C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --ran-launcher --started-from-shortcut
C:\Users\Hladk\AppData\Local\Programs\Opera\83.0.4254.27\opera_crashreporter.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=83.0.4254.27 --initial-client-data=0x2d0,0x2d4,0x2d8,0x2ac,0x2dc,0x7ff87fd3f1f0,0x7ff87fd3f200,0x7ff87fd3f210
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=gpu-process --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 /prefetch:2
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --service-sandbox-type=none --enable-quic --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --mojo-platform-channel-handle=1928 /prefetch:8
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --service-sandbox-type=utility --enable-quic --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --mojo-platform-channel-handle=2304 /prefetch:8
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=31552803732 --mojo-platform-channel-handle=3088 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --launch-time-ticks=31552828243 --mojo-platform-channel-handle=3704 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --launch-time-ticks=31552996968 --mojo-platform-channel-handle=4168 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --launch-time-ticks=31553013787 --mojo-platform-channel-handle=4296 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --launch-time-ticks=31553064919 --mojo-platform-channel-handle=4432 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --service-sandbox-type=audio --enable-quic --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --mojo-platform-channel-handle=4560 /prefetch:8
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --launch-time-ticks=31555159029 --mojo-platform-channel-handle=4828 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --launch-time-ticks=31555173662 --mojo-platform-channel-handle=4852 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --launch-time-ticks=31555182816 --mojo-platform-channel-handle=5420 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --launch-time-ticks=31555187057 --mojo-platform-channel-handle=5428 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --launch-time-ticks=31555191174 --mojo-platform-channel-handle=2848 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --launch-time-ticks=31555195330 --mojo-platform-channel-handle=5524 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --launch-time-ticks=31555199992 --mojo-platform-channel-handle=5620 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --launch-time-ticks=31558445134 --mojo-platform-channel-handle=8604 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --launch-time-ticks=31560844302 --mojo-platform-channel-handle=7104 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --launch-time-ticks=31560992809 --mojo-platform-channel-handle=7016 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --launch-time-ticks=31561141510 --mojo-platform-channel-handle=6896 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --launch-time-ticks=31561620625 --mojo-platform-channel-handle=7372 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --launch-time-ticks=31561748923 --mojo-platform-channel-handle=3900 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --launch-time-ticks=31561770571 --mojo-platform-channel-handle=8292 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --launch-time-ticks=31698979313 --mojo-platform-channel-handle=7484 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --launch-time-ticks=31951346819 --mojo-platform-channel-handle=1100 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=60 --launch-time-ticks=31965026943 --mojo-platform-channel-handle=10636 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=61 --launch-time-ticks=31976658591 --mojo-platform-channel-handle=2676 /prefetch:1
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=62 --launch-time-ticks=31993004257 --mojo-platform-channel-handle=8116 /prefetch:1

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Users\Hladk\AppData\Local\Temp\scoped_dir8220_678203837\FRST64.exe"
C:\WINDOWS\System32\svchost.exe -k swprv

"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=76 --launch-time-ticks=32099982453 --mojo-platform-channel-handle=1076 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k UdkSvcGroup -s UdkUserSvc
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
notepad "C:\Users\Hladk\AppData\Local\Temp\scoped_dir8220_678203837\FRST.txt"
notepad "C:\Users\Hladk\AppData\Local\Temp\scoped_dir8220_678203837\Addition.txt"
"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=95 --launch-time-ticks=32386521823 --mojo-platform-channel-handle=3300 /prefetch:1

"C:\Users\Hladk\AppData\Local\Programs\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:automatic-video-popout=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:enhanced-address-bar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --field-trial-handle=1664,347049691775417157,2718310926170987273,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=100 --launch-time-ticks=32515891472 --mojo-platform-channel-handle=10916 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 808 812 820 8192 816 788
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Hladk\AppData\Local\Temp\scoped_dir8220_1247120020\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Hladk\AppData\Roaming\Mozilla\Firefox\Profiles\uzwrieov.default-release

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.10]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.14]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.16]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.43\BHO\ie_to_edge_bho_64.dll [2022-02-03 529800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13 885560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13 551736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.43\BHO\ie_to_edge_bho.dll [2022-02-03 430984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13 760632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13 507192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13 885560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13 760632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"LogiOptions"=C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2019-03-03 2177160]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2017-08-13 163640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Opera Browser Assistant"=C:\Users\Hladk\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2021-10-14 4105424]
"Adobe Reader Synchronizer"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [2021-12-24 5407968]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2022-02-09 20:34:33 ----D---- C:\rsit
2022-02-09 20:34:33 ----D---- C:\Program Files\trend micro
2022-02-09 20:27:06 ----D---- C:\FRST
2022-02-09 10:59:21 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-09 07:13:29 ----HD---- C:\$WinREAgent
2022-01-26 11:11:52 ----D---- C:\ProgramData\FreeGrabApp
2022-01-26 11:11:41 ----D---- C:\Program Files (x86)\FreeGrabApp
2022-01-26 11:11:36 ----D---- C:\Users\Hladk\AppData\Roaming\FreeGrabApp
2022-01-14 10:57:28 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2022-01-14 10:57:28 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2022-01-14 10:57:28 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2022-01-14 10:57:27 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2022-01-14 10:57:27 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2022-01-14 10:57:27 ----A---- C:\WINDOWS\SYSWOW64\runas.exe
2022-01-14 10:57:27 ----A---- C:\WINDOWS\SYSWOW64\provsvc.dll
2022-01-14 10:57:27 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2022-01-14 10:57:27 ----A---- C:\WINDOWS\system32\mfcore.dll
2022-01-14 10:57:27 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2022-01-14 10:57:26 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2022-01-14 10:57:26 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2022-01-14 10:57:26 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2022-01-14 10:57:26 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2022-01-14 10:57:26 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2022-01-14 10:57:26 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2022-01-14 10:57:26 ----A---- C:\WINDOWS\SYSWOW64\certreq.exe
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\tar.exe
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\net1.exe
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\mtxclu.dll
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\iasads.dll
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\dhcpsapi.dll
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\dataclen.dll
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\curl.exe
2022-01-14 10:57:25 ----A---- C:\WINDOWS\SYSWOW64\archiveint.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\WebClnt.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\tsgqec.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\runas.exe
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\rdpudd.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\provsvc.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\nshwfp.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\nltest.exe
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\mstscax.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\msimsg.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\msi.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\ListSvc.dll
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\ksetup.exe
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\drivers\PktMon.sys
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\certutil.exe
2022-01-14 10:57:24 ----A---- C:\WINDOWS\system32\certreq.exe
2022-01-14 10:57:23 ----A---- C:\WINDOWS\system32\Chakra.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\tar.exe
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\net1.exe
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\mtxclu.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\mshtml.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\msdtctm.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\iasads.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\dsauth.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\dataclen.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\curl.exe
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\computecore.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\CBDHSvc.dll
2022-01-14 10:57:22 ----A---- C:\WINDOWS\system32\archiveint.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\scesrv.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\raschap.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\netprovfw.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\netjoin.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\netid.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\SYSWOW64\joinutil.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\system32\vertdll.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\system32\tcbloader.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2022-01-14 10:57:21 ----A---- C:\WINDOWS\system32\skci.dll
2022-01-14 10:57:21 ----A---- C:\WINDOWS\system32\hvix64.exe
2022-01-14 10:57:21 ----A---- C:\WINDOWS\system32\hvax64.exe
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\wincredui.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\schedcli.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\shacctprofile.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\samcli.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\netutils.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\netmsg.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\msimg32.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\gmsaclient.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\es.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\CertPolEng.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2022-01-14 10:57:20 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2022-01-14 10:57:18 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2022-01-14 10:57:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2022-01-14 10:57:18 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2022-01-14 10:57:18 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2022-01-14 10:57:18 ----A---- C:\WINDOWS\SYSWOW64\negoexts.dll
2022-01-14 10:57:18 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollCtrl.exe
2022-01-14 10:57:18 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2022-01-14 10:57:18 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2022-01-14 10:57:18 ----A---- C:\WINDOWS\SYSWOW64\certca.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2022-01-14 10:57:17 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\wscisvif.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\wscadminui.exe
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Core.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2022-01-14 10:57:16 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\SYSWOW64\msobjs.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\TSpkg.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\taskcomp.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\sppobjs.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\sppcext.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\shell32.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\scesrv.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\rastls.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\rasmans.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\raschap.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\rascustom.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\pku2u.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\netprovfw.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\netjoin.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\LsaIso.exe
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\keymgr.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\joinutil.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2022-01-14 10:57:15 ----A---- C:\WINDOWS\system32\djoin.exe
2022-01-14 10:57:14 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\WUDFCompanionHost.exe
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\wkssvc.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\wincredui.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\usermgr.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\tdh.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\sppsvc.exe
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\shutdownux.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\ntlanman.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\netlogon.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\msimg32.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\msctf.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\mf3216.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\LocationFrameworkPS.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\gmsaclient.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\gdi32full.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\efscore.dll
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2022-01-14 10:57:14 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2022-01-14 10:57:13 ----A---- C:\WINDOWS\system32\sechost.dll
2022-01-14 10:57:13 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2022-01-14 10:57:13 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2022-01-14 10:57:13 ----A---- C:\WINDOWS\system32\KernelBase.dll
2022-01-14 10:57:13 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\wkscli.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\srvcli.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\schedcli.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\schannel.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\ntdll.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\msv1_0.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\msobjs.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\msaudite.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\lsasrv.dll
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\drivers\http.sys
2022-01-14 10:57:12 ----A---- C:\WINDOWS\system32\adtschema.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\samsrv.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\samlib.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\samcli.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\profsvc.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\offlinesam.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\netmsg.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\logoncli.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\drivers\pcw.sys
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\ci.dll
2022-01-14 10:57:11 ----A---- C:\WINDOWS\system32\authz.dll
2022-01-14 10:57:10 ----A---- C:\WINDOWS\system32\winresume.exe
2022-01-14 10:57:10 ----A---- C:\WINDOWS\system32\winload.exe
2022-01-14 10:57:10 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2022-01-14 10:57:10 ----A---- C:\WINDOWS\system32\trkwks.dll
2022-01-14 10:57:10 ----A---- C:\WINDOWS\system32\refsutil.exe
2022-01-14 10:57:10 ----A---- C:\WINDOWS\system32\es.dll
2022-01-14 10:57:10 ----A---- C:\WINDOWS\system32\dwmcore.dll
2022-01-14 10:57:10 ----A---- C:\WINDOWS\system32\comsvcs.dll
2022-01-14 10:57:10 ----A---- C:\WINDOWS\system32\CertPolEng.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\uReFS.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\shacct.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\netapi32.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2022-01-14 10:57:09 ----A---- C:\WINDOWS\system32\ApplicationFrame.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\wpnapps.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\wintrust.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\win32u.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\win32kfull.sys
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\win32k.sys
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\profext.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\kerberos.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\bindfltapi.dll
2022-01-14 10:57:08 ----A---- C:\WINDOWS\system32\BFE.DLL
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\windows.storage.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\win32kbase.sys
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\negoexts.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\ISM.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\GameInput.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\cloudAP.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\certcli.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\certca.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\cdd.dll
2022-01-14 10:57:07 ----A---- C:\WINDOWS\system32\AppContracts.dll
2022-01-14 10:57:06 ----A---- C:\WINDOWS\system32\winlogonext.dll
2022-01-14 10:57:06 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2022-01-14 10:57:06 ----A---- C:\WINDOWS\system32\usercpl.dll
2022-01-14 10:57:06 ----A---- C:\WINDOWS\system32\ShareHost.dll
2022-01-14 10:57:06 ----A---- C:\WINDOWS\system32\netplwiz.dll
2022-01-14 10:57:06 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2022-01-14 10:57:06 ----A---- C:\WINDOWS\system32\kernel32.dll
2022-01-14 10:57:06 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2022-01-14 10:57:06 ----A---- C:\WINDOWS\system32\authui.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\wscsvc.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\wscisvif.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\wscapi.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\wscadminui.exe
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\twinui.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\ptpprov.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\PinEnrollmentHelper.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\ManageCI.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\kdcpw.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\deviceregistration.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\browcli.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2022-01-14 10:57:05 ----A---- C:\WINDOWS\system32\advapi32.dll

======List of files/folders modified in the last 1 month======

2022-02-09 20:34:33 ----RD---- C:\Program Files
2022-02-09 20:32:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2022-02-09 20:32:23 ----D---- C:\WINDOWS\Prefetch
2022-02-09 20:31:27 ----D---- C:\WINDOWS\INF
2022-02-09 20:27:48 ----SHD---- C:\System Volume Information
2022-02-09 20:18:43 ----D---- C:\WINDOWS\Temp
2022-02-09 19:56:56 ----D---- C:\Program Files (x86)\Google
2022-02-09 19:39:00 ----D---- C:\WINDOWS\system32\sru
2022-02-09 14:52:02 ----D---- C:\WINDOWS\system32\SleepStudy
2022-02-09 11:39:37 ----D---- C:\WINDOWS\System32
2022-02-09 11:39:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-09 11:32:44 ----D---- C:\Program Files (x86)\TeamViewer
2022-02-09 11:32:41 ----D---- C:\ProgramData\NVIDIA
2022-02-09 11:32:37 ----D---- C:\Program Files\Mozilla Firefox
2022-02-09 11:32:37 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-09 11:32:37 ----ASH---- C:\DumpStack.log.tmp
2022-02-09 10:59:21 ----HD---- C:\ProgramData
2022-02-09 10:59:21 ----D---- C:\ProgramData\Mozilla
2022-02-09 09:21:17 ----D---- C:\WINDOWS\system32\Tasks
2022-02-09 09:16:09 ----RD---- C:\Program Files (x86)
2022-02-09 07:15:37 ----D---- C:\WINDOWS\system32\config
2022-02-08 20:42:26 ----RD---- C:\WINDOWS\Microsoft.NET
2022-02-08 07:13:42 ----D---- C:\WINDOWS\AppReadiness
2022-02-08 07:10:52 ----HD---- C:\Program Files\WindowsApps
2022-02-02 18:03:46 ----D---- C:\WINDOWS\system32\catroot2
2022-01-31 07:34:04 ----D---- C:\WINDOWS\WinSxS
2022-01-22 12:54:32 ----SHD---- C:\Boot
2022-01-22 12:54:28 ----D---- C:\WINDOWS\system32\DriverStore
2022-01-22 12:54:15 ----D---- C:\WINDOWS\SysWOW64
2022-01-22 12:54:15 ----D---- C:\WINDOWS\system32\drivers
2022-01-22 06:56:04 ----SD---- C:\WINDOWS\system32\DiagSvcs
2022-01-22 06:56:04 ----D---- C:\WINDOWS\SYSWOW64\wbem
2022-01-22 06:56:04 ----D---- C:\WINDOWS\SYSWOW64\en-US
2022-01-22 06:56:04 ----D---- C:\WINDOWS\SYSWOW64\Dism
2022-01-22 06:56:04 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2022-01-22 06:56:04 ----D---- C:\WINDOWS\SystemResources
2022-01-22 06:56:04 ----D---- C:\WINDOWS\system32\setup
2022-01-22 06:56:04 ----D---- C:\WINDOWS\system32\oobe
2022-01-22 06:56:04 ----D---- C:\WINDOWS\system32\migration
2022-01-22 06:56:04 ----D---- C:\WINDOWS\system32\en-US
2022-01-22 06:56:04 ----D---- C:\WINDOWS\system32\en-GB
2022-01-22 06:56:04 ----D---- C:\WINDOWS\system32\Dism
2022-01-22 06:56:04 ----D---- C:\WINDOWS\system32\cs-CZ
2022-01-22 06:56:04 ----D---- C:\WINDOWS\system32\Boot
2022-01-22 06:56:03 ----D---- C:\WINDOWS\system32\CodeIntegrity
2022-01-22 06:56:03 ----D---- C:\WINDOWS\bcastdvr
2022-01-22 06:00:07 ----D---- C:\WINDOWS\CbsTemp
2022-01-17 10:43:37 ----D---- C:\Users\Hladk\AppData\Roaming\.dsgui
2022-01-15 06:33:05 ----RD---- C:\WINDOWS\assembly
2022-01-14 16:11:36 ----SHD---- C:\WINDOWS\Installer
2022-01-14 16:11:33 ----SHD---- C:\Config.Msi
2022-01-14 16:11:32 ----SD---- C:\Users\Hladk\AppData\Roaming\Microsoft
2022-01-14 10:46:31 ----D---- C:\WINDOWS\system32\MRT
2022-01-14 10:45:17 ----AC---- C:\WINDOWS\system32\MRT.exe
2022-01-11 11:58:10 ----D---- C:\Users\Hladk\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdpsp;@oem4.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2021-06-17 55096]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-06-18 57168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-12-07 88080]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-07-19 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-10-15 98304]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2022-01-14 149320]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-11-11 496640]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-16 53248]
R3 amdgpio2;@oem1.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-10-01 45832]
R3 AtiHDAudioService;@oem2.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2017-11-17 111112]
R3 dtlitescsibus;@oem22.inf,%DisplayName%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2019-10-03 42256]
R3 dtliteusbbus;@oem15.inf,%DisplayName%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2019-10-03 59360]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-11 322376]
R3 NVHDA;@oem29.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-12-02 230720]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\nvlddmkm.sys [2020-12-02 33066392]
R3 rt640x64;@oem17.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-04-19 955408]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2019-12-07 209720]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 amdwddmg;amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\amdkmdag.sys [2021-11-12 80538504]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-12-17 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-12-17 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-11 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-12-17 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2021-12-17 1559552]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-12-17 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 ew_usbccgpfilter;@oem7.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2019-08-19 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-09-15 95056]
S3 HWiNFO_161;HWiNFO Kernel Driver (v161); \??\C:\Users\Hladk\AppData\Local\Temp\HWiNFO64A_161.SYS []
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-16 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-07-10 391168]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-12-17 214528]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2022-01-14 130360]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ProtonVPNSplitTunnel;ProtonVPN Split Tunnel; \??\C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [2020-08-19 31584]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2022-01-14 990536]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S3 spaceparser;@%systemroot%\system32\drivers\spaceparser.sys,-1001; C:\WINDOWS\system32\drivers\spaceparser.sys [2019-12-07 26624]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2019-12-07 90936]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-11-17 169728]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\atiesrxx.exe [2021-11-12 594800]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R2 CDPUserSvc_67f64;Uživatelská služba platformy připojených zařízení_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe [2020-12-02 893848]
R2 OneSyncSvc_67f64;Hostitel synchronizace_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2020-10-16 329504]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R3 cbdhsvc_67f64;Uživatelská služba schránky_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R3 PimIndexMaintenanceSvc_67f64;Data kontaktů_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-10-15 986032]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-25 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-05-29 154920]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 AarSvc_67f64;Agent Activation Runtime_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 BcastDVRUserService_67f64;Uživatelská služba pro GameDVR a vysílání her_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 BluetoothUserService_67f64;Služba pro podporu uživatelů Bluetooth_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 CaptureService_67f64;CaptureService_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 ConsentUxUserSvc_67f64;ConsentUX_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-15 382696]
S3 CredentialEnrollmentManagerUserSvc_67f64;CredentialEnrollmentManagerUserSvc_67f64; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-15 382696]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 DeviceAssociationBrokerSvc_67f64;DeviceAssociationBroker_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 DevicePickerUserSvc_67f64;DevicePicker_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 DevicesFlowUserSvc_67f64;Tok zařízení_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2022-01-14 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2019-10-03 4452456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-25 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\elevation_service.exe [2022-01-29 1505112]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-05-29 154920]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 MessagingService_67f64;Služba zasílání zpráv_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.43\elevation_service.exe [2022-02-03 1541000]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2022-02-09 227256]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-14 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 PrintWorkflowUserSvc_67f64;PrintWorkflow_67f64; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 ProtonVPN Service;ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [2020-10-23 99136]
S3 ProtonVPN Update Service;ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [2020-10-23 61760]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-01-14 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2020-10-16 57360]
S4 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2019-08-19 190784]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-16 57360]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[kockopes]

Zdravím, restart neproběhl, nic nenalezeno. Log zde:
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 09.02.22
Čas skenování: 21:07
Logovací soubor: f73dde9a-89e3-11ec-ba36-7085c262d76e.json

-Informace o softwaru-
Verze: 4.5.2.157
Verze komponentů: 1.0.1562
Aktualizovat verzi balíku komponent: 1.0.50915
Licence: Vypršelo

-Systémová informace-
OS: Windows 10 (Build 19043.1466)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-1T75NO9\Hladk

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 299575
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 3 min, 30 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)


Defender zase ohlásil vir

[Rudy]

OK. FRST přesuňte na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\MountPoints2: {0be8b383-756a-11ea-9e0c-7085c262d76e} - "D:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4D8A2B39-A76D-42CC-82B9-986D86B87B98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-29] (Google Inc -> Google LLC)
Task: {B270A711-E269-48B0-B7D9-6AA86A5CC466} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-29] (Google Inc -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S3 HWiNFO_161; \??\C:\Users\Hladk\AppData\Local\Temp\HWiNFO64A_161.SYS [X] <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\toolbar.bmp
C:\Users\Hladk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
FirewallRules: [UDP Query User{AEC13BEE-7FCE-4619-8C27-63ADE0F1C9B9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe => No File
FirewallRules: [TCP Query User{3FB1CB04-AB40-4BCF-9E10-7A0B95FF2AE0}C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe => No File
FirewallRules: [UDP Query User{2BD3D3B0-AF4A-4AB1-A736-6C279A1B97C9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe => No File
FirewallRules: [TCP Query User{A6221505-6CF3-402E-A921-B701F5E4E82E}C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe => No File
FirewallRules: [UDP Query User{36AAD69A-19FF-4610-87A5-24C373B8D06C}C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{6EA2B64B-5C54-447B-ACDA-3C716255F518}C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [UDP Query User{FC90B73D-B5ED-444F-8AC2-39D0D7C4E383}C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe => No File
FirewallRules: [TCP Query User{7F387485-89C1-4742-A0BE-2278198C43D8}C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe => No File
FirewallRules: [UDP Query User{80ADBB38-C3A9-4F4B-A64D-20A7F1CB9549}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{72E9A4F1-0F1E-4157-9810-B6A90D105C90}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{F3189B20-1311-43E4-A00A-8B90E16FFDF8}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{C0CEC372-FABE-4965-AB99-659649FCA6D3}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{B5C534CA-DD90-4F00-A9DC-7AA1D67F503D}C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe => No File
FirewallRules: [TCP Query User{21DF427C-07AB-4687-B000-215151C9D8D6}C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe => No File
FirewallRules: [UDP Query User{4442A42E-65E3-4716-952B-475688E868FF}C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{92BFC1D3-BA0B-41E8-A911-90F9EC26A79E}C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [UDP Query User{D6FAED8E-7A2C-4E93-9FEB-70FA3FC41A0E}C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe => No File
FirewallRules: [TCP Query User{A3D7CEDF-5096-422A-9F28-995975DE50C1}C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe => No File
FirewallRules: [UDP Query User{6BF4A7B2-BC35-4450-A564-9AB82F22B2A0}C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [TCP Query User{13E0D06C-162C-4AAA-9C43-0E0C08E7B523}C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [UDP Query User{235AE8F5-02D1-4521-921A-892F1E1B71CB}C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe => No File
FirewallRules: [TCP Query User{DF7B7697-6433-4D50-85C2-827A1636BF1D}C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe => No File
FirewallRules: [UDP Query User{F7C94FFB-E06D-43EB-90E2-4F863D0F45C5}C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [TCP Query User{915C8622-F87F-49F1-BE74-3C4E5A70741D}C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [UDP Query User{0D61D0BF-830C-485C-9EFA-ACFBD65BF807}C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe => No File
FirewallRules: [TCP Query User{CFC8FE14-DD0E-45DB-9177-89804D9845CA}C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe => No File
FirewallRules: [UDP Query User{154925E9-895E-4064-8E02-F855198144FF}C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [TCP Query User{71B9F9AD-9D16-4D2C-9D78-A0C614D4042E}C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [UDP Query User{6097984C-D97B-492C-9A07-F4B8A52A21BF}C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{C4CC4BE6-CA68-4AEE-BF64-61F0710225F5}C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{CD9399B9-240E-4624-84FF-A76C4BF50A94}C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{58534CAB-DBC9-4018-B5EA-AE3AEDB8B716}C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [UDP Query User{A03B30D3-8138-4755-A246-04124C3CECA7}C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{7E18BFFB-ED71-482C-BF31-09899779D2F4}C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{A2A60AB5-8E13-443B-A46D-3C33AD6FB706}C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{CD907C87-0A34-4854-A3D2-A7CBB4F1D180}C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{01FE5073-FD07-4C54-ABB4-9A2800D99785}C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [TCP Query User{0CE15A22-6C01-425A-8D7D-572C42ABF0BC}C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [UDP Query User{17521C2F-AD1B-461C-9C1B-F8D501E52505}C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [TCP Query User{C598D783-777A-4EBF-85C7-646BF25CAE1E}C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [UDP Query User{83FFB050-CD4F-4511-9E9C-7C7189F928CC}C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{648ABAE2-65AE-467C-9F48-81304EB5A9F7}C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [UDP Query User{797FE114-DC6F-449F-8BA2-305AE3CE12A5}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [TCP Query User{AEF95643-E1DD-4F0E-8E71-2FFFBC253EA0}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [TCP Query User{5EF78676-80DB-487C-9757-1562BF45A950}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{407893BF-943B-4F17-B04F-00F258680FB1}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{A7E9158F-D429-4B37-97C8-8BDAF0E08F8C}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe => No File
FirewallRules: [{5B68CDC7-3BFF-40ED-8502-E91BB11F713B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{5233E68C-3582-46D9-A6E1-40B09C49F909}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{F42F9F03-7347-4E1A-AEC6-FFCD080CCFD4}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe => No File
FirewallRules: [UDP Query User{D9197196-9980-453A-AFB2-67F94269D10D}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe => No File
FirewallRules: [TCP Query User{2D79C30D-BB7F-4D34-BF86-D9682FD6E80F}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{849A800C-FADA-4368-B463-4CA0AF49AC97}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{7C138555-9143-4D6A-9DC7-90E1DB5940D9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [UDP Query User{EF545FAE-C620-4053-A16C-7277E7506F0D}C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [TCP Query User{5562B3B0-3416-46BE-A488-08E2362044AE}C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe => No File
FirewallRules: [UDP Query User{5ED12D5F-3182-4775-B489-FEE713D9E0F6}C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe => No File
FirewallRules: [TCP Query User{DCB0923E-31E8-4BFA-9418-7AF1BCF76186}C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{909145B2-3AA4-4D3E-A4D2-77C102322219}C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{7E00704A-A48F-4DB4-841B-26DE584CBD2E}C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{C05BA804-3886-4637-A912-0240FA199996}C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{558FF623-ED78-460F-B7A4-BDE2D4B843C4}C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe => No File
FirewallRules: [UDP Query User{D88D9356-1CE5-43B8-AFA6-A7D568A51AE9}C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe => No File
FirewallRules: [TCP Query User{B9361DCB-5714-45DB-BA31-9F18B970B4B7}C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{78994A18-CCA1-4C2B-8DD1-6005D5AF8DBC}C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [TCP Query User{E1928307-104F-43E5-BB36-E6FB6947A5F8}C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{EFE5D62E-DD74-4B99-9DEC-C16ED4E1F38B}C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{838ABB31-B739-4952-91AE-A938FF0F6B38}C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{A31A733E-60D2-403C-83E8-96BC19EB3E43}C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [TCP Query User{74293A31-40F4-4010-B82E-DB28630FC1F7}C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{6DCD16B6-DA09-43A4-9CB0-EEBC155AC81E}C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{41BC202C-3896-4D89-9832-35AF68DBEFE1}C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{E20A8878-3EFA-4245-B149-5BA50A4D4CF1}C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{747B9B7E-BABD-48E6-B310-BF3AD6ABAA72}C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{6B5F7A21-AD66-4E4A-8FD7-C0F808642F7E}C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{70183EC0-9735-40A4-83BA-B65D9A44FECB}C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{80B2B39A-41A2-4DB4-B2CE-3494DF3337E4}C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{8E40A96E-88A5-4260-84C7-6194532CC0BF}C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [UDP Query User{1D200F28-6EF9-4DFF-9CA2-C405E2846E04}C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [TCP Query User{5F770C7C-7222-4E45-A754-D0E4C74E8552}C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [UDP Query User{02E9DE4D-2227-4777-A894-B9ECC55E71ED}C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [TCP Query User{A63A85B0-EE53-45AE-A505-6097DDA77A34}C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe => No File
FirewallRules: [UDP Query User{6F631C14-2AFD-4718-A64B-46E0AFB24FC9}C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe => No File
FirewallRules: [TCP Query User{9183235A-BC47-4373-86E5-81535948CCBB}C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe => No File
FirewallRules: [UDP Query User{ABF56DDE-D0D8-48E5-9950-CF0823DA22D5}C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe => No File
FirewallRules: [TCP Query User{7924D7F9-35B5-4323-8CD6-BF7FB02C27D1}C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [UDP Query User{CE9F2AB9-F350-4173-99FE-8C9EA59BABEA}C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{627D6D88-BCD9-4B11-8752-7033CE67A43E}C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [UDP Query User{BF44925E-976B-4681-A7BC-ADD952905D4A}C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [TCP Query User{2B7C2FCC-8FE5-4DA7-BD8B-D927A75B3B71}C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [UDP Query User{5F64FDD9-1BB6-480D-9924-05DBE3BCEFFD}C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [TCP Query User{1986AD46-BD8E-4F25-B06C-EDAABD15F373}C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [UDP Query User{E73F905E-2295-4172-B8AF-F6CAADEC2864}C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [TCP Query User{84A9739B-671F-4E4A-BE63-6EE1BD489B64}C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [UDP Query User{E21BB260-186E-4361-A69F-BA7AB9DF0FD8}C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [{6AD2C198-35E1-41D5-93C8-BEF3AF17B699}] => (Allow) C:\Users\Hladk\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{5727A7C0-41CE-441B-9285-61A040416076}] => (Allow) C:\Users\Hladk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{2CB56624-7D8F-45E3-93D6-FF7D65E68D9A}] => (Allow) C:\Users\Hladk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{0B8B5CD6-3EF7-4242-A04C-FDBB1A94F158}C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [UDP Query User{DDC5EE6F-2E52-4F48-A8B5-F521E1552474}C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [TCP Query User{2A9894EC-FF19-4E3B-B092-0F1FDEB04C97}C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [UDP Query User{B21566DA-243C-47F3-BA01-30BE370CA6B1}C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [TCP Query User{D81E2147-F2A2-4105-A36B-8EF7FEA04452}C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [UDP Query User{36D19403-1991-4E8E-8145-7E804CC73AD6}C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [{5F3EA87A-90F3-4626-AACA-7916A3BFD2EA}] => (Allow) C:\Program Files\BlueStacks_bgp64\HD-Player.exe => No File
FirewallRules: [TCP Query User{E18E0E38-4030-45E9-BC07-B643BC3C4B39}C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [UDP Query User{F626C883-92B2-44B3-9E54-9A2F8C1CE7DE}C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [TCP Query User{A719F233-9069-481B-8DB5-6F601CAAC967}C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe => No File
FirewallRules: [UDP Query User{233055A1-F9BA-432C-8A80-5B4EE0D15D71}C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe => No File
FirewallRules: [TCP Query User{2E264129-0F0B-45CD-B679-095140BBDFF1}C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [UDP Query User{F1F29FE8-D9E0-40E7-AB99-CEEA1A86F4A7}C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [TCP Query User{7E44BE17-DFE1-4760-8240-B35BBF487BCE}C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{D07DE422-719C-41B7-8B09-27862BEAFE7B}C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{7F6993DF-F557-4498-967B-3704A1682B76}C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe => No File
FirewallRules: [UDP Query User{47B5B3C4-AD76-4198-B173-3303DA734D9E}C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe => No File
FirewallRules: [TCP Query User{A456D408-B363-4D5D-82F2-6FE057DB27F4}C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe => No File
FirewallRules: [UDP Query User{AA101A67-B4FA-46B8-85C8-7F36645BDDB5}C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe => No File
FirewallRules: [TCP Query User{E51C7860-7EBA-4373-B473-B93210B56DBC}C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [UDP Query User{90595795-29E6-41AA-89FC-9352F12EEDA0}C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [TCP Query User{C01512D0-38D4-4C20-95A2-E585C4B03216}C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [UDP Query User{58EF3087-3590-4AFF-B2CC-C249EAB2FC28}C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [TCP Query User{F23A8FDD-D625-420E-A53D-69641E93598A}C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [UDP Query User{0AC75736-2CD5-4885-B77F-992CF97D2E78}C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
C:\Users\Hladk\AppData\Local\Temp\d127fe0b-873a-40cb-960f-1ebf18f61cbb.tmp
C:\Users\Hladk\AppData\Local\Temp\22a5be45-6ec2-43cb-a7c6-1ce30a881e4f.tmp
C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\adblocker_data\fe59aa748b9000bb96afc12e6b7f71e5.easylist

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[kockopes]

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by Hladk (09-02-2022 22:21:51) Run:1
Running from C:\Users\Hladk\Desktop
Loaded Profiles: Hladk
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\...\MountPoints2: {0be8b383-756a-11ea-9e0c-7085c262d76e} - "D:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4D8A2B39-A76D-42CC-82B9-986D86B87B98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-29] (Google Inc -> Google LLC)
Task: {B270A711-E269-48B0-B7D9-6AA86A5CC466} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-29] (Google Inc -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S3 HWiNFO_161; \??\C:\Users\Hladk\AppData\Local\Temp\HWiNFO64A_161.SYS [X] <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\toolbar.bmp
C:\Users\Hladk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
FirewallRules: [UDP Query User{AEC13BEE-7FCE-4619-8C27-63ADE0F1C9B9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe => No File
FirewallRules: [TCP Query User{3FB1CB04-AB40-4BCF-9E10-7A0B95FF2AE0}C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe => No File
FirewallRules: [UDP Query User{2BD3D3B0-AF4A-4AB1-A736-6C279A1B97C9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe => No File
FirewallRules: [TCP Query User{A6221505-6CF3-402E-A921-B701F5E4E82E}C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe => No File
FirewallRules: [UDP Query User{36AAD69A-19FF-4610-87A5-24C373B8D06C}C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{6EA2B64B-5C54-447B-ACDA-3C716255F518}C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [UDP Query User{FC90B73D-B5ED-444F-8AC2-39D0D7C4E383}C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe => No File
FirewallRules: [TCP Query User{7F387485-89C1-4742-A0BE-2278198C43D8}C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe => No File
FirewallRules: [UDP Query User{80ADBB38-C3A9-4F4B-A64D-20A7F1CB9549}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{72E9A4F1-0F1E-4157-9810-B6A90D105C90}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{F3189B20-1311-43E4-A00A-8B90E16FFDF8}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{C0CEC372-FABE-4965-AB99-659649FCA6D3}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{B5C534CA-DD90-4F00-A9DC-7AA1D67F503D}C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe => No File
FirewallRules: [TCP Query User{21DF427C-07AB-4687-B000-215151C9D8D6}C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe => No File
FirewallRules: [UDP Query User{4442A42E-65E3-4716-952B-475688E868FF}C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{92BFC1D3-BA0B-41E8-A911-90F9EC26A79E}C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [UDP Query User{D6FAED8E-7A2C-4E93-9FEB-70FA3FC41A0E}C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe => No File
FirewallRules: [TCP Query User{A3D7CEDF-5096-422A-9F28-995975DE50C1}C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe => No File
FirewallRules: [UDP Query User{6BF4A7B2-BC35-4450-A564-9AB82F22B2A0}C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [TCP Query User{13E0D06C-162C-4AAA-9C43-0E0C08E7B523}C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [UDP Query User{235AE8F5-02D1-4521-921A-892F1E1B71CB}C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe => No File
FirewallRules: [TCP Query User{DF7B7697-6433-4D50-85C2-827A1636BF1D}C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe => No File
FirewallRules: [UDP Query User{F7C94FFB-E06D-43EB-90E2-4F863D0F45C5}C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [TCP Query User{915C8622-F87F-49F1-BE74-3C4E5A70741D}C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe => No File
FirewallRules: [UDP Query User{0D61D0BF-830C-485C-9EFA-ACFBD65BF807}C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe => No File
FirewallRules: [TCP Query User{CFC8FE14-DD0E-45DB-9177-89804D9845CA}C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe => No File
FirewallRules: [UDP Query User{154925E9-895E-4064-8E02-F855198144FF}C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [TCP Query User{71B9F9AD-9D16-4D2C-9D78-A0C614D4042E}C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [UDP Query User{6097984C-D97B-492C-9A07-F4B8A52A21BF}C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{C4CC4BE6-CA68-4AEE-BF64-61F0710225F5}C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{CD9399B9-240E-4624-84FF-A76C4BF50A94}C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{58534CAB-DBC9-4018-B5EA-AE3AEDB8B716}C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [UDP Query User{A03B30D3-8138-4755-A246-04124C3CECA7}C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{7E18BFFB-ED71-482C-BF31-09899779D2F4}C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{A2A60AB5-8E13-443B-A46D-3C33AD6FB706}C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{CD907C87-0A34-4854-A3D2-A7CBB4F1D180}C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{01FE5073-FD07-4C54-ABB4-9A2800D99785}C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [TCP Query User{0CE15A22-6C01-425A-8D7D-572C42ABF0BC}C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [UDP Query User{17521C2F-AD1B-461C-9C1B-F8D501E52505}C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [TCP Query User{C598D783-777A-4EBF-85C7-646BF25CAE1E}C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [UDP Query User{83FFB050-CD4F-4511-9E9C-7C7189F928CC}C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{648ABAE2-65AE-467C-9F48-81304EB5A9F7}C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [UDP Query User{797FE114-DC6F-449F-8BA2-305AE3CE12A5}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [TCP Query User{AEF95643-E1DD-4F0E-8E71-2FFFBC253EA0}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [TCP Query User{5EF78676-80DB-487C-9757-1562BF45A950}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{407893BF-943B-4F17-B04F-00F258680FB1}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{A7E9158F-D429-4B37-97C8-8BDAF0E08F8C}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe => No File
FirewallRules: [{5B68CDC7-3BFF-40ED-8502-E91BB11F713B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{5233E68C-3582-46D9-A6E1-40B09C49F909}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{F42F9F03-7347-4E1A-AEC6-FFCD080CCFD4}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe => No File
FirewallRules: [UDP Query User{D9197196-9980-453A-AFB2-67F94269D10D}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe => No File
FirewallRules: [TCP Query User{2D79C30D-BB7F-4D34-BF86-D9682FD6E80F}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{849A800C-FADA-4368-B463-4CA0AF49AC97}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{7C138555-9143-4D6A-9DC7-90E1DB5940D9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [UDP Query User{EF545FAE-C620-4053-A16C-7277E7506F0D}C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [TCP Query User{5562B3B0-3416-46BE-A488-08E2362044AE}C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe => No File
FirewallRules: [UDP Query User{5ED12D5F-3182-4775-B489-FEE713D9E0F6}C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe => No File
FirewallRules: [TCP Query User{DCB0923E-31E8-4BFA-9418-7AF1BCF76186}C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{909145B2-3AA4-4D3E-A4D2-77C102322219}C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{7E00704A-A48F-4DB4-841B-26DE584CBD2E}C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{C05BA804-3886-4637-A912-0240FA199996}C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{558FF623-ED78-460F-B7A4-BDE2D4B843C4}C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe => No File
FirewallRules: [UDP Query User{D88D9356-1CE5-43B8-AFA6-A7D568A51AE9}C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe => No File
FirewallRules: [TCP Query User{B9361DCB-5714-45DB-BA31-9F18B970B4B7}C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{78994A18-CCA1-4C2B-8DD1-6005D5AF8DBC}C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [TCP Query User{E1928307-104F-43E5-BB36-E6FB6947A5F8}C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{EFE5D62E-DD74-4B99-9DEC-C16ED4E1F38B}C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{838ABB31-B739-4952-91AE-A938FF0F6B38}C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{A31A733E-60D2-403C-83E8-96BC19EB3E43}C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [TCP Query User{74293A31-40F4-4010-B82E-DB28630FC1F7}C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{6DCD16B6-DA09-43A4-9CB0-EEBC155AC81E}C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{41BC202C-3896-4D89-9832-35AF68DBEFE1}C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{E20A8878-3EFA-4245-B149-5BA50A4D4CF1}C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{747B9B7E-BABD-48E6-B310-BF3AD6ABAA72}C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{6B5F7A21-AD66-4E4A-8FD7-C0F808642F7E}C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{70183EC0-9735-40A4-83BA-B65D9A44FECB}C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{80B2B39A-41A2-4DB4-B2CE-3494DF3337E4}C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{8E40A96E-88A5-4260-84C7-6194532CC0BF}C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [UDP Query User{1D200F28-6EF9-4DFF-9CA2-C405E2846E04}C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [TCP Query User{5F770C7C-7222-4E45-A754-D0E4C74E8552}C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [UDP Query User{02E9DE4D-2227-4777-A894-B9ECC55E71ED}C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [TCP Query User{A63A85B0-EE53-45AE-A505-6097DDA77A34}C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe => No File
FirewallRules: [UDP Query User{6F631C14-2AFD-4718-A64B-46E0AFB24FC9}C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe => No File
FirewallRules: [TCP Query User{9183235A-BC47-4373-86E5-81535948CCBB}C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe => No File
FirewallRules: [UDP Query User{ABF56DDE-D0D8-48E5-9950-CF0823DA22D5}C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe => No File
FirewallRules: [TCP Query User{7924D7F9-35B5-4323-8CD6-BF7FB02C27D1}C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [UDP Query User{CE9F2AB9-F350-4173-99FE-8C9EA59BABEA}C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{627D6D88-BCD9-4B11-8752-7033CE67A43E}C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [UDP Query User{BF44925E-976B-4681-A7BC-ADD952905D4A}C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [TCP Query User{2B7C2FCC-8FE5-4DA7-BD8B-D927A75B3B71}C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [UDP Query User{5F64FDD9-1BB6-480D-9924-05DBE3BCEFFD}C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [TCP Query User{1986AD46-BD8E-4F25-B06C-EDAABD15F373}C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [UDP Query User{E73F905E-2295-4172-B8AF-F6CAADEC2864}C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [TCP Query User{84A9739B-671F-4E4A-BE63-6EE1BD489B64}C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [UDP Query User{E21BB260-186E-4361-A69F-BA7AB9DF0FD8}C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [{6AD2C198-35E1-41D5-93C8-BEF3AF17B699}] => (Allow) C:\Users\Hladk\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{5727A7C0-41CE-441B-9285-61A040416076}] => (Allow) C:\Users\Hladk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{2CB56624-7D8F-45E3-93D6-FF7D65E68D9A}] => (Allow) C:\Users\Hladk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{0B8B5CD6-3EF7-4242-A04C-FDBB1A94F158}C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [UDP Query User{DDC5EE6F-2E52-4F48-A8B5-F521E1552474}C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [TCP Query User{2A9894EC-FF19-4E3B-B092-0F1FDEB04C97}C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [UDP Query User{B21566DA-243C-47F3-BA01-30BE370CA6B1}C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [TCP Query User{D81E2147-F2A2-4105-A36B-8EF7FEA04452}C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [UDP Query User{36D19403-1991-4E8E-8145-7E804CC73AD6}C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [{5F3EA87A-90F3-4626-AACA-7916A3BFD2EA}] => (Allow) C:\Program Files\BlueStacks_bgp64\HD-Player.exe => No File
FirewallRules: [TCP Query User{E18E0E38-4030-45E9-BC07-B643BC3C4B39}C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [UDP Query User{F626C883-92B2-44B3-9E54-9A2F8C1CE7DE}C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [TCP Query User{A719F233-9069-481B-8DB5-6F601CAAC967}C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe => No File
FirewallRules: [UDP Query User{233055A1-F9BA-432C-8A80-5B4EE0D15D71}C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe => No File
FirewallRules: [TCP Query User{2E264129-0F0B-45CD-B679-095140BBDFF1}C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [UDP Query User{F1F29FE8-D9E0-40E7-AB99-CEEA1A86F4A7}C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [TCP Query User{7E44BE17-DFE1-4760-8240-B35BBF487BCE}C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{D07DE422-719C-41B7-8B09-27862BEAFE7B}C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{7F6993DF-F557-4498-967B-3704A1682B76}C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe => No File
FirewallRules: [UDP Query User{47B5B3C4-AD76-4198-B173-3303DA734D9E}C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe => No File
FirewallRules: [TCP Query User{A456D408-B363-4D5D-82F2-6FE057DB27F4}C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe => No File
FirewallRules: [UDP Query User{AA101A67-B4FA-46B8-85C8-7F36645BDDB5}C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe => No File
FirewallRules: [TCP Query User{E51C7860-7EBA-4373-B473-B93210B56DBC}C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [UDP Query User{90595795-29E6-41AA-89FC-9352F12EEDA0}C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [TCP Query User{C01512D0-38D4-4C20-95A2-E585C4B03216}C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [UDP Query User{58EF3087-3590-4AFF-B2CC-C249EAB2FC28}C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe => No File
FirewallRules: [TCP Query User{F23A8FDD-D625-420E-A53D-69641E93598A}C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [UDP Query User{0AC75736-2CD5-4885-B77F-992CF97D2E78}C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Allow) C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe => No File
C:\Users\Hladk\AppData\Local\Temp\d127fe0b-873a-40cb-960f-1ebf18f61cbb.tmp
C:\Users\Hladk\AppData\Local\Temp\22a5be45-6ec2-43cb-a7c6-1ce30a881e4f.tmp
C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\adblocker_data\fe59aa748b9000bb96afc12e6b7f71e5.easylist

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1001266131-2733610755-3133150411-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0be8b383-756a-11ea-9e0c-7085c262d76e} => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D8A2B39-A76D-42CC-82B9-986D86B87B98}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D8A2B39-A76D-42CC-82B9-986D86B87B98}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B270A711-E269-48B0-B7D9-6AA86A5CC466}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B270A711-E269-48B0-B7D9-6AA86A5CC466}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\HWiNFO_161 => removed successfully
HWiNFO_161 => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Program Files (x86)\toolbar.bmp => moved successfully
C:\Users\Hladk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AEC13BEE-7FCE-4619-8C27-63ADE0F1C9B9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3FB1CB04-AB40-4BCF-9E10-7A0B95FF2AE0}C:\users\hladk\appdata\local\programs\opera\70.0.3728.95\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2BD3D3B0-AF4A-4AB1-A736-6C279A1B97C9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A6221505-6CF3-402E-A921-B701F5E4E82E}C:\users\hladk\appdata\local\programs\opera\70.0.3728.71\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{36AAD69A-19FF-4610-87A5-24C373B8D06C}C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6EA2B64B-5C54-447B-ACDA-3C716255F518}C:\users\hladk\appdata\local\programs\opera\69.0.3686.77\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FC90B73D-B5ED-444F-8AC2-39D0D7C4E383}C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7F387485-89C1-4742-A0BE-2278198C43D8}C:\users\hladk\appdata\local\programs\opera\68.0.3618.173\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{80ADBB38-C3A9-4F4B-A64D-20A7F1CB9549}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{72E9A4F1-0F1E-4157-9810-B6A90D105C90}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F3189B20-1311-43E4-A00A-8B90E16FFDF8}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C0CEC372-FABE-4965-AB99-659649FCA6D3}C:\users\hladk\appdata\local\programs\opera\68.0.3618.125\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B5C534CA-DD90-4F00-A9DC-7AA1D67F503D}C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{21DF427C-07AB-4687-B000-215151C9D8D6}C:\users\hladk\appdata\local\programs\opera\68.0.3618.104\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4442A42E-65E3-4716-952B-475688E868FF}C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{92BFC1D3-BA0B-41E8-A911-90F9EC26A79E}C:\users\hladk\appdata\local\programs\opera\68.0.3618.63\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D6FAED8E-7A2C-4E93-9FEB-70FA3FC41A0E}C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A3D7CEDF-5096-422A-9F28-995975DE50C1}C:\users\hladk\appdata\local\programs\opera\67.0.3575.137\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6BF4A7B2-BC35-4450-A564-9AB82F22B2A0}C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{13E0D06C-162C-4AAA-9C43-0E0C08E7B523}C:\users\hladk\appdata\local\programs\opera\67.0.3575.115\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{235AE8F5-02D1-4521-921A-892F1E1B71CB}C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DF7B7697-6433-4D50-85C2-827A1636BF1D}C:\users\hladk\appdata\local\programs\opera\67.0.3575.97\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F7C94FFB-E06D-43EB-90E2-4F863D0F45C5}C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{915C8622-F87F-49F1-BE74-3C4E5A70741D}C:\users\hladk\appdata\local\programs\opera\67.0.3575.79\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0D61D0BF-830C-485C-9EFA-ACFBD65BF807}C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CFC8FE14-DD0E-45DB-9177-89804D9845CA}C:\users\hladk\appdata\local\programs\opera\67.0.3575.53\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{154925E9-895E-4064-8E02-F855198144FF}C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{71B9F9AD-9D16-4D2C-9D78-A0C614D4042E}C:\users\hladk\appdata\local\programs\opera\66.0.3515.115\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6097984C-D97B-492C-9A07-F4B8A52A21BF}C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C4CC4BE6-CA68-4AEE-BF64-61F0710225F5}C:\users\hladk\appdata\local\programs\opera\66.0.3515.103\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CD9399B9-240E-4624-84FF-A76C4BF50A94}C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{58534CAB-DBC9-4018-B5EA-AE3AEDB8B716}C:\users\hladk\appdata\local\programs\opera\66.0.3515.72\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A03B30D3-8138-4755-A246-04124C3CECA7}C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7E18BFFB-ED71-482C-BF31-09899779D2F4}C:\users\hladk\appdata\local\programs\opera\66.0.3515.44\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2A60AB5-8E13-443B-A46D-3C33AD6FB706}C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CD907C87-0A34-4854-A3D2-A7CBB4F1D180}C:\users\hladk\appdata\local\programs\opera\65.0.3467.78\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{01FE5073-FD07-4C54-ABB4-9A2800D99785}C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0CE15A22-6C01-425A-8D7D-572C42ABF0BC}C:\users\hladk\appdata\local\programs\opera\65.0.3467.72\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{17521C2F-AD1B-461C-9C1B-F8D501E52505}C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C598D783-777A-4EBF-85C7-646BF25CAE1E}C:\users\hladk\appdata\local\programs\opera\65.0.3467.62\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{83FFB050-CD4F-4511-9E9C-7C7189F928CC}C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{648ABAE2-65AE-467C-9F48-81304EB5A9F7}C:\users\hladk\appdata\local\programs\opera\65.0.3467.48\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{797FE114-DC6F-449F-8BA2-305AE3CE12A5}C:\program files\java\jre1.8.0_231\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AEF95643-E1DD-4F0E-8E71-2FFFBC253EA0}C:\program files\java\jre1.8.0_231\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5EF78676-80DB-487C-9757-1562BF45A950}C:\program files\java\jre1.8.0_201\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{407893BF-943B-4F17-B04F-00F258680FB1}C:\program files\java\jre1.8.0_201\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A7E9158F-D429-4B37-97C8-8BDAF0E08F8C}C:\program files\java\jre1.8.0_211\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B68CDC7-3BFF-40ED-8502-E91BB11F713B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5233E68C-3582-46D9-A6E1-40B09C49F909}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F42F9F03-7347-4E1A-AEC6-FFCD080CCFD4}C:\program files (x86)\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D9197196-9980-453A-AFB2-67F94269D10D}C:\program files (x86)\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2D79C30D-BB7F-4D34-BF86-D9682FD6E80F}C:\program files\java\jre1.8.0_221\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{849A800C-FADA-4368-B463-4CA0AF49AC97}C:\program files\java\jre1.8.0_221\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7C138555-9143-4D6A-9DC7-90E1DB5940D9}C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EF545FAE-C620-4053-A16C-7277E7506F0D}C:\users\hladk\appdata\local\programs\opera\70.0.3728.106\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5562B3B0-3416-46BE-A488-08E2362044AE}C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5ED12D5F-3182-4775-B489-FEE713D9E0F6}C:\users\hladk\appdata\local\programs\opera\70.0.3728.154\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DCB0923E-31E8-4BFA-9418-7AF1BCF76186}C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{909145B2-3AA4-4D3E-A4D2-77C102322219}C:\users\hladk\appdata\local\programs\opera\70.0.3728.178\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7E00704A-A48F-4DB4-841B-26DE584CBD2E}C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C05BA804-3886-4637-A912-0240FA199996}C:\users\hladk\appdata\local\programs\opera\70.0.3728.189\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{558FF623-ED78-460F-B7A4-BDE2D4B843C4}C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D88D9356-1CE5-43B8-AFA6-A7D568A51AE9}C:\users\hladk\appdata\local\programs\opera\71.0.3770.198\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B9361DCB-5714-45DB-BA31-9F18B970B4B7}C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{78994A18-CCA1-4C2B-8DD1-6005D5AF8DBC}C:\users\hladk\appdata\local\programs\opera\71.0.3770.228\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E1928307-104F-43E5-BB36-E6FB6947A5F8}C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFE5D62E-DD74-4B99-9DEC-C16ED4E1F38B}C:\users\hladk\appdata\local\programs\opera\71.0.3770.271\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{838ABB31-B739-4952-91AE-A938FF0F6B38}C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A31A733E-60D2-403C-83E8-96BC19EB3E43}C:\users\hladk\appdata\local\programs\opera\71.0.3770.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{74293A31-40F4-4010-B82E-DB28630FC1F7}C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6DCD16B6-DA09-43A4-9CB0-EEBC155AC81E}C:\users\hladk\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{41BC202C-3896-4D89-9832-35AF68DBEFE1}C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E20A8878-3EFA-4245-B149-5BA50A4D4CF1}C:\users\hladk\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{747B9B7E-BABD-48E6-B310-BF3AD6ABAA72}C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6B5F7A21-AD66-4E4A-8FD7-C0F808642F7E}C:\users\hladk\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{70183EC0-9735-40A4-83BA-B65D9A44FECB}C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{80B2B39A-41A2-4DB4-B2CE-3494DF3337E4}C:\users\hladk\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8E40A96E-88A5-4260-84C7-6194532CC0BF}C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1D200F28-6EF9-4DFF-9CA2-C405E2846E04}C:\users\hladk\appdata\local\programs\opera\73.0.3856.329\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5F770C7C-7222-4E45-A754-D0E4C74E8552}C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{02E9DE4D-2227-4777-A894-B9ECC55E71ED}C:\users\hladk\appdata\local\programs\opera\73.0.3856.344\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A63A85B0-EE53-45AE-A505-6097DDA77A34}C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6F631C14-2AFD-4718-A64B-46E0AFB24FC9}C:\users\hladk\appdata\local\programs\opera\74.0.3911.107\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9183235A-BC47-4373-86E5-81535948CCBB}C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ABF56DDE-D0D8-48E5-9950-CF0823DA22D5}C:\users\hladk\appdata\local\programs\opera\74.0.3911.160\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7924D7F9-35B5-4323-8CD6-BF7FB02C27D1}C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CE9F2AB9-F350-4173-99FE-8C9EA59BABEA}C:\users\hladk\appdata\local\programs\opera\74.0.3911.203\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{627D6D88-BCD9-4B11-8752-7033CE67A43E}C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BF44925E-976B-4681-A7BC-ADD952905D4A}C:\users\hladk\appdata\local\programs\opera\74.0.3911.218\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2B7C2FCC-8FE5-4DA7-BD8B-D927A75B3B71}C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5F64FDD9-1BB6-480D-9924-05DBE3BCEFFD}C:\users\hladk\appdata\local\programs\opera\75.0.3969.149\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1986AD46-BD8E-4F25-B06C-EDAABD15F373}C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E73F905E-2295-4172-B8AF-F6CAADEC2864}C:\users\hladk\appdata\local\programs\opera\75.0.3969.171\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{84A9739B-671F-4E4A-BE63-6EE1BD489B64}C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E21BB260-186E-4361-A69F-BA7AB9DF0FD8}C:\users\hladk\appdata\local\programs\opera\75.0.3969.218\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AD2C198-35E1-41D5-93C8-BEF3AF17B699}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5727A7C0-41CE-441B-9285-61A040416076}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2CB56624-7D8F-45E3-93D6-FF7D65E68D9A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0B8B5CD6-3EF7-4242-A04C-FDBB1A94F158}C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DDC5EE6F-2E52-4F48-A8B5-F521E1552474}C:\users\hladk\appdata\local\programs\opera\75.0.3969.243\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2A9894EC-FF19-4E3B-B092-0F1FDEB04C97}C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B21566DA-243C-47F3-BA01-30BE370CA6B1}C:\users\hladk\appdata\local\programs\opera\76.0.4017.107\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D81E2147-F2A2-4105-A36B-8EF7FEA04452}C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{36D19403-1991-4E8E-8145-7E804CC73AD6}C:\users\hladk\appdata\local\programs\opera\76.0.4017.123\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F3EA87A-90F3-4626-AACA-7916A3BFD2EA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E18E0E38-4030-45E9-BC07-B643BC3C4B39}C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F626C883-92B2-44B3-9E54-9A2F8C1CE7DE}C:\users\hladk\appdata\local\programs\opera\76.0.4017.154\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A719F233-9069-481B-8DB5-6F601CAAC967}C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{233055A1-F9BA-432C-8A80-5B4EE0D15D71}C:\users\hladk\appdata\local\programs\opera\76.0.4017.177\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2E264129-0F0B-45CD-B679-095140BBDFF1}C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F1F29FE8-D9E0-40E7-AB99-CEEA1A86F4A7}C:\users\hladk\appdata\local\programs\opera\77.0.4054.90\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7E44BE17-DFE1-4760-8240-B35BBF487BCE}C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D07DE422-719C-41B7-8B09-27862BEAFE7B}C:\users\hladk\appdata\local\programs\opera\77.0.4054.203\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7F6993DF-F557-4498-967B-3704A1682B76}C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{47B5B3C4-AD76-4198-B173-3303DA734D9E}C:\users\hladk\appdata\local\programs\opera\77.0.4054.277\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A456D408-B363-4D5D-82F2-6FE057DB27F4}C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AA101A67-B4FA-46B8-85C8-7F36645BDDB5}C:\users\hladk\appdata\local\programs\opera\78.0.4093.112\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E51C7860-7EBA-4373-B473-B93210B56DBC}C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{90595795-29E6-41AA-89FC-9352F12EEDA0}C:\users\hladk\appdata\local\programs\opera\78.0.4093.147\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C01512D0-38D4-4C20-95A2-E585C4B03216}C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{58EF3087-3590-4AFF-B2CC-C249EAB2FC28}C:\users\hladk\appdata\local\programs\opera\78.0.4093.184\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F23A8FDD-D625-420E-A53D-69641E93598A}C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0AC75736-2CD5-4885-B77F-992CF97D2E78}C:\users\hladk\appdata\local\programs\opera\78.0.4093.231\opera.exe" => removed successfully
"C:\Users\Hladk\AppData\Local\Temp\d127fe0b-873a-40cb-960f-1ebf18f61cbb.tmp" => not found
"C:\Users\Hladk\AppData\Local\Temp\22a5be45-6ec2-43cb-a7c6-1ce30a881e4f.tmp" => not found
"C:\Users\Hladk\AppData\Roaming\Opera Software\Opera Stable\adblocker_data\fe59aa748b9000bb96afc12e6b7f71e5.easylist" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 306578887 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 4839325 B
Edge => 27175 B
Chrome => 27482703 B
Firefox => 1406125407 B
Opera => 376230339 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 40234 B
NetworkService => 7605660 B
Hladk => 1210874536 B

RecycleBin => 1184807 B
EmptyTemp: => 3.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-02-2022 22:24:38)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 22:24:38 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[kockopes]

Děkuji. Ráno mi po startu PC Defender ohlásil opět ten samý vir. Zkusil jsem to poté projet i skrz Esetonline, tam čisto. Tak nevím...

[Rudy]

OK. Zkuste proskenovat pomocí AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co eventuálně najde. Návod v odkazu je na sterší verzi této utility.

[kockopes]

Zdravím,
uvedený program nic nenašel, stejně jako Defender. Tudíž, prosím o zavření vlákna a děkuji za pomoc

[Rudy]

OK. Dejte ho tedy do vyjímek. Rádo se stalo!