VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by novak (administrator) on DESKTOP-OR2P7VG (Micro-Star International Co., Ltd. MS-7B51) (29-12-2022 16:55:17)
Running from C:\Users\novak\Downloads
Loaded Profiles: novak & simon
Platform: Microsoft Windows 10 Home Version 21H2 19044.2364 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2022.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe <2>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe <2>
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <3>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <5>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\NVDisplay.Container.exe <3>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe
(services.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe <2>
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM-x32\...\Run: [Glorious Core] => C:\Program Files (x86)\Glorious Core\Glorious Core.exe [136103936 2022-10-28] (GitHub, Inc.) [File not signed]
HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\Run: [MicrosoftEdgeAutoLaunch_6E6064578B89518FC29562D92CB4EC1E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3050080 2022-10-23] (Skutta, Kristjan -> )
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32754128 2022-12-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\Run: [Spotify] => C:\Users\simon\AppData\Roaming\Spotify\Spotify.exe [19687400 2022-05-19] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
Startup: C:\Users\novak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2022-12-27]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06AA211D-8921-49EE-AF51-ADB153F58CBA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {06C55EBD-50BC-4D38-BC3D-B488C9696C16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-19] (Google LLC -> Google LLC)
Task: {0A980764-FC6D-49A4-A5B7-CA9BCF9597D2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {149B851F-9D4B-4EF6-BE65-FACEF4CE5063} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {1541283A-9B71-42C9-A41A-095E7ACAA4C3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {168F7596-2F77-4D89-92C9-B1AAB55E10DF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1C588686-73E3-47B0-A6BA-493959E70850} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-19] (Google LLC -> Google LLC)
Task: {3E6CA373-3959-4D2F-8A92-50874C8F0C7F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {58A11CC5-4D04-49E4-BD9D-8E294D3E41B2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {62D1BEF2-AF57-487D-A44D-41B54EBB7BB8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {675AEC13-2629-45AB-B86E-B1B9DCA1866A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A4411BF-F1D7-4385-BCC9-AC192C69C536} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {74D51529-B1C8-4AA3-BF38-5ACAE420F104} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {76E67B08-65EE-4FCC-A1D0-CED51EFBD063} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8BC53E5F-157D-4FE6-AD4E-C4E3A5775B6E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {920830CE-C5CB-434C-A322-F6F9D5373CDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CE22A71-5F82-4104-9735-434032D2B1F9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A19FEC19-ACB7-472D-9D44-67844BC1D133} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2694878751-39217375-5053309-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA694AA7-6883-418F-A9BA-347E6D3F29D2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2694878751-39217375-5053309-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA45C126-2CB0-49AB-B10B-9A5DAAA06605} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C6EB991C-82FB-4034-B817-0A1DB02F51C9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D27E98B0-2DE6-4856-A37C-64E78D74466A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EEEF75EC-ECAF-4214-8958-37436C08FA05} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F65323CC-B0DC-472F-AC05-902C8E516CD8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 8.8.8.8 10.200.1.1
Tcpip\..\Interfaces\{057bdce6-338a-464c-b99a-a2fba1f5760a}: [DhcpNameServer] 192.168.10.1 8.8.8.8 10.200.1.1
Tcpip\..\Interfaces\{7fa23945-ba62-4822-8086-f88f267401ce}: [DhcpNameServer] 192.168.2.1 192.168.10.1 8.8.8.8 192.168.2.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\novak\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-29]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-14] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default [2022-12-29]
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (DuckDuckGo) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-12-13]
CHR Extension: (Return YouTube Dislike) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-30]
CHR Extension: (CSGOFloat Market Checker) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjicbefpemnphinccgikpdaagjebbnhg [2022-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-19]
CHR Profile: C:\Users\novak\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-29]
CHR Profile: C:\Users\novak\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-12-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-11]
CHR Profile: C:\Users\novak\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-11]
CHR Profile: C:\Users\novak\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-29]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-18] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12540928 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-10-03] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-17] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncHelper.exe [3478928 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\OneDriveUpdaterService.exe [3845008 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-07] (Rockstar Games, Inc. -> Rockstar Games)
R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [129696 2022-03-17] (Skutta, Kristjan -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 atvi-randgrid_sr; C:\Program Files (x86)\Steam\steamapps\common\Call of Duty HQ\randgrid.sys [2513192 2022-11-30] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2020-11-19] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 MpKsl36e3c5d3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5054D310-40EF-424B-94E4-A249CC8C32CF}\MpKslDrv.sys [214280 2022-12-29] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-11] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2022-06-09] (Zemana Ltd. -> Zemana Ltd.)
S3 AIDA64Driver; \??\C:\Users\Administrator\Desktop\Testy\aida64extreme\kerneld.x64 [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-29 16:55 - 2022-12-29 16:55 - 000023541 _____ C:\Users\novak\Downloads\FRST.txt
2022-12-29 16:54 - 2022-12-29 16:55 - 000000000 ____D C:\FRST
2022-12-29 16:53 - 2022-12-29 16:54 - 002376192 _____ (Farbar) C:\Users\novak\Downloads\FRST64.exe
2022-12-28 09:01 - 2022-12-29 14:29 - 000000000 ____D C:\Users\novak\AppData\Local\ForzaHorizon5
2022-12-24 21:02 - 2022-12-24 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2022-12-24 21:01 - 2022-12-24 21:02 - 016082320 _____ (Logitech Inc.) C:\Users\novak\Downloads\lgs510_x64.exe
2022-12-18 11:18 - 2022-12-18 11:18 - 000000000 ____D C:\Users\novak\AppData\LocalLow\Cosmic Adventure Squad
2022-12-14 17:33 - 2022-12-14 17:33 - 000000000 ___HD C:\$WinREAgent
2022-12-08 18:43 - 2022-12-08 18:43 - 000000000 ____D C:\Users\novak\AppData\LocalLow\Team Alto
2022-12-01 16:01 - 2022-12-01 16:01 - 000000000 ____D C:\Users\novak\OneDrive\Dokumenty\Call of Duty
2022-12-01 16:00 - 2022-12-01 16:01 - 000000000 ____D C:\Users\novak\AppData\Local\Activision
2022-12-01 06:46 - 2022-12-01 06:46 - 000000000 ____D C:\Users\novak\AppData\Local\My Games
2022-12-01 06:45 - 2022-12-01 06:45 - 000000000 ____D C:\Users\novak\AppData\Local\BattlEye

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-29 16:55 - 2022-06-09 12:03 - 002020645 _____ C:\Windows\ZAM_Guard.krnl.trace
2022-12-29 16:53 - 2021-11-06 11:51 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-29 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-29 16:32 - 2022-01-30 20:26 - 000000000 ____D C:\Users\novak\AppData\Local\CrashDumps
2022-12-29 15:57 - 2021-11-19 22:36 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-29 15:44 - 2022-05-05 15:10 - 000000000 ____D C:\Users\novak\AppData\Roaming\discord
2022-12-29 15:44 - 2021-12-24 20:08 - 000000000 ____D C:\Program Files (x86)\Steam
2022-12-29 15:31 - 2022-05-05 16:18 - 000000000 ____D C:\Users\novak\AppData\Local\Discord
2022-12-29 15:11 - 2022-01-23 14:06 - 000004202 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{9C33C13D-54F8-4182-9BDD-81E3DE35740F}
2022-12-29 10:26 - 2020-11-18 23:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-12-28 22:02 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-12-28 21:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-28 12:37 - 2022-10-02 19:44 - 000000000 ____D C:\Users\novak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-12-28 10:40 - 2021-11-19 22:29 - 000000000 ____D C:\Users\novak\AppData\Local\ConnectedDevicesPlatform
2022-12-28 09:56 - 2021-11-19 22:29 - 000000000 ____D C:\Users\novak\AppData\Local\D3DSCache
2022-12-27 18:28 - 2022-03-29 13:25 - 000000000 ____D C:\Users\simon\AppData\Local\D3DSCache
2022-12-27 18:27 - 2022-03-29 13:36 - 000000000 ____D C:\Users\simon\AppData\Local\UnrealEngine
2022-12-27 18:24 - 2022-03-29 13:23 - 000000000 ____D C:\Users\simon\AppData\Local\Packages
2022-12-27 15:01 - 2022-05-31 13:31 - 000000000 ____D C:\Users\novak\AppData\Roaming\Origin
2022-12-27 14:56 - 2022-05-31 13:31 - 000000000 ____D C:\Users\novak\AppData\Local\Origin
2022-12-27 12:42 - 2022-05-31 13:55 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-12-27 12:41 - 2021-12-25 08:49 - 000000000 ____D C:\ProgramData\Origin
2022-12-27 08:03 - 2022-09-28 09:13 - 000001747 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2022-12-27 08:03 - 2022-09-28 09:13 - 000000000 ____D C:\Users\novak\AppData\Roaming\Rainmeter
2022-12-27 08:03 - 2022-09-28 09:13 - 000000000 ____D C:\Program Files\Rainmeter
2022-12-25 08:06 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-12-24 20:26 - 2021-03-22 17:45 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-12-24 20:26 - 2019-12-07 15:41 - 000682184 _____ C:\Windows\system32\perfh005.dat
2022-12-24 20:26 - 2019-12-07 15:41 - 000137000 _____ C:\Windows\system32\perfc005.dat
2022-12-24 20:19 - 2021-03-22 17:39 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-24 20:19 - 2020-11-19 00:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-24 20:19 - 2019-12-07 10:03 - 001048576 _____ C:\Windows\system32\config\BBI
2022-12-23 13:10 - 2022-05-05 15:31 - 000000000 ____D C:\Users\novak\AppData\Roaming\.minecraft
2022-12-23 11:05 - 2021-12-24 22:35 - 000000000 ____D C:\Users\novak\AppData\Roaming\lunarclient
2022-12-21 15:40 - 2022-08-19 09:30 - 000000000 ____D C:\Users\novak\AppData\Local\Ubisoft Game Launcher
2022-12-21 15:38 - 2022-02-01 13:09 - 000000000 ____D C:\Users\novak\AppData\Local\osu!
2022-12-21 15:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2022-12-21 11:53 - 2021-12-24 22:18 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-19 17:20 - 2022-01-28 08:50 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-19 17:20 - 2022-01-28 08:50 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-19 17:20 - 2022-01-28 08:50 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-19 17:20 - 2022-01-28 08:50 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-19 17:20 - 2022-01-28 08:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-19 17:20 - 2022-01-28 08:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-19 17:20 - 2022-01-28 08:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-19 17:20 - 2022-01-28 08:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-19 17:20 - 2022-01-28 08:50 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-12-19 17:20 - 2022-01-28 08:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-12-19 17:20 - 2021-11-06 11:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-12-19 17:20 - 2021-11-06 11:51 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-12-18 16:19 - 2021-11-19 22:29 - 000000000 ____D C:\Users\novak\AppData\Local\Packages
2022-12-18 08:05 - 2022-11-12 21:33 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-18 07:58 - 2020-11-19 00:32 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-17 13:05 - 2022-10-23 12:05 - 000000138 _____ C:\Users\novak\Downloads\tinytask-1-77.ini
2022-12-16 20:44 - 2021-11-19 22:23 - 000000000 ____D C:\Users\novak
2022-12-16 20:30 - 2022-07-21 12:12 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-12-16 20:30 - 2022-03-31 18:03 - 000000000 ____D C:\Windows\Minidump
2022-12-16 20:30 - 2021-11-06 12:50 - 001404366 ____N C:\Windows\Minidump\121622-5515-01.dmp
2022-12-16 14:48 - 2021-11-19 22:38 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-15 17:10 - 2022-01-07 10:30 - 000000000 ____D C:\Users\novak\OneDrive\Dokumenty\Škola Matěj
2022-12-15 17:04 - 2022-07-21 12:12 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-12-15 17:04 - 2022-07-21 12:12 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-14 18:14 - 2020-11-18 23:29 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2022-12-14 18:13 - 2021-03-22 18:02 - 000000000 ____D C:\Windows\en-GB
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-12-14 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-14 17:38 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-12-14 17:37 - 2020-11-19 00:32 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-12-14 17:32 - 2021-11-06 11:49 - 148633544 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-12-14 17:32 - 2021-11-06 11:49 - 000000000 ____D C:\Windows\system32\MRT
2022-12-11 20:48 - 2020-11-19 00:30 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-12-11 20:46 - 2022-02-20 10:02 - 000000000 ____D C:\Users\novak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-12-08 17:52 - 2021-12-24 22:21 - 000000000 ____D C:\Program Files\Epic Games
2022-12-07 19:57 - 2022-02-01 07:14 - 000000000 ____D C:\Program Files\Rockstar Games
2022-12-07 19:57 - 2022-02-01 07:14 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2022-12-07 10:54 - 2022-01-28 08:50 - 002227752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2022-12-07 10:53 - 2022-01-28 08:50 - 002893880 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2022-12-07 10:53 - 2022-01-28 08:50 - 001296936 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2022-12-05 17:50 - 2022-02-27 07:45 - 000000000 ____D C:\Users\novak\AppData\Roaming\io.krunker.desktop
2022-12-04 19:01 - 2021-11-19 22:31 - 000000000 ____D C:\Users\novak\AppData\Local\PlaceholderTileLogoFolder
2022-12-01 06:46 - 2021-12-28 13:37 - 000000000 ____D C:\Users\novak\OneDrive\Dokumenty\My Games

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by novak (29-12-2022 16:56:11)
Running from C:\Users\novak\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2364 (X64) (2021-11-19 21:15:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2694878751-39217375-5053309-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2694878751-39217375-5053309-503 - Limited - Disabled)
Guest (S-1-5-21-2694878751-39217375-5053309-501 - Limited - Disabled)
novak (S-1-5-21-2694878751-39217375-5053309-1003 - Administrator - Enabled) => C:\Users\novak
simon (S-1-5-21-2694878751-39217375-5053309-1004 - Limited - Enabled) => C:\Users\simon
WDAGUtilityAccount (S-1-5-21-2694878751-39217375-5053309-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Discord (HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\Discord) (Version: 1.0.9004 - Discord Inc.)
Discord (HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\Discord) (Version: 1.0.9004 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
FiveM (HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\CitizenFX_FiveM) (Version: - Cfx.re)
FiveM (HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\CitizenFX_FiveM) (Version: - Cfx.re)
Glorious Core (HKLM-x32\...\{A717F79A-3E09-4441-B378-86CE25CD64C3}}_is1) (Version: - Glorious, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Lunar Client (HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.15.1 - Moonsworth, LLC)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 526.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 526.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22253 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.116.52126 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{9077d068-3718-4ef8-9d80-b857a8c5b44f}) (Version: latest - ppy Pty Ltd)
Pokémon Trading Card Game Online (HKLM-x32\...\{0D859D72-CBE8-4164-BB19-66EFAE21DB3A}) (Version: 2.92.0 - The Pokémon Company International)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.5.17 - Rainmeter)
Roblox Player for novak (HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\roblox-player) (Version: - Roblox Corporation)
Roblox Player for simon (HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for novak (HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\roblox-studio) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.67.1178 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games)
SketchUp Language Pack [cs] (HKLM\...\{f3ef1db2-67e5-2292-cdaa-61c63f3897b0}) (Version: 22.0.316 - Název společnosti:) Hidden
SketchUp Pro 2022 (HKLM-x32\...\{c631706c-1735-11ec-9621-0242ac130015}) (Version: 22.0.316 - Trimble, Inc.)
SketchUpPro 2022 (HKLM\...\{90c7b4b1-d547-8407-c0fe-be8bd0d96ad6}) (Version: 22.0.316.108 - Název společnosti:) Hidden
SOS - Pomoc s počítačem (HKLM-x32\...\{898BAEBF-0858-6007-4D91-ADF1ACE44632}) (Version: 7.11.760 - LogMeIn, Inc.)
Spotify (HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\Spotify) (Version: 1.1.85.895.g2a71e1b8 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.7.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.7.1 - General Workings, Inc.)
TikTok (HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\e1ac1ef0978d1b231030c7c73fdb35e8) (Version: 1.0 - Google\Chrome)
TikTok LIVE Studio (HKLM-x32\...\tiktoklivestudio) (Version: 0.10.4-beta - TikTok Pte. Ltd.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\Riot Game valorant.live) (Version: - Riot Games, Inc)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-22] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2022-11-09] (Instagram)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa [2022-12-18] (Apple Inc.) [Startup Task]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.86.53503.0_x64__8wekyb3d8bbwe [2022-12-27] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.11129.457.0_x64__8wekyb3d8bbwe [2022-12-28] (Microsoft Corporation)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2022-09-08] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-06-11] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-11-12] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2022-03-29] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.555.874.0_x86__55nm5eh3cm0pr [2022-12-28] (ROBLOX Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-27] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-08] (Spotify AB) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2022-12-21] (Bytedance Pte. Ltd.)
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2022.1.0.0_x64__v826wp6bftszj [2022-12-27] (Charles Milette) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2248.9.0_x64__cv1g1gvanyjgm [2022-12-28] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.0 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.0_2.460.358.0_x86__8wekyb3d8bbwe [2022-04-12] (Microsoft Corporation)
WindowsAppRuntime.1.0 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.0_3.469.1654.0_x64__8wekyb3d8bbwe [2022-04-21] (Microsoft Corporation)
WindowsAppRuntime.1.0 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.0_3.469.1654.0_x86__8wekyb3d8bbwe [2022-04-21] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1004.584.2120.0_x64__8wekyb3d8bbwe [2022-08-17] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1004.584.2120.0_x86__8wekyb3d8bbwe [2022-08-17] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2694878751-39217375-5053309-1003_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\nvshext.dll [2022-11-09] (Nvidia Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\novak\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__maonlnecdeecdljpahhnnlmhbmalehlm\Instagram.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm --app-url=hxxps://www.instagram.com/?utm_source=pwa_homescreen --app-launch-source=4
ShortcutWithArgument: C:\Users\novak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\TikTok.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc
ShortcutWithArgument: C:\Users\novak\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Instagram.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm --app-url=hxxps://www.instagram.com/?utm_source=pwa_homescreen --app-launch-source=4

==================== Loaded Modules (Whitelisted) =============

2022-05-31 13:38 - 2022-05-31 13:38 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-05-31 13:38 - 2022-05-31 13:38 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-05-31 13:38 - 2022-05-31 13:38 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-11-28 16:25 - 2022-05-31 13:38 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-11-28 16:25 - 2022-05-31 13:38 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-11-28 16:25 - 2022-05-31 13:38 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-11-28 16:25 - 2022-05-31 13:38 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-11-28 16:25 - 2022-05-31 13:38 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-11-28 16:25 - 2022-05-31 13:38 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\PerfLogs:err [1602]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8672]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\sharepoint.com -> hxxps://urmgt-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2694878751-39217375-5053309-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2694878751-39217375-5053309-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.10.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run32: => "Glorious Core"
HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6E6064578B89518FC29562D92CB4EC1E"
HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2694878751-39217375-5053309-1003\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\StartupApproved\Run: => "Salad"
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{28470985-C4A7-4621-A889-92FE063B97F7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D1C1D0B6-A9EE-4265-BBDC-9FE5E5054631}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7C89763D-8931-4A24-AA09-85A6872D0F50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{14A302BB-5141-4453-871C-ECC23C91670A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{2DB47D5B-079A-4B39-B3BD-D86B58427EBD}C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6F009DC4-42D3-4FEA-9167-375BA62BDEC9}C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [{AA32BE44-EDE5-4957-9503-708CAF0D6B0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PGA TOUR 2K21\golf.exe () [File not signed]
FirewallRules: [{2F8ED90B-2444-4D17-94E9-3131E9DE15C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PGA TOUR 2K21\golf.exe () [File not signed]
FirewallRules: [{6298B7BB-AD75-4DF6-B6FB-1F95CC3823E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2021\F1_2021_dx12.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{727BF338-0177-4931-96A5-002B5FC84A8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2021\F1_2021_dx12.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{ADDB62AF-3799-4104-B0D5-1A71AE8B9ED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{2A789801-B8FE-434F-B893-59006172B0AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{4E14AE75-EEE6-45E3-8DA1-6FB4109A9A60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{2C828FCA-99FB-4924-97B6-2F84D0C721B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{852E5CF9-D029-472E-B0FE-F111828203A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuysGameLauncher.exe => No File
FirewallRules: [{011DF5CE-7CF5-4D02-B142-45D09B963234}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuysGameLauncher.exe => No File
FirewallRules: [TCP Query User{AA7B6168-1B5D-4E7A-A567-A269F8FDE330}C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{1D85FFFC-20E8-4FE1-9782-B0691B9497E6}C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{08B59792-6B22-48A2-B830-D85F2EA855F4}C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{95901FAB-AD5B-4F31-B7B2-2060B5FF7E56}C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CEBC30E9-016C-4BB3-8A68-76749BAA63EF}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BAFD17EF-FAA8-4ECC-BD82-A25CCED0CFFE}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{872E3E95-5BA1-4DD1-8A02-3E98414D93C3}D:5\forzahorizon5.exe] => (Allow) D:5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{FA07F9A2-CB8A-4603-8FFE-C24AB2CBEEC0}D:5\forzahorizon5.exe] => (Allow) D:5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{4A8B20B2-BADB-48D2-84BE-6E6C4B54B3E3}C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{3FC45EE1-6E7D-44CD-AB52-FE49AE5E3D14}C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DE4A846D-E4E2-4C32-BBC9-F08D20C8E788}D:3\forzahorizon5.exe] => (Block) D:3\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{D5213611-A1AF-4BB7-B4F8-D1A52370EC32}D:3\forzahorizon5.exe] => (Block) D:3\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{7004446E-16EF-43A9-87FC-BA6F065EDB31}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{570A84C4-3315-4B75-BB98-E0E485CA5951}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{2AA8645A-8B4D-43B0-BF2F-2630E36677B8}C:5\forzahorizon5.exe] => (Allow) C:5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{B69749E2-4534-4385-91B1-8A15F0FD78D0}C:5\forzahorizon5.exe] => (Allow) C:5\forzahorizon5.exe => No File
FirewallRules: [{8337D0FB-CFD2-4C28-A25E-492A36E5A52D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D1819BDC-FF23-4106-AF1E-6F7CE2A6485A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{12C89F78-E96A-494C-8500-3A82795AB283}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{434D4DE7-3A5C-4111-BD7D-A0A00F7B3E1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{007C37FF-B541-45E4-AB38-EA8487D6B569}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{AF2235B4-D95E-4B5B-92B5-10C7DD9B7799}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{2F59BAAF-3D65-41BD-9838-866012188F45}C:3\forzahorizon5.exe] => (Allow) C:3\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BB0E964A-8ECD-4C2A-911D-476E9F3DEDB7}C:3\forzahorizon5.exe] => (Allow) C:3\forzahorizon5.exe => No File
FirewallRules: [{9BD1C17D-2CC7-4104-B51A-C6E38E9AA64A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{CFCEB125-DD3F-4992-B96B-18D2EAC863E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{668BC5A3-F87F-45D3-AAC9-0A366A38B346}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{8B41CED0-49A1-4E63-A69B-4868816D4215}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [TCP Query User{584DE1B9-B4A9-4BB2-946E-3422A2FF1FFC}C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{92F1EB3F-5260-492C-9927-6AAAF08887C9}C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [{A3315973-5203-4E96-8357-B9769512735A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Krunker\Official Krunker.io Client.exe (FRVR Limited -> FRVR Limited)
FirewallRules: [{881DFC49-52D4-4EE7-A3E2-389F6222B3C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Krunker\Official Krunker.io Client.exe (FRVR Limited -> FRVR Limited)
FirewallRules: [TCP Query User{D738A677-FE49-41B4-86AB-F9C7B95BD9EB}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A48B1B5-9B8B-4AA5-B3E2-187F5A7DF3C2}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{106191EB-2F41-4437-9175-058AAB00E073}C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{DE1A091D-769B-4236-AA63-A04CCCB4724A}C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [{245AF69B-1BF6-4E68-9BD2-190A459018DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{6012032E-C9DA-4254-AAFA-54AB75F9CDF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{2966E72A-09CE-446F-A42C-78397FDCBD27}C:\users\novak\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{482750D9-C1AB-48FF-8B78-E62F8E5A438C}C:\users\novak\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{230ED65C-BFE0-4538-A59E-C56E4703F0A9}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{439CE34E-E3D3-47C6-8AB8-7698F73523C3}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{84DD5BD1-5F0B-4463-9FBE-28040C7B27E0}C:\users\simon\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\simon\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{6B0FCE96-D526-4E60-BB7D-DF50D3416D59}C:\users\simon\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\simon\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{8B94DD56-1213-448C-9713-4875B3580623}C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{F4492C6F-5E38-4BA0-8C39-D30F5BDF8A7A}C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{89254C42-E41A-4776-A3AD-DD1D105EC266}C:\users\simon\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simon\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{1ABC71C3-FE87-4E2F-AEEA-617820E9423A}C:\users\simon\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\simon\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{986402F8-32D4-4E6A-9D23-3C42B255FFAD}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe] => (Allow) C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe => No File
FirewallRules: [UDP Query User{3C087C23-81BF-4507-AB39-7528E80C2EC2}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe] => (Allow) C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe => No File
FirewallRules: [{B410EFEF-ECBC-486B-BFE1-693907317B47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{F84DA2BB-EEB0-4990-9248-DCB3065723EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{628013FD-4322-4C3B-A57A-214A345B5636}C:\users\simon\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe] => (Allow) C:\users\simon\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [UDP Query User{7A39605E-35AD-4EE6-B20B-939F40A29F81}C:\users\simon\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe] => (Allow) C:\users\simon\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [TCP Query User{91BD646C-6B7C-4634-A51F-C6C1427268B6}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-5.9d\phoenixminer.exe] => (Allow) C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-5.9d\phoenixminer.exe => No File
FirewallRules: [UDP Query User{80545ABF-DA7B-4E66-9243-F2860A8C245A}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-5.9d\phoenixminer.exe] => (Allow) C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-5.9d\phoenixminer.exe => No File
FirewallRules: [TCP Query User{65427433-F929-4A44-8B59-DF6372E94E4B}C:\users\simon\appdata\roaming\salad\plugin-bin\phoenixminer-5.7b\phoenixminer.exe] => (Block) C:\users\simon\appdata\roaming\salad\plugin-bin\phoenixminer-5.7b\phoenixminer.exe () [File not signed]
FirewallRules: [UDP Query User{171111C3-1867-464D-94A6-04E184AA2DFB}C:\users\simon\appdata\roaming\salad\plugin-bin\phoenixminer-5.7b\phoenixminer.exe] => (Block) C:\users\simon\appdata\roaming\salad\plugin-bin\phoenixminer-5.7b\phoenixminer.exe () [File not signed]
FirewallRules: [TCP Query User{9CAB706A-542A-4682-B508-A2D110487248}C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{D8BD6186-E36E-45BC-8042-35434814C6BA}C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{DBBC72BD-C7E2-49D2-98A2-47E6DF49076A}C:\program files (x86)\steam\steamapps\common\fifa 22\fifa22.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fifa 22\fifa22.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{0B633850-5D6D-4B9E-AF19-F30CF9B428A9}C:\program files (x86)\steam\steamapps\common\fifa 22\fifa22.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fifa 22\fifa22.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{0DEACD1F-6C12-494D-873F-B4E8ED3133DE}C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{607121C6-6545-4675-881B-4E69744DB38E}C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8D00DA3B-02A6-4538-A6A6-90641D032803}C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{184E13B6-3EAA-4459-8907-35824B3028DB}C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [{50E155DE-5078-43F1-8029-692E28744472}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{EDEFA8D8-95B0-42A3-B60B-F6B7D109E1C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [File not signed]
FirewallRules: [{B63A4283-E961-4256-B5C7-40A0AF541C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [File not signed]
FirewallRules: [TCP Query User{3E7E8600-73E3-4E13-974A-DE825946C152}C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FE4339F2-F027-4D6A-A072-8205BFB4BA34}C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [{9A553081-5D3E-4B2E-ABDB-11C5E0D513E2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8333EBD-A64D-4359-996B-1BF19AC1FA64}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F787912-91EF-43BE-B837-BDFAFAE82E6F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{238D2AEA-065A-4E61-8F04-6BC9A34A0C87}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{145D5589-697A-4A36-80F5-FF8372BC1F6B}C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{8C8CC202-80FE-4AE0-88D4-A2FCF629B024}C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{198155A7-CEDB-4095-82E4-D0A7221EF220}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [UDP Query User{D48233DC-0A52-42AE-8885-18F5CD5720D7}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [TCP Query User{E011B4B2-2F38-4ED3-9334-EB65D0FCD92A}C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{441FFB47-D8AC-4573-84C3-F466D73C59C5}C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{F5DD92AD-FB1A-4697-92BE-E7CAE6CC5E35}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{DAB3FC32-A764-4481-984B-7BF81937F132}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{42651ECD-F05B-4CF9-809A-EC1AFEABE223}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{85ED8694-7764-4D7D-8276-272BABF29BD0}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{C0FCF866-5698-4BA8-9EE2-970DD0D71CDB}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{7A00C1B8-F202-4090-8B69-5E9A1BC57FEB}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{3BC665DE-28BA-49A3-8826-1A7817317972}C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{A7134AE3-EB63-4126-B451-471D1230937C}C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{76B7C32F-621D-498D-851E-29E1B5D52601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{2F23A73F-4D39-496F-AE34-8DA15EA4534B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{EC001E8D-F9D6-4F1F-B6C4-FF5EA61F52F6}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{31018903-47F4-466C-BC8D-71EDF4093EA1}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [TCP Query User{AD4F8233-1CEB-4997-87EC-8CCC8D06F0C9}C:\users\novak\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{D4445195-8C3E-4A16-BA39-652195EFA05A}C:\users\novak\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{DCAA74EA-ACFB-4B59-A144-7501EECE1BB7}C:\users\novak\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{3D1FB02C-5E77-47A0-8F3B-B98AEBCAB02E}C:\users\novak\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{12EBAD78-A72C-4571-AADA-AB572A703BBD}C:\users\novak\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\novak\appdata\local\warthunder\launcher.exe => No File
FirewallRules: [UDP Query User{444AFF6F-8E8B-4C60-907E-102AF03379AE}C:\users\novak\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\novak\appdata\local\warthunder\launcher.exe => No File
FirewallRules: [{80604108-27CD-4F83-8686-57444C62EE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{362C1C0E-FCE9-4A5A-ABCF-A322B6039842}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{5EFC6562-95D4-455F-9B7D-B093448A1C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{FFBD2910-2A82-476D-8ED7-8CA6612AEE9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [TCP Query User{7C24CCDB-5906-423A-A3D9-48ABD602631D}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{9A650183-572B-451C-94CB-6E1C7C1E6B17}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{3C567644-C5AE-43B9-95BB-C55A00B29CAD}C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{4E989F4A-03B4-4BD8-B426-27629B0973AB}C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\novak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{A1FA735B-EB31-4265-91BD-0100826CAAC7}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{5C8A1809-F0DD-4DC4-A6C3-8E112F0E7923}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{2BC98F05-5262-4C06-A8A2-2DA04DA3CB7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{C0A5ED07-F4CA-497B-958B-C61DD829269C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{848E6BD5-8A9A-487D-84A7-43F51885D11E}C:\program files (x86)\tiktok live studio\tiktok live studio.exe] => (Allow) C:\program files (x86)\tiktok live studio\tiktok live studio.exe (TikTok Pte. Ltd. -> TikTok Pte. Ltd.)
FirewallRules: [UDP Query User{25E67452-CBEF-4ED1-8FED-8C32CE485F75}C:\program files (x86)\tiktok live studio\tiktok live studio.exe] => (Allow) C:\program files (x86)\tiktok live studio\tiktok live studio.exe (TikTok Pte. Ltd. -> TikTok Pte. Ltd.)
FirewallRules: [{5AB1E10D-720C-48DF-8D2F-1511033E38C0}] => (Block) C:\program files (x86)\tiktok live studio\tiktok live studio.exe (TikTok Pte. Ltd. -> TikTok Pte. Ltd.)
FirewallRules: [{2951F1FE-13B8-4FD1-A606-E7D19600D5FB}] => (Block) C:\program files (x86)\tiktok live studio\tiktok live studio.exe (TikTok Pte. Ltd. -> TikTok Pte. Ltd.)
FirewallRules: [TCP Query User{042EF8BE-CCE2-4EC0-A475-91521F71231D}C:\program files (x86)\steam\steamapps\common\fifa 22\fifa22.exe] => (Block) C:\program files (x86)\steam\steamapps\common\fifa 22\fifa22.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{6906994E-58AD-49DE-AFD3-4B44E0CDF16B}C:\program files (x86)\steam\steamapps\common\fifa 22\fifa22.exe] => (Block) C:\program files (x86)\steam\steamapps\common\fifa 22\fifa22.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D2DEBE0C-68B8-4FEE-AAEB-7E935E8CB081}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33052A0C-EDC5-49CB-B8BF-FC9151CADA2F}] => (Allow) C:\Program Files\Epic Games\BreakpointDemo\GRB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8527F5C8-6896-4F46-B397-B9E14CBA34CA}] => (Allow) C:\Program Files\Epic Games\BreakpointDemo\GRB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{EEF3DF21-5B08-4DE5-97DC-5ACC9554BF8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{DCDB4165-8470-44F3-8EE5-6DE29518D4C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{EFEA80AF-1FEF-49FF-B1E1-ED0E9540FA18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3754834E-AEDA-4EF5-916D-3C7602E320B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFD238A3-C52B-4EB2-B490-547393A3FE05}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{175844A9-8F03-40FC-B901-B4C8E965275C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3662FDEC-3EED-409A-B357-C8678EA0D0A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{741D3600-6553-4ED9-9482-E87DD15AAB81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84D87BA0-3057-4B17-A7B9-019FB4990C50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{92CFE6AD-F7CD-4ADF-A701-70AB9BA8B653}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E94864F-349B-426B-B138-6733009E7AAF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{86790D3A-E08D-47CA-BA9D-355B6762ED5B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6665AF0D-65F3-4718-ADE2-78778B80B645}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA05DF4A-5959-41DA-A9B7-AA815E51A3B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F8F37518-B9FD-4524-862C-F498B69E07A8}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe () [File not signed]
FirewallRules: [UDP Query User{7D57B7A9-B78C-4564-8E14-4551CE01D2EE}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe () [File not signed]
FirewallRules: [{D21D6DA6-3E4C-42F3-89DA-D8FE1E42E1E7}] => (Block) C:\program files\epic games\thealtocollection\the alto collection.exe () [File not signed]
FirewallRules: [{7B9641C6-B20B-4967-953E-7BB7DB486AE6}] => (Block) C:\program files\epic games\thealtocollection\the alto collection.exe () [File not signed]
FirewallRules: [{6FC2BE0E-CA42-458E-99A9-AB4B1FBCF1AD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E7693291-789B-4B12-A2BB-6703A37BC09B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FED2F2AA-AFC8-4FA1-9BF4-3158D215745B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A61DB4BB-13F1-4ADC-A18D-102198A7FB3F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5B2950FC-CD95-43BD-AAF8-98E6038A2F20}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DE43D376-085C-48BD-8C9A-874B8086FFA8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BD105CCC-46D9-4EE3-8628-51D584AA472E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB3EB223-FC10-40FA-814B-A3982C5A9A77}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{68CF6F72-9B76-46CE-A2DD-A53FBB7C4204}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{03862DA3-2E31-4460-A35C-5D3001828707}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{03F490AB-0EB7-44D9-9C85-A83D05515E78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deepest Sword\Deepest Sword.exe () [File not signed]
FirewallRules: [{26B8B05F-EF42-40C4-88CE-E9D26A07AFD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deepest Sword\Deepest Sword.exe () [File not signed]
FirewallRules: [{ECD0F6E0-2E55-47DA-84AD-6B4D641D738F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E8E18393-BF9E-4AA5-A799-665139FF0705}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{AA32E10B-1B8C-49A2-B211-58450A1FC1C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{940DD853-BA42-4EA9-8807-3A96E62A915C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4CE7EDFA-4171-4609-94B3-0BCB2E8CFDD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ForzaHorizon5\ForzaHorizon5.exe (Microsoft Corporation -> )
FirewallRules: [{60F410DB-E872-457B-9883-FA4B99269784}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ForzaHorizon5\ForzaHorizon5.exe (Microsoft Corporation -> )
FirewallRules: [{0DCDC310-074D-434D-9E79-97DB32DFD50F}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{0A69FDDF-FF0C-425C-9EFC-17951CDD857F}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]

==================== Restore Points =========================

21-12-2022 11:16:33 Naplánovaný kontrolní bod
21-12-2022 11:54:19 Installed DaVinci Resolve
21-12-2022 16:54:11 Removed Blackmagic RAW Common Components
21-12-2022 16:55:19 Removed Blackmagic RAW Common Components
21-12-2022 16:55:35 Removed DaVinci Resolve Control Panels
29-12-2022 02:21:25 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/29/2022 04:32:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x638a3ce5
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2974
Čas spuštění chybující aplikace: 0x01d91b990ce74c16
Cesta k chybující aplikaci: C:\Program Files\Epic Games\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 0760747b-c0cb-4861-a526-3facdedd17f2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/29/2022 04:32:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x638a3ce5
Název chybujícího modulu: EOSSDK-Win64-Shipping.dll, verze: 1.13.0.0, časové razítko: 0x632212ba
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000024cb76
ID chybujícího procesu: 0x2974
Čas spuštění chybující aplikace: 0x01d91b990ce74c16
Cesta k chybující aplikaci: C:\Program Files\Epic Games\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: C:\Program Files\Epic Games\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
ID zprávy: 83f74040-f585-4369-8cbe-7a2c2270b578
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/28/2022 11:51:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ForzaHorizon5.exe, verze: 1.538.198.0, časové razítko: 0x00000000
Název chybujícího modulu: ForzaHorizon5.exe, verze: 1.538.198.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000053d8e7f
ID chybujícího procesu: 0x1cfc
Čas spuštění chybující aplikace: 0x01d91aa24a9ddc91
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\ForzaHorizon5\ForzaHorizon5.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\ForzaHorizon5\ForzaHorizon5.exe
ID zprávy: ca98356e-d0bb-4e84-a060-982fda9990d8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/28/2022 07:46:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x638a3ce5
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x3708
Čas spuštění chybující aplikace: 0x01d91a8792a5cd2f
Cesta k chybující aplikaci: C:\Program Files\Epic Games\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 19634a37-e7ef-442d-bad4-a904bea0de5e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/28/2022 07:46:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x638a3ce5
Název chybujícího modulu: EOSSDK-Win64-Shipping.dll, verze: 1.13.0.0, časové razítko: 0x632212ba
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000024cb76
ID chybujícího procesu: 0x3708
Čas spuštění chybující aplikace: 0x01d91a8792a5cd2f
Cesta k chybující aplikaci: C:\Program Files\Epic Games\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: C:\Program Files\Epic Games\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
ID zprávy: 067894c1-08d3-4b66-81c0-1929b651efb8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/27/2022 08:21:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: csgo.exe, verze: 0.0.0.0, časové razítko: 0x62745503
Název chybujícího modulu: tier0.dll, verze: 0.0.0.0, časové razítko: 0x627454ef
Kód výjimky: 0xc0000409
Posun chyby: 0x00029314
ID chybujícího procesu: 0xa8c
Čas spuštění chybující aplikace: 0x01d919c1c340e355
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
ID zprávy: 127af24c-606a-46d1-b3c3-c8813eb989ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/25/2022 07:23:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WindowsPackageManagerServer.exe verze 1.18.2209.26001 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1a9c

Čas spuštění: 01d918292c93bd69

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.18.2691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe

ID hlášení: 645a373d-cc40-4d42-94b6-8d04c3b8979f

Úplný název balíčku s chybou: Microsoft.DesktopAppInstaller_1.18.2691.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: winget

Typ zablokování: Quiesce

Error: (12/23/2022 01:11:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: gameinputsvc.exe, verze: 0.2210.22621.1863, časové razítko: 0x90d61c52
Název chybujícího modulu: gameinputsvc.exe, verze: 0.2210.22621.1863, časové razítko: 0x90d61c52
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004c9d
ID chybujícího procesu: 0x1f48
Čas spuštění chybující aplikace: 0x01d916c7a1b9381a
Cesta k chybující aplikaci: C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
ID zprávy: f7b501f2-766f-4f2b-a843-922cd7a0cbf2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/29/2022 03:44:02 PM) (Source: nvlddmkm) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/29/2022 03:44:01 PM) (Source: nvlddmkm) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/29/2022 03:44:01 PM) (Source: nvlddmkm) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/28/2022 10:40:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.

Error: (12/27/2022 12:28:35 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-OR2P7VG)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_44342aa.

Error: (12/27/2022 12:24:34 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-OR2P7VG)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.Internal.AppCaptureShell vypršel časový limit během čekání na zastavení služby BcastDVRUserService_44342aa.

Error: (12/24/2022 08:19:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OR2P7VG)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/24/2022 08:03:14 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:03:35, ‎24.‎12.‎2022) bylo neočekávané.


Windows Defender:
================
Date: 2022-12-28 21:42:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6201F326-6346-4AF5-8EAB-2CE5F3F66DA1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-27 21:43:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2AA30441-C207-4B6F-BE3C-5EBAF581BF90}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-22 13:15:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3655F50A-D629-4EA9-AA18-D84B24C40789}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-21 08:47:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {51E1FE1D-61B6-479C-A044-B64526AA99FE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-16 18:17:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E9DA2DCE-47E3-454B-9ED0-2522C65859BD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-12-27 09:32:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-14 18:16:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-05-28 07:18:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Salad\Salad.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.D0 12/31/2020
Motherboard: Micro-Star International Co., Ltd. MPG Z390 GAMING PLUS (MS-7B51)
Processor: Intel(R) Core(TM) i7-9700K CPU @ 3.60GHz
Percentage of memory in use: 35%
Total physical RAM: 16318.48 MB
Available physical RAM: 10551.43 MB
Total Virtual: 25264.4 MB
Available Virtual: 14523.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:93.93 GB) (Model: WDC WDS100T2B0C-00PXH0) NTFS
Drive d: () (Fixed) (Total:1863.02 GB) (Free:1753.26 GB) (Model: ST2000DM008-2FR102) NTFS

\\?\Volume{1f98215f-6337-48c0-9b16-f585a2fe41cc}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{23b89e46-f482-4a3b-a02b-472e289907c0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B86BD340)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.

==================== End of Addition.txt =======================

Zdravím!
Spustte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 29.12.22
Čas skenování: 21:26
Logovací soubor: 05ed2d84-87b7-11ed-8da6-2cf05d37eb2d.json

-Informace o softwaru-
Verze: 4.5.19.229
Verze komponentů: 1.0.1860
Aktualizovat verzi balíku komponent: 1.0.63997
Licence: Bezplatná

-Systémová informace-
OS: Windows 10 (Build 19044.2364)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-OR2P7VG\novak

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 364099
Zjištěné hrozby: 7
Hrozby umístěné do karantény: 0
Uplynulý čas: 1 min, 38 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 7
BitcoinMiner.Trojan.Miner.DDS, C:\USERS\SIMON\APPDATA\ROAMING\SALAD\PLUGIN-BIN\PHOENIXMINER-5.7B\PHOENIXMINER.EXE, Žádná uživatelská akce, 1000002, 0, 1.0.63997, 000000A600EE3C11EEA50899, dds, 02100604, D5D01D003F3A321ACF0506D53D8616E0, 3A1FA39B47697402DF3EAA56B0E765ADDEB83F244AEB80EE0BCD434AE98BA5C3
BitcoinMiner.Trojan.Miner.DDS, C:\USERS\SIMON\APPDATA\ROAMING\SALAD\PLUGIN-BIN\XMRIG-6.12.1\XMRIG-CUDA.DLL, Žádná uživatelská akce, 1000002, 0, 1.0.63997, 3BA66E071D22C0BA6433D0F3, dds, 02100604, F643EE8D5B05D0FCC910FA24BE022B66, D4183F41441B5A05B4FD60FC7B8F4A8F0A2D84B451D5DE115D62E6B87EA31FB1
BitcoinMiner.Trojan.Miner.DDS, C:\USERS\SIMON\APPDATA\ROAMING\SALAD\PLUGIN-BIN\XMRIG-6.12.1\XMRIG.EXE, Žádná uživatelská akce, 1000002, 0, 1.0.63997, D72E46FF5F023158E987BEFF, dds, 02100604, 184FB976A5E2FF8241F6D7799BA930BE, FD0F5B78BCC0C8C9690777F1BE1602F006E627FFF201B8111275A10EDFB76C83
BitcoinMiner.Trojan.Miner.DDS, C:\USERS\SIMON\APPDATA\ROAMING\SALAD\PLUGIN-BIN\XMRIG-6.16.2\XMRIG.EXE, Žádná uživatelská akce, 1000002, 0, 1.0.63997, 3FC397CD700604BFC41EF3EA, dds, 02100604, C717C47941C150F867CE6A62ED0D2D35, E8B2A8D0C3444C53F143D0B4BA87C23DD1B58B03FD0A6B1BCD6E8358E57807F1
BitcoinMiner.Trojan.Miner.DDS, C:\USERS\SIMON\APPDATA\ROAMING\SALAD\PLUGIN-BIN\XMRIG-6.16.3\XMRIG.EXE, Žádná uživatelská akce, 1000002, 0, 1.0.63997, DE32975D9A736F1B3428CD89, dds, 02100604, 2AA53527A98969FB35B9C0B523B3E34D, E50C41CF81E58C23B03795BA1630E15CB33A3DE5126EB44E40A67A6603976016
Neshta.Virus.FileInfector.DDS, C:\USERS\SIMON\APPDATA\ROAMING\SALAD\PLUGIN-BIN\XMRIG-6.16.4\XMRIG.EXE, Žádná uživatelská akce, 1000002, 0, 1.0.63997, 0F18E53F0D3D92D70A590437, dds, 02100604, 1925BA565905E6B0E6C2B2F55F9FEE96, F5BEF6ACE91110289A2977CFC9F4DBEC1E32FECDBE77326E8EFE7B353C58E639
BitcoinMiner.Trojan.Miner.DDS, C:\USERS\SIMON\APPDATA\ROAMING\SALAD\PLUGIN-BIN\XMRIG-6.17.0\XMRIG.EXE, Žádná uživatelská akce, 1000002, 0, 1.0.63997, E155567FBF03A8D66AE12BFE, dds, 02100604, 606CE310D75EE688CBFFAEAE33AB4FEE, 75F92B9A79C8F680CF1230653E3AE6C97D694AFC0F7EEC88F92CF6B6F3F38B50

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)








# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-29-2022
# Duration: 00:00:07
# OS: Windows 10 (Build 19044.2364)
# Scanned: 32082
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
Task: {06C55EBD-50BC-4D38-BC3D-B488C9696C16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-19] (Google LLC -> Google LLC)
Task: {1C588686-73E3-47B0-A6BA-493959E70850} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-19] (Google LLC -> Google LLC)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
C:\Windows\ZAM_Guard.krnl.trace
CustomCLSID: HKU\S-1-5-21-2694878751-39217375-5053309-1003_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => No File
FirewallRules: [TCP Query User{2DB47D5B-079A-4B39-B3BD-D86B58427EBD}C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6F009DC4-42D3-4FEA-9167-375BA62BDEC9}C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [{852E5CF9-D029-472E-B0FE-F111828203A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuysGameLauncher.exe => No File
FirewallRules: [{011DF5CE-7CF5-4D02-B142-45D09B963234}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuysGameLauncher.exe => No File
FirewallRules: [TCP Query User{AA7B6168-1B5D-4E7A-A567-A269F8FDE330}C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{1D85FFFC-20E8-4FE1-9782-B0691B9497E6}C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{08B59792-6B22-48A2-B830-D85F2EA855F4}C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{95901FAB-AD5B-4F31-B7B2-2060B5FF7E56}C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CEBC30E9-016C-4BB3-8A68-76749BAA63EF}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BAFD17EF-FAA8-4ECC-BD82-A25CCED0CFFE}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{872E3E95-5BA1-4DD1-8A02-3E98414D93C3}D:5\forzahorizon5.exe] => (Allow) D:5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{FA07F9A2-CB8A-4603-8FFE-C24AB2CBEEC0}D:5\forzahorizon5.exe] => (Allow) D:5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{4A8B20B2-BADB-48D2-84BE-6E6C4B54B3E3}C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{3FC45EE1-6E7D-44CD-AB52-FE49AE5E3D14}C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DE4A846D-E4E2-4C32-BBC9-F08D20C8E788}D:3\forzahorizon5.exe] => (Block) D:3\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{D5213611-A1AF-4BB7-B4F8-D1A52370EC32}D:3\forzahorizon5.exe] => (Block) D:3\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{2F59BAAF-3D65-41BD-9838-866012188F45}C:3\forzahorizon5.exe] => (Allow) C:3\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BB0E964A-8ECD-4C2A-911D-476E9F3DEDB7}C:3\forzahorizon5.exe] => (Allow) C:3\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{584DE1B9-B4A9-4BB2-946E-3422A2FF1FFC}C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{92F1EB3F-5260-492C-9927-6AAAF08887C9}C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{106191EB-2F41-4437-9175-058AAB00E073}C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{DE1A091D-769B-4236-AA63-A04CCCB4724A}C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8B94DD56-1213-448C-9713-4875B3580623}C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{F4492C6F-5E38-4BA0-8C39-D30F5BDF8A7A}C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{986402F8-32D4-4E6A-9D23-3C42B255FFAD}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe] => (Allow) C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe => No File
FirewallRules: [UDP Query User{3C087C23-81BF-4507-AB39-7528E80C2EC2}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe] => (Allow) C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe => No File
FirewallRules: [TCP Query User{9CAB706A-542A-4682-B508-A2D110487248}C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{D8BD6186-E36E-45BC-8042-35434814C6BA}C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{0DEACD1F-6C12-494D-873F-B4E8ED3133DE}C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{607121C6-6545-4675-881B-4E69744DB38E}C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8D00DA3B-02A6-4538-A6A6-90641D032803}C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{184E13B6-3EAA-4459-8907-35824B3028DB}C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [{50E155DE-5078-43F1-8029-692E28744472}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [TCP Query User{3E7E8600-73E3-4E13-974A-DE825946C152}C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FE4339F2-F027-4D6A-A072-8205BFB4BA34}C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{145D5589-697A-4A36-80F5-FF8372BC1F6B}C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{8C8CC202-80FE-4AE0-88D4-A2FCF629B024}C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{12EBAD78-A72C-4571-AADA-AB572A703BBD}C:\users\novak\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\novak\appdata\local\warthunder\launcher.exe => No File
FirewallRules: [UDP Query User{444AFF6F-8E8B-4C60-907E-102AF03379AE}C:\users\novak\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\novak\appdata\local\warthunder\launcher.exe => No File

EmptyTemp:
End

Uložte do C:\Users\novak\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by novak (02-01-2023 20:52:09) Run:1
Running from C:\Users\novak\Downloads
Loaded Profiles: novak & simon
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2694878751-39217375-5053309-1004\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
Task: {06C55EBD-50BC-4D38-BC3D-B488C9696C16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-19] (Google LLC -> Google LLC)
Task: {1C588686-73E3-47B0-A6BA-493959E70850} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-19] (Google LLC -> Google LLC)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
C:\Windows\ZAM_Guard.krnl.trace
CustomCLSID: HKU\S-1-5-21-2694878751-39217375-5053309-1003_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => No File
FirewallRules: [TCP Query User{2DB47D5B-079A-4B39-B3BD-D86B58427EBD}C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6F009DC4-42D3-4FEA-9167-375BA62BDEC9}C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [{852E5CF9-D029-472E-B0FE-F111828203A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuysGameLauncher.exe => No File
FirewallRules: [{011DF5CE-7CF5-4D02-B142-45D09B963234}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuysGameLauncher.exe => No File
FirewallRules: [TCP Query User{AA7B6168-1B5D-4E7A-A567-A269F8FDE330}C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{1D85FFFC-20E8-4FE1-9782-B0691B9497E6}C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{08B59792-6B22-48A2-B830-D85F2EA855F4}C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{95901FAB-AD5B-4F31-B7B2-2060B5FF7E56}C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CEBC30E9-016C-4BB3-8A68-76749BAA63EF}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BAFD17EF-FAA8-4ECC-BD82-A25CCED0CFFE}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{872E3E95-5BA1-4DD1-8A02-3E98414D93C3}D:5\forzahorizon5.exe] => (Allow) D:5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{FA07F9A2-CB8A-4603-8FFE-C24AB2CBEEC0}D:5\forzahorizon5.exe] => (Allow) D:5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{4A8B20B2-BADB-48D2-84BE-6E6C4B54B3E3}C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{3FC45EE1-6E7D-44CD-AB52-FE49AE5E3D14}C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Block) C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DE4A846D-E4E2-4C32-BBC9-F08D20C8E788}D:3\forzahorizon5.exe] => (Block) D:3\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{D5213611-A1AF-4BB7-B4F8-D1A52370EC32}D:3\forzahorizon5.exe] => (Block) D:3\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{2F59BAAF-3D65-41BD-9838-866012188F45}C:3\forzahorizon5.exe] => (Allow) C:3\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BB0E964A-8ECD-4C2A-911D-476E9F3DEDB7}C:3\forzahorizon5.exe] => (Allow) C:3\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{584DE1B9-B4A9-4BB2-946E-3422A2FF1FFC}C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{92F1EB3F-5260-492C-9927-6AAAF08887C9}C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{106191EB-2F41-4437-9175-058AAB00E073}C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{DE1A091D-769B-4236-AA63-A04CCCB4724A}C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8B94DD56-1213-448C-9713-4875B3580623}C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{F4492C6F-5E38-4BA0-8C39-D30F5BDF8A7A}C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{986402F8-32D4-4E6A-9D23-3C42B255FFAD}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe] => (Allow) C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe => No File
FirewallRules: [UDP Query User{3C087C23-81BF-4507-AB39-7528E80C2EC2}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe] => (Allow) C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe => No File
FirewallRules: [TCP Query User{9CAB706A-542A-4682-B508-A2D110487248}C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{D8BD6186-E36E-45BC-8042-35434814C6BA}C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{0DEACD1F-6C12-494D-873F-B4E8ED3133DE}C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{607121C6-6545-4675-881B-4E69744DB38E}C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8D00DA3B-02A6-4538-A6A6-90641D032803}C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{184E13B6-3EAA-4459-8907-35824B3028DB}C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [{50E155DE-5078-43F1-8029-692E28744472}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [TCP Query User{3E7E8600-73E3-4E13-974A-DE825946C152}C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FE4339F2-F027-4D6A-A072-8205BFB4BA34}C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{145D5589-697A-4A36-80F5-FF8372BC1F6B}C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{8C8CC202-80FE-4AE0-88D4-A2FCF629B024}C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{12EBAD78-A72C-4571-AADA-AB572A703BBD}C:\users\novak\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\novak\appdata\local\warthunder\launcher.exe => No File
FirewallRules: [UDP Query User{444AFF6F-8E8B-4C60-907E-102AF03379AE}C:\users\novak\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\novak\appdata\local\warthunder\launcher.exe => No File

EmptyTemp:
End

*****************

Processes closed successfully.
"HKU\S-1-5-21-2694878751-39217375-5053309-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Salad" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06C55EBD-50BC-4D38-BC3D-B488C9696C16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06C55EBD-50BC-4D38-BC3D-B488C9696C16}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C588686-73E3-47B0-A6BA-493959E70850}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C588686-73E3-47B0-A6BA-493959E70850}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\System\CurrentControlSet\Services\ZAM => removed successfully
ZAM => service removed successfully
C:\Windows\ZAM_Guard.krnl.trace => moved successfully
HKU\S-1-5-21-2694878751-39217375-5053309-1003_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2DB47D5B-079A-4B39-B3BD-D86B58427EBD}C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6F009DC4-42D3-4FEA-9167-375BA62BDEC9}C:\users\novak\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{852E5CF9-D029-472E-B0FE-F111828203A1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{011DF5CE-7CF5-4D02-B142-45D09B963234}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AA7B6168-1B5D-4E7A-A567-A269F8FDE330}C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1D85FFFC-20E8-4FE1-9782-B0691B9497E6}C:\users\novak\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{08B59792-6B22-48A2-B830-D85F2EA855F4}C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{95901FAB-AD5B-4F31-B7B2-2060B5FF7E56}C:\users\novak\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CEBC30E9-016C-4BB3-8A68-76749BAA63EF}D:4\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BAFD17EF-FAA8-4ECC-BD82-A25CCED0CFFE}D:4\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{872E3E95-5BA1-4DD1-8A02-3E98414D93C3}D:5\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FA07F9A2-CB8A-4603-8FFE-C24AB2CBEEC0}D:5\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4A8B20B2-BADB-48D2-84BE-6E6C4B54B3E3}C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3FC45EE1-6E7D-44CD-AB52-FE49AE5E3D14}C:\users\novak\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DE4A846D-E4E2-4C32-BBC9-F08D20C8E788}D:3\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D5213611-A1AF-4BB7-B4F8-D1A52370EC32}D:3\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2F59BAAF-3D65-41BD-9838-866012188F45}C:3\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BB0E964A-8ECD-4C2A-911D-476E9F3DEDB7}C:3\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{584DE1B9-B4A9-4BB2-946E-3422A2FF1FFC}C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{92F1EB3F-5260-492C-9927-6AAAF08887C9}C:\users\novak\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{106191EB-2F41-4437-9175-058AAB00E073}C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DE1A091D-769B-4236-AA63-A04CCCB4724A}C:\users\novak\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8B94DD56-1213-448C-9713-4875B3580623}C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F4492C6F-5E38-4BA0-8C39-D30F5BDF8A7A}C:\users\simon\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{986402F8-32D4-4E6A-9D23-3C42B255FFAD}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3C087C23-81BF-4507-AB39-7528E80C2EC2}C:\users\novak\appdata\roaming\salad\plugin-bin\phoenixminer-6.1b\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9CAB706A-542A-4682-B508-A2D110487248}C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D8BD6186-E36E-45BC-8042-35434814C6BA}C:\users\novak\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0DEACD1F-6C12-494D-873F-B4E8ED3133DE}C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{607121C6-6545-4675-881B-4E69744DB38E}C:\users\novak\.lunarclient\jre\1.19\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8D00DA3B-02A6-4538-A6A6-90641D032803}C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{184E13B6-3EAA-4459-8907-35824B3028DB}C:\users\novak\appdata\local\discord\app-1.0.9005\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50E155DE-5078-43F1-8029-692E28744472}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3E7E8600-73E3-4E13-974A-DE825946C152}C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FE4339F2-F027-4D6A-A072-8205BFB4BA34}C:\users\novak\.lunarclient\jre\1.8.9\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{145D5589-697A-4A36-80F5-FF8372BC1F6B}C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8C8CC202-80FE-4AE0-88D4-A2FCF629B024}C:\users\novak\.lunarclient\jre\adc7cd8d2afd8ed244be256dc065f7318c4882a5\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{12EBAD78-A72C-4571-AADA-AB572A703BBD}C:\users\novak\appdata\local\warthunder\launcher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{444AFF6F-8E8B-4C60-907E-102AF03379AE}C:\users\novak\appdata\local\warthunder\launcher.exe" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 216219062 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1420015000 B
Windows/system/drivers => 90767440 B
Edge => 0 B
Chrome => 2294698864 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 826686892 B
systemprofile32 => 826686892 B
LocalService => 826724424 B
NetworkService => 827405450 B
novak => 12276083738 B
simon => 12342701530 B

RecycleBin => 9624026 B
EmptyTemp: => 29.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:53:41 ====

Smazáno. Nastala nějaká změna?

Ano, znatelně se snížil výkon pc na ploše, i při jiných programech.
Děkuji moc

Nemáte zač!