VIRY.CZ

Ahoj. Moc prosím o kontrolu logu. Mám podezření na něco nekalého.
- Pokud je PC v klidu a nic na něm nedělám, po chvíli se rozjedou větráky a PC je mega hlučný.
- Jakmile započnu nějakou aktivitu (stačí zaktivovat myš), PC je OK.
- Pokud je zapnutý správce úloh, PC je v klidu a nic se na něm neprovádí, větráky jedou také normálně.
- Ve Windows defenderu nemohu povolit izolaci jádra.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2023 01
Ran by lisak (administrator) on VOUSATíR (Micro-Star International Co., Ltd MS-7C02) (15-05-2023 15:21:26)
Running from C:\Users\lisak\OneDrive\Plocha\FRST64.exe
Loaded Profiles: lisak
Platform: Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.14.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(Discord Inc. -> Discord Inc.) C:\Users\lisak\AppData\Local\Discord\app-1.0.9013\Discord.exe <6>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncHelper.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Skutta, Kristjan -> ) F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(sihost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] C:\Users\lisak\AppData\Roaming\NVIDIA\ComputeCache\MXWTPTTTYKDUYVXJ.exe <4>
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI Center\LAN Manager\MSI_LAN_Manager_Tool.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Speed Up\StorageMonitor.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1103480 2022-09-26] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [457872 2021-03-08] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [Discord] => C:\Users\lisak\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm.exe [522648 2023-01-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2602888 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [BitTorrent] => C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe [2677928 2023-01-30] (BitTorrent Inc -> BitTorrent Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3532928 2022-05-24] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [electron.app.Untapped.gg Companion] => C:\Users\lisak\AppData\Local\Programs\untapped-companion\Untapped.gg Companion.exe --autostart (No File)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [bt] => C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe [2677928 2023-01-30] (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7592400 2023-05-04] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5067224 2023-05-09] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1008\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2602888 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3731235652-646393183-1318076386-1008\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-21-3731235652-646393183-1318076386-1008\...\Run: [Discord] => C:\Users\Eve\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.93\Installer\chrmstp.exe [2023-05-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02AEC26B-3504-4012-AB62-D879A23E2F0A} - System32\Tasks\Opera scheduled Autoupdate 1587158667 => C:\Users\lisak\AppData\Local\Programs\Opera\launcher.exe--scheduledautoupdate $(Arg0)
Task: {0BAD41A4-2DF9-41C2-A83B-689A7F2D171B} - System32\Tasks\GoogleUpdateTaskMachineGDU => C:\WINDOWS\SysWOW64\XPSViewer\TasksG\G-1-52-53\TG_1.3.34.62.exe-in 312d354046abf7fa749f62a857e4c6e8 726a58a6f896e83a7f2dd409310d98f2 -in 312d354046abf7fa749f62a857e4c6e8 726a58a6f896e83a7f2dd409310d98f2 (Access Denied) <==== ATTENTION <==== ATTENTION
Task: {0DFE7EFE-04BD-4DE7-96B5-DFBD3C3C21AD} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2463840 2023-04-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {103F4520-1463-43B4-A16A-BD1683A301EE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11B966E7-2EFB-4F31-ABF2-B888DC318D18} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {12F942D3-19A8-4B3E-9363-D81F382D53DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {14B0071A-D159-47ED-9B0F-4F0D44D9988A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196744 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {19632E62-C41E-4507-8F60-D17E8A81C937} - System32\Tasks\MXWTPTTTYKDUYVXJ_run => C:\Users\lisak\AppData\Roaming\NVIDIA\ComputeCache\MXWTPTTTYKDUYVXJ.exe [368640 2023-03-08] (Microsoft Corporation) [File not signed]
Task: {1CF7D586-3399-40D3-AD0B-A8D7CD801CAD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {333E828D-86CF-4D2A-80D0-95D312D25792} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3F3C2B74-E198-4553-B94E-E84D75C658EA} - System32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A} => C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe/i "C:\Users\lisak\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi" AI_SETUPEXEPATH="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe" SETUPEXEDIR="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\" ADDLOCAL=MainFeature,MicrosoftVisualC (the data entry has 820 more characters).
Task: {3FB26A9B-EB02-4338-A62C-02B8D6F98623} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exeDetect_Monitor
Task: {440684BF-F59F-45BD-B848-A34D67F8F918} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exeDetect_DisplayID
Task: {556602EB-BBCE-4F72-8B26-06FC60CD5016} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe/RunOnAC ReadyToReboot
Task: {55812B74-70E5-4942-AA98-D06F6CAB3D9F} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {68E89026-E923-4464-94C0-506992DD9EF1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3731235652-646393183-1318076386-1008 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196744 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DFB4993-3E1C-4CC8-80A4-8E538DFE8B66} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93FDF6A8-1FF8-4595-AF0B-94B19DD1C59A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {95FED327-0ADC-4F4A-AFED-CDD7FF93560E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exeLogonUpdateResults
Task: {A382A8FB-0228-47C1-AEDE-761D54E3189A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {ADA36804-5451-42E5-9726-DAB09805775C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {B6E94F0D-5D2E-4414-8C08-7CCCFDA9C4DE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7C6BD6D-0BD9-4C6B-92EB-D1520BB96C43} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BA53116A-E90F-4E57-AE8F-F458897C6889} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD0854B6-054B-4266-A761-9EECF3118B01} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {C98A1FDA-0998-4824-B82C-EC50A3D1212B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBD90A96-6915-4292-BAB0-B6BBB0969394} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CD9B37BE-92EB-43D4-ABB6-D02D1DDAA327} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-17] (Google LLC -> Google LLC)
Task: {D225D0C2-9E7E-4233-B601-15207068F913} - System32\Tasks\Opera scheduled assistant Autoupdate 1587158673 => C:\Users\lisak\AppData\Local\Programs\Opera\launcher.exe--scheduledautoupdate --component-name=assistant --component-path="C:\Users\lisak\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {DA73C9DB-2D10-462A-A3E0-3C5A551ADC4C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBD65D62-8F6C-4E85-A09D-D98BBE077883} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe/RunOnBattery ReadyToReboot
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {ECD8D9DF-2C45-441B-BC18-DF1F508748E1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3731235652-646393183-1318076386-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196744 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9CD1F0B-F374-48B7-8077-3BBFAC0FBE2A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD21E163-312B-47B5-BC44-CFE73D879D98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-17] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exeѡ/i C:\Users\lisak\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe SETUPEXEDIR=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=E:\ AI_PREREQFILES=C:\Users\lisak\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64_14_29_30135.exe AI_PREREQDIRS=C:\Users\lisak\AppData\Roaming AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x64 AI_SETUPEXEPATH=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe SETUPEXEDIR=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2022-01-27T09:42:19.0008433Z TARGETLOCKED=TRUE TARGETDIR=E:\ APPDIR=C:\Program Files\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{33d86b26-5369-432c-b54d-fbd5d1037999}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6fbe3e34-d7e8-4bf9-98c1-d265f04eaa8e}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8880da3b-0623-4751-98ff-80e71a2063e0}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{cb625c51-155e-4373-92f6-fec651f3682a}: [DhcpNameServer] 172.20.10.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-15]
Edge DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}&sourceid=62744&thru=quicksearch
Edge DefaultSearchKeyword: Default -> seznam
Edge DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
Edge Extension: (Ochrana Kaspersky) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-04-19]
Edge Extension: (Seznam doplněk - Email) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2023-04-01]
Edge Extension: (BetterTTV) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2023-04-21]
Edge Extension: (Edge relevant text changes) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-26]
Edge Extension: (Seznam.cz) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-04-19]
Edge HKU\S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-3731235652-646393183-1318076386-1008\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: hntpunyv.default
FF ProfilePath: C:\Users\lisak\AppData\Roaming\Mozilla\Firefox\Profiles\hntpunyv.default [2021-01-08]
FF ProfilePath: C:\Users\lisak\AppData\Roaming\Mozilla\Firefox\Profiles\tl3qtz7n.default-release [2023-04-23]
FF Notifications: Mozilla\Firefox\Profiles\tl3qtz7n.default-release -> hxxp://brnocon.cz
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2021-03-07] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3731235652-646393183-1318076386-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\lisak\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-31] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-01-11] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-01-11] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default [2023-05-15]
CHR DownloadDir: C:\Users\lisak\Downloads
CHR Notifications: Default -> hxxps://insider.razer.com; hxxps://kytary.cz; hxxps://wpnull.org; hxxps://www.chess.com; hxxps://www.facebook.com; hxxps://www.g2a.com; hxxps://www.netflix.com; hxxps://www.reddit.com; hxxps://www.wish.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}&sourceid=62744&thru=quicksearch
CHR DefaultSearchKeyword: Default -> seznam
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Torrent Scanner) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-02-28]
CHR Extension: (Ochrana Kaspersky) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-04-19]
CHR Extension: (BetterTTV) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-04-21]
CHR Extension: (Dark Theme for Google Chrome) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2022-05-11]
CHR Extension: (Seznam doplněk - Email) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2023-03-31]
CHR Extension: (Return YouTube Dislike) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-05-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-21]
CHR Extension: (Beyond 20) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnblbpbepfbfmoobegdogkglpbhcjofh [2022-11-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam.cz) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-05-13]
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-31]
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-31]
CHR Extension: (Safe Torrent Scanner) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-10-30]
CHR Extension: (Ochrana Kaspersky) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-10-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-30]
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-01-05]
CHR Extension: (Safe Torrent Scanner) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-01-05]
CHR Extension: (Ochrana Kaspersky) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-01-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-05]
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-31]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2021-06-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2023-04-30] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-02-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncHelper.exe [3445624 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_service_10.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe [520600 2023-01-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
S3 KSDE5.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe [644264 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [70776 2023-03-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150176 2022-08-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe [140528 2022-05-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe [37104 2022-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [34032 2022-05-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NativePushService; C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.086.0423.0001\OneDriveUpdaterService.exe [3781496 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [148024 2023-05-10] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [514616 2023-05-10] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2030624 2022-05-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [464416 2022-05-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1351744 2022-06-03] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [299136 2022-05-24] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [534440 2022-04-28] (Razer USA Ltd. -> Razer Inc.)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-12-27] (Twitch Interactive, Inc. -> )
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-09-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 Wallpaper Engine Service; F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [520288 2021-03-01] (Skutta, Kristjan -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 EpicOnlineServices; "C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26168 2021-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [713240 2023-03-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1779264 2023-03-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [235720 2023-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [353896 2023-03-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [350352 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [179320 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [259488 2023-03-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [28480 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [75280 2021-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2021-06-28] (Oculus VR, LLC -> Facebook Inc.)
S3 R0RazerSynapseService; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.sys [14544 2022-06-09] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_400a42c66fb0e159\rt68cx21x64.sys [598976 2022-01-17] (Realtek Semiconductor Corp. -> Realtek)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\WINDOWS\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_025d; C:\WINDOWS\System32\drivers\RzDev_025d.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0c02; C:\WINDOWS\System32\drivers\RzDev_0c02.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2023-03-08] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-26] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [86016 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-09-21] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S1 nkcbypws; \??\C:\WINDOWS\system32\drivers\nkcbypws.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-15 15:18 - 2023-05-15 15:18 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-15 15:18 - 2023-05-15 15:18 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-15 15:11 - 2023-05-15 15:11 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-05-15 12:07 - 2023-05-15 12:07 - 000016242 _____ C:\Users\lisak\Downloads\priloha_1189669531_0_notifikace.pdf
2023-05-13 13:06 - 2023-05-13 14:38 - 000000000 ____D C:\Users\lisak\Downloads\CONAN
2023-05-11 21:35 - 2023-05-11 21:35 - 000003176 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2023-05-11 21:35 - 2023-05-11 21:35 - 000000000 ____D C:\Program Files\WD
2023-05-11 21:35 - 2023-05-11 21:35 - 000000000 ____D C:\Program Files\Verbatim
2023-05-11 21:35 - 2023-05-11 21:35 - 000000000 ____D C:\Program Files\ENE
2023-05-11 21:32 - 2022-05-16 17:23 - 000013576 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\acpimof.dll
2023-05-10 07:16 - 2023-05-10 07:16 - 000000000 ___HD C:\$WinREAgent
2023-05-09 07:49 - 2023-05-09 07:49 - 008634208 _____ C:\Users\lisak\Downloads\V5_Startovaci_sada.rar
2023-05-09 07:26 - 2023-05-09 07:26 - 001745245 ____N C:\WINDOWS\Minidump\050923-10281-01.dmp
2023-05-04 21:50 - 2023-04-26 18:47 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-05-04 21:50 - 2023-04-26 18:47 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-05-04 21:50 - 2023-04-26 18:47 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-05-04 21:50 - 2023-04-26 18:47 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-05-04 21:50 - 2023-04-26 18:47 - 001479216 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-05-04 21:50 - 2023-04-26 18:47 - 001479216 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-05-04 21:50 - 2023-04-26 18:47 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-05-04 21:50 - 2023-04-26 18:47 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-05-04 21:50 - 2023-04-26 18:46 - 001226736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 001194480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 000851968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 000671256 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 000506352 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 002166296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 001621016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 000979456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 000758768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 000741400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-05-04 21:50 - 2023-04-26 18:41 - 013769216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 011650048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 006083568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 005911024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 005835288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 000457712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-05-04 21:50 - 2023-04-26 18:40 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-05-04 21:50 - 2023-04-26 01:34 - 000104369 _____ C:\WINDOWS\system32\nvinfo.pb
2023-05-04 21:46 - 2023-05-04 21:46 - 000003226 _____ C:\Users\lisak\Downloads\Karsus lore.txt
2023-05-03 09:35 - 2023-05-09 07:26 - 000000000 ____D C:\WINDOWS\Minidump
2023-05-03 09:35 - 2023-05-03 09:35 - 002258109 ____N C:\WINDOWS\Minidump\050323-10046-01.dmp
2023-05-02 13:28 - 2023-05-02 13:28 - 000001062 _____ C:\Users\lisak\Downloads\art.txt
2023-04-19 23:04 - 2023-04-19 23:04 - 002985547 _____ C:\Users\lisak\Downloads\elementor-pro-v3.12.2.zip
2023-04-19 19:33 - 2023-04-30 19:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-19 19:03 - 2023-04-19 19:03 - 000164548 _____ C:\Users\lisak\Downloads\UrlShortener-REL1_39-4e5ddb1.tar.gz
2023-04-19 18:47 - 2023-04-19 18:47 - 000004508 _____ C:\Users\lisak\Downloads\LocalSettings.php
2023-04-19 17:16 - 2023-04-19 17:18 - 000000000 ____D C:\Users\lisak\Downloads\mediawiki-1.39.3
2023-04-19 13:40 - 2023-04-19 13:41 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2023-04-19 13:39 - 2023-04-19 13:39 - 002469680 _____ C:\Users\lisak\Downloads\151191926-history-glory-stinger-logo.wav
2023-04-19 12:30 - 2023-04-19 23:08 - 000000056 _____ C:\Users\lisak\Downloads\SG.txt
2023-04-19 12:25 - 2023-04-19 12:26 - 068005968 _____ C:\Users\lisak\Downloads\mediawiki-1.39.3.zip
2023-04-19 11:01 - 2023-04-19 11:01 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity
2023-04-19 11:00 - 2023-04-19 11:00 - 000527423 _____ ( ) C:\Users\lisak\Downloads\Lame_v3.99.3_for_Windows.exe
2023-04-19 11:00 - 2023-04-19 11:00 - 000202295 _____ C:\Users\lisak\Downloads\libmp3lame-win-3.99.3.zip
2023-04-19 10:59 - 2023-04-19 10:59 - 000000000 ____D C:\Program Files\Audacity
2023-04-19 10:57 - 2023-04-19 10:58 - 014392168 _____ (Audacity Team ) C:\Users\lisak\Downloads\audacity-win-3.2.5-x64.exe
2023-04-19 10:55 - 2023-04-19 14:00 - 000000000 ____D C:\Users\lisak\Downloads\Adobe Photoshop Lightroom Classic 2023
2023-04-19 10:42 - 2023-04-19 10:42 - 000092380 _____ C:\Users\lisak\Downloads\takeout-20230419T084149Z-001.zip
2023-04-19 03:18 - 2023-04-19 03:18 - 1411934879 _____ C:\Users\lisak\Downloads\ND 01B.mp4
2023-04-19 02:17 - 2023-04-19 17:11 - 000000000 ____D C:\Users\lisak\Documents\ND (converted)_AME
2023-04-19 01:26 - 2023-04-19 17:12 - 000432277 _____ C:\Users\lisak\Documents\ND (converted).aep
2023-04-19 01:18 - 2023-04-19 01:18 - 000000000 ____D C:\ProgramData\Red Giant
2023-04-19 01:18 - 2023-04-19 01:18 - 000000000 ____D C:\Program Files\Red Giant
2023-04-19 01:15 - 2023-04-19 01:18 - 000000000 ____D C:\Program Files\Maxon Cinema 4D 2023
2023-04-19 01:15 - 2023-04-19 01:15 - 000001256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2023.lnk
2023-04-18 22:25 - 2023-04-18 22:25 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2023.lnk
2023-04-18 19:59 - 2023-04-18 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
2023-04-18 19:59 - 2023-04-18 19:59 - 000000000 ____D C:\Program Files (x86)\QuickTime Alternative
2023-04-18 19:59 - 2010-03-17 22:53 - 000180224 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QTCF.dll
2023-04-18 19:59 - 2010-03-17 22:53 - 000094208 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QuickTimeVR.qtx
2023-04-18 19:59 - 2010-03-17 22:53 - 000069632 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QuickTime.qts
2023-04-18 17:16 - 2023-04-19 14:50 - 000000000 ____D C:\Users\lisak\Documents\Adobe After Effects Auto-Save
2023-04-18 17:13 - 2023-04-18 22:36 - 000390009 _____ C:\Users\lisak\Documents\ND.aep
2023-04-18 15:26 - 2023-04-18 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon
2023-04-18 15:25 - 2023-04-18 15:26 - 000000000 ____D C:\Program Files\Maxon Cinema 4D R22
2023-04-18 14:56 - 2023-04-18 14:56 - 000000000 ____D C:\Users\lisak\AppData\LocalLow\BitTorrent.WebView2
2023-04-18 14:43 - 2023-04-18 14:43 - 000010742 _____ C:\Users\lisak\Downloads\AudioWaveformVisualizer.setting
2023-04-18 13:12 - 2023-04-18 13:16 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Wondershare
2023-04-18 13:11 - 2023-04-18 14:36 - 000000000 ____D C:\Users\lisak\AppData\Local\Wondershare
2023-04-18 13:11 - 2023-04-18 14:36 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2023-04-18 13:11 - 2023-04-18 13:17 - 000000000 ____D C:\ProgramData\Wondershare
2023-04-18 13:11 - 2023-04-18 13:11 - 000000000 ____D C:\Users\lisak\Documents\Wondershare
2023-04-18 13:07 - 2023-04-18 13:12 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-04-18 11:52 - 2023-04-18 11:52 - 000002139 _____ C:\Users\lisak\Downloads\ReactorInstallLog.txt
2023-04-18 11:50 - 2023-04-18 11:50 - 000044914 _____ C:\Users\lisak\Downloads\Reactor-Installer.lua
2023-04-18 00:26 - 2023-04-18 00:26 - 005433979 _____ C:\Users\lisak\Downloads\pravidla_grafika.pdf
2023-04-18 00:26 - 2023-04-18 00:26 - 000946569 _____ C:\Users\lisak\Downloads\katy_postav.pdf
2023-04-18 00:26 - 2023-04-18 00:26 - 000662328 _____ C:\Users\lisak\Downloads\pravidla_tisk.pdf
2023-04-18 00:26 - 2023-04-18 00:26 - 000406568 _____ C:\Users\lisak\Downloads\Demoni_tisk.pdf
2023-04-18 00:26 - 2023-04-18 00:26 - 000367954 _____ C:\Users\lisak\Downloads\virovy_tisk.pdf
2023-04-16 09:41 - 2023-04-16 09:41 - 000030233 _____ C:\Users\lisak\Downloads\692156ac6cf239062e8a44eaea4bed8f3739b076402f6ccb52be4d976aa00b0c-2023-04-15-21-52-21.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-15 15:21 - 2021-01-07 12:30 - 000000000 ____D C:\FRST
2023-05-15 15:18 - 2022-10-27 10:26 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-15 15:18 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-05-15 15:13 - 2020-04-17 00:08 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-15 15:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-05-15 15:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-15 15:12 - 2020-04-16 23:56 - 000000000 ____D C:\Users\lisak\AppData\Roaming\discord
2023-05-15 15:12 - 2020-04-16 23:56 - 000000000 ____D C:\Users\lisak\AppData\Local\Discord
2023-05-15 15:12 - 2020-04-16 23:50 - 000000000 ___RD C:\Users\lisak\OneDrive
2023-05-15 15:11 - 2022-10-27 10:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-15 15:11 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-15 15:11 - 2021-06-28 18:47 - 000000000 ____D C:\Users\lisak\AppData\Local\Oculus
2023-05-15 15:11 - 2020-04-17 00:40 - 000000000 ____D C:\MSI
2023-05-15 15:11 - 2020-04-17 00:11 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-15 15:10 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-05-15 15:05 - 2020-04-16 23:48 - 000000000 ____D C:\Users\lisak\AppData\Local\Packages
2023-05-15 15:02 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-15 14:53 - 2022-10-27 10:18 - 000000000 ____D C:\Users\lisak
2023-05-15 14:53 - 2020-04-17 07:01 - 000000000 ____D C:\Program Files (x86)\Steam
2023-05-15 14:47 - 2020-09-20 10:02 - 000000000 ____D C:\Users\lisak\AppData\Local\D3DSCache
2023-05-15 09:06 - 2021-12-05 21:48 - 000000000 ____D C:\Users\lisak\AppData\Roaming\FuncomLauncher
2023-05-15 08:52 - 2022-10-27 10:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-14 19:14 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-14 14:15 - 2020-04-18 00:14 - 000000000 ____D C:\Users\lisak\AppData\Local\CrashDumps
2023-05-13 18:52 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-05-13 17:53 - 2020-04-17 07:05 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-05-13 13:06 - 2020-05-07 16:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-05-13 13:05 - 2020-06-10 21:17 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-13 13:04 - 2022-10-26 22:35 - 000079312 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-05-13 13:04 - 2022-10-26 22:35 - 000062968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-05-13 13:04 - 2021-11-19 18:45 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-05-13 13:04 - 2020-05-25 10:16 - 000488912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-05-13 13:04 - 2020-04-17 02:12 - 002794960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-05-13 13:04 - 2020-04-17 02:12 - 000247248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2023-05-13 13:04 - 2020-04-17 02:12 - 000202192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-05-13 13:04 - 2020-04-17 02:12 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-05-12 09:49 - 2022-10-27 10:25 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 09:49 - 2022-10-27 10:25 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-11 21:48 - 2020-04-17 00:08 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-11 21:35 - 2020-04-17 00:36 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-11 21:34 - 2020-04-17 00:39 - 000000000 ____D C:\Program Files (x86)\MSI
2023-05-11 21:34 - 2020-04-16 23:32 - 000000000 ____D C:\ProgramData\Packages
2023-05-11 21:32 - 2020-04-17 00:39 - 000000000 ____D C:\Users\lisak\AppData\Local\Downloaded Installations
2023-05-11 21:32 - 2020-04-17 00:36 - 000000000 ____D C:\Program Files\AMD
2023-05-11 21:30 - 2022-10-27 10:18 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Windows
2023-05-11 21:30 - 2020-04-17 00:40 - 000000000 ____D C:\ProgramData\MSI
2023-05-11 21:28 - 2020-04-17 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-05-11 21:28 - 2020-04-17 00:18 - 000000000 ____D C:\Program Files\CPUID
2023-05-11 21:27 - 2020-04-17 00:33 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-05-11 18:27 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-05-11 18:21 - 2020-12-29 22:24 - 000000000 ____D C:\Users\lisak\AppData\Roaming\vlc
2023-05-10 19:50 - 2020-05-07 16:37 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Word
2023-05-10 19:47 - 2022-10-27 10:25 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-10 19:47 - 2022-10-11 19:27 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-10 19:35 - 2021-06-28 19:25 - 000000000 ____D C:\Program Files\Oculus
2023-05-10 19:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-10 19:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-05-10 19:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-10 19:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-10 07:17 - 2022-10-27 10:19 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-10 07:13 - 2020-04-16 23:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-10 07:11 - 2020-04-16 23:59 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-10 05:41 - 2022-10-27 10:17 - 000349944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-10 05:40 - 2022-05-07 12:05 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-10 05:40 - 2022-05-07 12:05 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-05-09 19:10 - 2022-05-07 12:14 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-05-09 19:10 - 2022-05-07 12:14 - 000023775 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-05-09 17:31 - 2022-09-26 21:47 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-05-09 07:27 - 2022-10-27 10:25 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3731235652-646393183-1318076386-1008
2023-05-09 07:27 - 2022-10-27 10:25 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3731235652-646393183-1318076386-1001
2023-05-09 07:27 - 2022-10-27 10:25 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-05-09 07:27 - 2022-09-26 21:47 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-08 14:01 - 2020-09-20 01:04 - 000012288 ___SH C:\DumpStack.log.tmp
2023-05-05 22:06 - 2020-04-18 19:06 - 000000000 ____D C:\Users\lisak\AppData\Roaming\audacity
2023-05-05 21:03 - 2021-11-21 17:03 - 000000000 ____D C:\Users\lisak\Documents\Zvukové záznamy
2023-05-05 21:01 - 2021-07-01 23:12 - 000000000 ____D C:\Users\lisak\AppData\Roaming\com.spitfireaudio
2023-05-05 12:34 - 2020-04-17 07:25 - 000000000 ____D C:\Users\lisak\AppData\Local\BattlEye
2023-05-05 09:30 - 2020-04-21 11:40 - 000000000 ____D C:\Users\lisak\AppData\Local\NVIDIA
2023-05-04 10:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-05-03 09:38 - 2021-07-05 20:34 - 000000000 ____D C:\Users\lisak\AppData\Local\DBG
2023-05-03 01:08 - 2021-02-21 20:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-04-30 19:01 - 2020-05-07 17:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-28 01:18 - 2020-04-19 19:18 - 000000000 ____D C:\Users\lisak\AppData\Roaming\obs-studio
2023-04-26 18:46 - 2023-03-09 21:40 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-04-26 18:41 - 2023-03-09 21:40 - 003430448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-04-26 18:39 - 2023-03-09 21:40 - 006798792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-04-26 18:39 - 2022-10-06 15:44 - 007935568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-04-25 14:42 - 2022-10-27 10:25 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-25 14:42 - 2022-10-27 10:25 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-23 19:18 - 2022-02-10 22:04 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-19 19:55 - 2020-05-07 17:31 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-19 19:27 - 2020-05-07 17:31 - 000000000 ____D C:\Users\lisak\AppData\LocalLow\Mozilla
2023-04-19 12:09 - 2020-12-29 19:01 - 000000000 ____D C:\Users\lisak\AppData\Roaming\BitTorrent
2023-04-19 11:22 - 2022-09-02 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2023-04-19 11:22 - 2022-09-02 13:32 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2023-04-19 11:00 - 2015-02-15 11:03 - 000421888 _____ C:\Users\lisak\Documents\lame_enc.dll
2023-04-19 10:59 - 2020-04-18 19:06 - 000000871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2023-04-19 10:59 - 2020-04-18 19:06 - 000000000 ____D C:\Users\lisak\AppData\Local\Audacity
2023-04-19 10:55 - 2020-04-17 23:25 - 000000000 ____D C:\Users\lisak\AppData\Local\BitTorrentHelper
2023-04-19 10:54 - 2020-04-21 11:38 - 000000000 ____D C:\Program Files\Adobe
2023-04-19 10:54 - 2020-04-16 23:48 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Adobe
2023-04-19 01:20 - 2023-02-14 22:26 - 000000000 ____D C:\Users\lisak\Downloads\Crusaders
2023-04-19 01:20 - 2020-04-21 11:38 - 000000000 ____D C:\ProgramData\Adobe
2023-04-19 01:20 - 2020-04-21 11:38 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-04-19 01:16 - 2022-09-15 09:22 - 000000000 ____D C:\Users\lisak\AppData\Roaming\com.adobe.dunamis
2023-04-19 01:16 - 2021-09-29 12:59 - 000000000 ____D C:\Users\lisak\Documents\Adobe
2023-04-19 01:15 - 2022-01-04 21:38 - 000000000 ____D C:\Users\Public\Documents\Adobe
2023-04-19 00:52 - 2020-04-21 11:38 - 000000000 ____D C:\Users\lisak\AppData\Local\Adobe
2023-04-18 22:42 - 2020-04-16 23:53 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-04-18 21:29 - 2020-04-21 11:38 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-04-18 19:59 - 2020-12-27 16:05 - 000000000 ____D C:\ProgramData\Apple Computer
2023-04-15 11:59 - 2020-05-07 16:37 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Office
2023-04-15 11:32 - 2023-04-14 18:22 - 000472269 _____ C:\Users\lisak\Downloads\Helheim.pdf

==================== Files in the root of some directories ========

2020-12-30 20:35 - 2020-12-30 20:35 - 000000016 _____ () C:\Users\lisak\AppData\Roaming\obs-virtualcam.txt
2020-04-24 01:20 - 2023-03-08 15:47 - 000008227 _____ () C:\Users\lisak\AppData\Roaming\VoiceMeeterDefault.xml
2022-03-25 21:06 - 2022-03-25 21:07 - 000001480 _____ () C:\Users\lisak\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-10-04 00:55 - 2022-01-29 00:22 - 000007639 _____ () C:\Users\lisak\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by lisak (15-05-2023 15:23:27)
Running from C:\Users\lisak\OneDrive\Plocha
Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) (2022-10-27 08:25:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3731235652-646393183-1318076386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3731235652-646393183-1318076386-503 - Limited - Disabled)
Eve (S-1-5-21-3731235652-646393183-1318076386-1008 - Limited - Enabled) => C:\Users\Eve
Guest (S-1-5-21-3731235652-646393183-1318076386-501 - Limited - Disabled)
lisak (S-1-5-21-3731235652-646393183-1318076386-1001 - Administrator - Enabled) => C:\Users\lisak
WDAGUtilityAccount (S-1-5-21-3731235652-646393183-1318076386-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe After Effects 2023 (HKLM-x32\...\AEFT_23_1) (Version: 23.1 - Adobe Inc.)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated)
Adobe Media Encoder 2023 (HKLM-x32\...\AME_23_0_1) (Version: 23.0.1 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD Product Verification Tool version 1.0.6.0 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.6.0 - AMD)
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.22.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.36 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{8de7ed70-e784-45ea-951c-088ea579e49a}) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Audacity 3.2.5 (64bitový) (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team)
Balanced (HKLM-x32\...\{24819F88-1B0B-4808-9982-5DC9C4AC7FA6}) (Version: 5.00.0000 - Advanced Micro Devices, Inc.) Hidden
Balíček ovladače systému Windows - Canon U.S.A., Inc. (WUDFRd) Camera (10/08/2020 12.33.19.728) (HKLM\...\45FEB4F1B965D5CBFE7F81E714112E1F1ABDB5FF) (Version: 10/08/2020 12.33.19.728 - Canon U.S.A., Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\BitTorrent) (Version: 7.11.0.46673 - BitTorrent Inc.)
BitTorrent Web (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\btweb) (Version: 1.1.1 - BitTorrent, Inc.)
Blackmagic RAW Common Components (HKLM\...\{BF73F11D-8A70-438B-A357-38E1F1A62164}) (Version: 2.8 - Blackmagic Design)
CPUID CPU-Z MSI 2.03 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 2.03 - CPUID, Inc.)
CPUID HWMonitor 1.46 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.46 - CPUID, Inc.)
DaVinci Resolve (HKLM\...\{7A0D85EC-72B0-4060-943C-169B1EF74C62}) (Version: 18.1.40009 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7FA59352-9416-49BB-A98F-FDF3C95C8214}) (Version: 2.0.6.0 - Blackmagic Design)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-3731235652-646393183-1318076386-1008\...\Discord) (Version: 0.0.308 - Discord Inc.)
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
EOS Webcam Utility (HKLM\...\{8D5BC29A-769E-4EBE-8ECD-7DF1A02A0563}) (Version: 1.1.4 - Canon U.S.A., Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{79170B44-F4C8-4EFA-8B53-B654EA341DEB}) (Version: 2.0.30.0 - Epic Games, Inc.)
Express Courier Beta verze 0.5.4 (HKLM-x32\...\{56224C24-4579-4A63-80E2-18284A0990F7}_is1) (Version: 0.5.4 - Simopt, s.r.o.)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fronimo 3.0 (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Fronimo 3.0) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.93 - Google LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{98FA95F2-1EFE-447F-AEBD-9AC235A57624}) (Version: 10.3.0.340 - Kaspersky) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{98FA95F2-1EFE-447F-AEBD-9AC235A57624}) (Version: 10.3.0.340 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky)
Kontakt 6 PORTABLE (HKLM\...\{9380734D-6F66-4F76-A7D3-6D117FAA4773}_is1) (Version: 6.5.3 - Native Instruments)
Kontrola stavu osobního počítače s Windows (HKLM\...\{659D4AA6-69A7-4281-B320-90E7E2F21530}) (Version: 2.3.2106.25001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LuteScribe (HKLM-x32\...\{43EEEC5D-DD3F-4C6A-BB81-44B4BBD08721}) (Version: 1.2.2 - Orlando Lutes)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v2023.0.0) (Version: - Maxon Computer GmbH)
Maxon Cinema 4D 2023 (HKLM\...\Maxon Cinema 4D 2023) (Version: 2023 - Maxon)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Microsoft .NET Core Host - 2.0.9 (x64) (HKLM\...\{0B28A1DB-A543-45FB-8767-DF71EE5A9323}) (Version: 16.36.26615 - Microsoft Corporation) Hidden
Microsoft .NET Core Host - 3.1.8 (x64) (HKLM\...\{D375EE6D-18EF-4EC9-8260-555DEB0EE4EC}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 2.0.9 (x64) (HKLM\...\{5ABDD743-82EB-444C-913F-F2BC033AEAE6}) (Version: 16.36.26615 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.8 (x64) (HKLM\...\{907E0A78-B4DF-4E35-9878-FEE2F22B6852}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 2.0.9 (x64) (HKLM\...\{A75E492B-1D84-4E86-BDCA-077B4C536B6D}) (Version: 16.36.26615 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.8 (x64) (HKLM\...\{912B84A5-61CC-4308-B244-5C34C2C02899}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM\...\{0EC8A4AE-29FE-43B9-90C8-4D8D7D62393C}) (Version: 8.50.40411 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM-x32\...\{06b884b0-4947-4439-859f-098e431012d6}) (Version: 2.1.202 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Developer Pack (HKLM-x32\...\{ed7373e5-d579-4663-83e1-28d41ada77fe}) (Version: 4.6.1590 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.2 SDK (HKLM-x32\...\{5F01B3C4-9BEC-465D-9C68-BB97D381FFAD}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Targeting Pack (ENU) (HKLM-x32\...\{C80951BD-6904-474F-BBC5-03A6C777F37C}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Targeting Pack (HKLM-x32\...\{A18D4C2A-07A8-40E4-9797-DD324E6EA4FC}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 2.0.9 Runtime Package Store (x64) (HKLM\...\{88072DD5-CE0A-3AB3-A9DF-53031BFE8BA0}) (Version: 2.0.13103.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office 2019 pro studenty a domácnosti - cs-cz (HKLM\...\HomeStudent2019Retail - cs-cz) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.086.0423.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM\...\{F3871724-6A58-425C-8E4C-4A54935AA68F}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32\...\{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 112.0.1 (x64 cs)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0 - Mozilla)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0411.01 - MSI)
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.5.0.108 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.3.136 - Native Instruments)
NeverdieAudio Speachy (HKLM\...\NeverdieAudio Speachy_is1) (Version: 1.0 - NeverdieAudio)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 531.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.79 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.4 - OBS Project)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paradox Launcher v2 (HKLM\...\{8C5CF4CE-D589-40B4-A77F-01FD64602C50}) (Version: 2.4.0 - Paradox Interactive)
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.3.10.220926 - XPPen Technology)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.9 - Power Software Ltd)
ProjectSAM The Free Orchestra (HKLM-x32\...\ProjectSAM The Free Orchestra) (Version: 1.0.0.1 - ProjectSAM)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0531.052416 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.4.1201.2021 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
SideQuest 0.10.26 (HKLM\...\4924ec51-3e48-5cb7-b145-2119467094c7) (Version: 0.10.26 - Shane Harris)
SINE Player version 1.0.5.589 (HKLM\...\{F2C84AF9-7DD0-4126-8640-D9232FA29793}_is1) (Version: 1.0.5.589 - Orchestral Tools)
SoundBridge (64 bit) (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\{22BB2C21-AD40-4159-93C8-496ED8341B63}) (Version: 2.0.2 BETA - SoundBridge)
Soundtrack by Twitch (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372D0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Spitfire Audio version 3.3.23 (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.3.23 - Spitfire Audio Holdings Ltd)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
TP-Link TL-WN725N Driver (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 2.1.0 - TP-Link)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Wondershare NativePush_is1) (Version: - )
Yeelight Chroma Connector (HKLM\...\{14DF1D32-2946-44AE-BCE3-B9DDDFEC74E5}) (Version: 1.0.11 - Yeelight)
Zim Desktop Wiki (HKLM\...\404fbece-3a0a-4f4f-b1f1-82ce46af9696) (Version: - )
Zoom (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-20] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa [2023-04-01] (Apple Inc.) [Startup Task]
Lexmark Printer Home -> C:\Program Files\WindowsApps\58539F3C.LexmarkPrinterHome_3.0.73.0_neutral__xyj5e99tmxdva [2020-05-01] (Lexmark International, Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-04] (Microsoft Corp.)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.14.0_x64__kzh8wxbdkxb8p [2023-05-11] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.14.0_x64__kzh8wxbdkxb8p [2023-05-11] (MICRO-STAR INTERNATIONAL CO., LTD)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-05-04] (NVIDIA Corp.)
PowerOff Timer -> C:\Program Files\WindowsApps\7026LibertatiaNetwork.PowerOffTimer_1.1.8.0_neutral__gxq537y54331a [2023-02-27] (Devcoons)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2023-04-19] (Adobe Systems Incorporated)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0 [2023-04-27] (Spotify AB) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2023-05-14] (Bytedance Pte. Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3731235652-646393183-1318076386-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3731235652-646393183-1318076386-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-3731235652-646393183-1318076386-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3731235652-646393183-1318076386-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-02-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-03-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-02-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-02-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-03-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\nvshext.dll [2023-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-02-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-03-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-04-18 13:12 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2023-04-18 13:12 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 001224704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\LIBEAY32.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\SSLEAY32.dll
2022-12-07 17:22 - 2022-04-26 16:20 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 001064960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 004814336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 004965376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000930304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000264704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 004464640 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2022-12-07 17:22 - 2022-09-13 11:55 - 000149504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll
2023-04-18 13:12 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-29] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-10-03 19:49 - 2020-10-03 19:49 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files\Oculus\Support\oculus-runtime;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime Alternative\QTSystem
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lisak\Downloads\25459-outer_space-night-planet-astronomical_object-astronomy-5120x1440.jpg
HKU\S-1-5-21-3731235652-646393183-1318076386-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\Eve\Pictures\wallpaperflare.com_wallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Facebook.MessengerDesktop"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "electron.app.Untapped.gg Companion"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "bt"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B18F57AF-024A-4D9D-AAE1-9E5BAA8F1DBD}E:\mára\overwatch\_retail_\overwatch.exe] => (Allow) E:\mára\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{411FDEFC-5559-45EE-A9AA-94FCE1886B97}E:\mára\overwatch\_retail_\overwatch.exe] => (Allow) E:\mára\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{68AF5F24-BF0C-4013-BA2F-593ECDC083B3}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{F85ACF71-1E0B-448D-A7FD-24CCFA51A866}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{6D9CBD7D-2EBB-42E5-936C-F599F6E66308}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{0BE98812-0FF8-4695-B08D-25B8FA062A3E}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{8C93B9B7-0BF0-4638-86EB-093131AF348A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8A24ABDB-A81D-4A50-8ABE-87A76ACDB636}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{38C2A8E0-3269-46BC-A5B8-14A745463B10}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{D17ED8B4-9E9A-4F79-A006-096EC3AD0F70}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{7B510CEC-436D-415E-BDB2-60C18DE5A6E9}C:\users\lisak\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\lisak\appdata\local\programs\evernote\evernote.exe => No File
FirewallRules: [TCP Query User{E29A6144-BE81-453F-893E-BA14C00B0E81}C:\users\lisak\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\lisak\appdata\local\programs\evernote\evernote.exe => No File
FirewallRules: [{39626976-BBB9-4407-A976-32242419E766}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{B742334C-584C-4643-9256-0328BB0380D0}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{885BC7D3-3375-4F79-818A-5E7EB15B3E07}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [TCP Query User{639864C4-0A54-462E-812A-678257707D4B}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{2C0904DB-4CB0-44AA-82A6-59299CBE8C2B}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{7DC30C4B-9C27-4A39-8365-0F9B926E10A2}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{7774F681-EC9B-453E-A7E2-EA24E0837D6A}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{435E1549-F05E-470C-989D-6DBD48F86644}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{BF191AA8-0AD4-4562-AF4B-23D2EDA8109A}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{A8D72285-1067-48ED-A305-33D039B54556}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{E014F7FA-596D-4166-9421-3F15D351F6DD}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe => No File
FirewallRules: [{E809A1C3-3EA9-48E7-A774-D9B40AB9A923}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe => No File
FirewallRules: [{18245366-35BB-4B88-8122-A18093A41B3D}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus\MetroExodus.exe => No File
FirewallRules: [{3DB5ADC0-8D71-4147-958E-DD431B6F3390}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus\MetroExodus.exe => No File
FirewallRules: [{C43970C4-A924-4537-BB15-68C29F5617F5}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{CB23AAAA-FE8B-4EDC-BB04-F80D123046A8}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [UDP Query User{8D190438-F542-4AB2-91A9-DA283B90369A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0C166C9E-C759-47CD-B39D-F0347D3F7477}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{FC4595C6-94D7-4EDB-81D3-21629DEFAA50}F:\genshin impact game\genshinimpact.exe] => (Allow) F:\genshin impact game\genshinimpact.exe => No File
FirewallRules: [TCP Query User{58207D38-715A-4E52-A747-05E9C62142E9}F:\genshin impact game\genshinimpact.exe] => (Allow) F:\genshin impact game\genshinimpact.exe => No File
FirewallRules: [{0961C1D1-CA12-44C6-A71D-006DDED6BF55}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{D1061355-0739-4886-AEAF-55F0C2B34CCE}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{870BD67A-6540-4B28-BDB9-4F40C261C292}] => (Allow) E:\Mára\Steam\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [{C3F2525D-5759-4C33-B3DA-1F999A99B1B5}] => (Allow) E:\Mára\Steam\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [{A0EAE481-A41E-468E-A93E-3D16C5738B42}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{50785596-D6E3-49FB-B903-E43000A785CF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{F8634E39-894E-4444-8523-6A6BDFB2CA41}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1549D927-0F12-4304-A1CA-34781FDA01E8}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F236E1F5-C953-4E06-B3C8-842456FF743D}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{A2BEF8AE-ABFD-4AF6-B2CA-D781D99602F0}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{C87A2776-3987-4BF7-94E1-B3D62C4EE462}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6C4889D5-D15D-467F-9EA4-81BDC7F56855}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E24FB9FA-EDF2-4959-9D89-BC4F531FA747}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{9C47D655-BE0C-485D-9CF1-415A6F3DA81D}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{51437224-C7AD-4C44-AD05-5471D38370D8}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{05702ACD-8C76-4175-B170-9746E492137A}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{64B8862F-BCE0-4EAD-A94C-D547EEE8AFEC}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{0DA64469-6A91-4AEC-A1B6-D64B9A5CAFEC}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{1EAA5400-C9AC-4BF1-B816-AD12FEF25EA9}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{8D244E46-A225-4DF9-96F7-4631DD824025}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{A175C48B-77B2-4275-BA61-A3BC9A949E5A}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{49EDC39B-E2DC-4CC1-96FF-027F643CA885}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{7C89BA90-66D9-4A71-A53D-A478D2485332}] => (Allow) E:\Mára\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{6E1A9724-540C-4FC7-BD32-20B9683306B5}] => (Allow) E:\Mára\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{A54C444F-BB3E-40EE-ACA6-07587BE39D0F}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{11C457BB-8F2C-4460-949C-7AE2FC3E0FBD}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [UDP Query User{972D4ECD-82AD-4497-B0E3-0704D98DE505}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{1CB9F89F-7318-46C9-B6A0-58E4172C63B9}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{19247196-F7FA-4DD4-86A4-CD1B76766154}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{FA40798B-99C1-43BA-9BC6-05E62FE233BE}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{35B7524C-A1BF-416D-98C7-49EB1B683EF4}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{5DBB0D90-AF35-41F1-8EA6-2950280DBFEA}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{01E9C48C-B191-4FEE-9000-E0380669F221}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [TCP Query User{8BE9859E-0C3F-4BC6-8CCC-E9EBCAAD8654}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [{FE478A53-ECBC-4EF5-8314-3A950870B6FE}] => (Allow) F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{7B5DF61C-F9DD-49E4-8F82-D7BD0A2628AD}] => (Allow) F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{2B49F393-D391-49A3-BAAF-8193C5988705}] => (Allow) F:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{A69868F7-8F63-4A1F-8FA9-64DB0EF722A0}] => (Allow) F:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{ADEC760C-82A8-47E1-A9CC-B86235FC249D}] => (Allow) F:\SteamLibrary\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{9C58AEF6-E1AD-43F9-B698-023542393AAD}] => (Allow) F:\SteamLibrary\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{24131A71-7AA9-41E9-8E84-DA19839AE104}] => (Allow) F:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [{79B97B6C-24A0-4142-BB78-288B26197377}] => (Allow) F:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [UDP Query User{B10B2309-FEE2-4334-B237-FBE84D5C7CBA}C:\program files\yeelight\yeelight chroma connector\yeelight chroma connector.exe] => (Allow) C:\program files\yeelight\yeelight chroma connector\yeelight chroma connector.exe (Yeelink Information Technology Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{F23F08E5-0CDC-4DF4-8096-D7D19FA9E7F9}C:\program files\yeelight\yeelight chroma connector\yeelight chroma connector.exe] => (Allow) C:\program files\yeelight\yeelight chroma connector\yeelight chroma connector.exe (Yeelink Information Technology Co., Ltd.) [File not signed]
FirewallRules: [{CA934344-F674-488F-AE48-017B54F51B8A}] => (Allow) F:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{A8D16F78-5D22-463E-BC7B-1232B22F8A76}] => (Allow) F:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{0A747DFF-C49C-42D3-BB1B-DE4841C6A187}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{EF9919D2-D554-4F7A-A135-3CD4BC33A527}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{0726817C-38AB-4E6D-AC91-94DB4C57C114}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E1C15E05-ACE8-40C6-A6F7-EF8F3D56D785}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{905E0265-8296-4495-9B08-E0AD20ABEF5F}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe => No File
FirewallRules: [{B423CD49-69A6-473E-8526-94F9EBF598CE}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe => No File
FirewallRules: [{2BD2D527-33F6-42AE-96EC-B5587D35E53D}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe => No File
FirewallRules: [{D2B6CC0D-5EA8-401D-B12D-EC39075B9C37}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe => No File
FirewallRules: [UDP Query User{CCDCF473-7180-4D47-8ADC-3B850ADFD66A}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe] => (Allow) F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe => No File
FirewallRules: [TCP Query User{493A0268-5ADD-4791-A435-AF0E1B2B7EE2}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe] => (Allow) F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe => No File
FirewallRules: [UDP Query User{039CE335-AE9C-4A06-AADA-9A8BF63FF80B}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{B7894402-F504-4D1F-9F63-153519280EE0}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{4CA71BC9-B21F-4D45-9137-90FBBC35E0AB}] => (Allow) C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [{1E7176D8-D87F-4322-9AD1-1EB08DD92F44}] => (Allow) C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{D3FBA496-ED09-4865-AAB7-FE5194A674F9}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{5BD55FF5-2E4B-4F2B-A1CF-FDDE80F4CD83}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [{AEC93AA5-25CA-4B4B-86B7-A1FCFCA014A4}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD Projekt Red)
FirewallRules: [{0463EB4E-E35E-4184-9FB2-C7852348BF86}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD Projekt Red)
FirewallRules: [UDP Query User{B9D00014-9811-4607-8239-40BA3C840FBB}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{02BCFD34-B301-4A66-9ED0-289F27EE3884}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{35FDC254-63D2-4D2F-BCE8-C786DCAA516B}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{CC0E34D7-249B-49C4-AB72-C2B3614F267E}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{E90FCE44-67AB-42C8-9917-409F67FF77FB}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{B71CCFB0-0A22-4D7B-8418-41AFEE49FC34}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{99F9CF02-E472-433A-ADD1-76FD4B26ACD5}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{AD18EACB-1920-48FC-AE68-4812E6315BA5}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{A577E954-F11B-4C50-9ECD-EC9B074C3EB6}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{05D474A7-9903-4663-87D9-F260895B6CBC}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [{620F36E6-A166-421A-82DF-9568C381AFE8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{76A8B981-3E5C-40C4-A72B-DF3663339AA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{9B73569B-2673-4CDE-A977-293272AE65B5}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{5C679C0A-D60A-4CDE-8018-4C4E507C0E1B}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [{73E7F2D0-B3A4-4747-90F1-B310C2416F20}] => (Allow) C:\Users\lisak\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{720C13A0-9FA6-4BB2-ABF2-3736CF8FDB43}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [UDP Query User{C7C71A46-EB8C-4D98-A173-23952F03523D}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{8174560B-07DE-444A-A1BF-064EE4238E5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{57C7B0DD-2985-47B0-A104-1A1D7FBAA99A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{17C75B92-14DF-4714-B70A-5644830373D2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{15CE156B-7129-4D3E-A7D3-BC06C08A1DAE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{50A1987A-387F-416C-A14C-DF2263118AB6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0CA6F6A6-AF7E-41CD-A6E4-F27D4E160E9E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{51FB7431-0E84-4F9F-A01E-1B9106CCA587}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{BD0C40AD-2289-457A-8FE0-5A128316722E}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{B6E1BAE9-EDF1-4D65-B80B-238625A066F1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{E2F8EDE8-9013-4010-B1F4-626E84106FE1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{F23806F5-2547-4F0D-A955-881C59A968F3}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{60E99736-57B3-419E-A0A4-1DBF7F5E9D21}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{7A525C38-EE29-488E-A3D7-12EEE5EC4BBD}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{B8DB679F-A56D-43B4-A3C6-4FFE04312121}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{CAE03781-8EA0-4D08-B767-12B64EF65358}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{68B00215-639C-48EF-9AB7-4E5ECDC799F8}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{4209FA72-756C-43DD-8519-D0DFD6DCBEB1}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [UDP Query User{BE2103C7-3D2C-447C-A2F1-02624126FE23}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [TCP Query User{EADC1B64-987C-4EFA-A1D0-FDFCC5026E6C}C:\users\lisak\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\lisak\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [UDP Query User{4B609BDB-AC89-4394-BB61-768BAF798AC5}C:\users\lisak\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\lisak\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [TCP Query User{2A38F7B0-43F2-465F-A7C1-4D11813E6E6C}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe => No File
FirewallRules: [UDP Query User{DC581265-2DC9-445C-A5FF-3E347A865DC3}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe => No File
FirewallRules: [{3BE18E0D-F243-481C-9973-FAB4F02A740B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{4A5C00EA-DCB2-4F7D-8042-DFB99BBD90C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{12D8D622-C8F4-4575-9538-F70D19E41492}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{75129256-B0E0-4380-BE99-C1BCA0D43E19}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{9B94F4BB-A0EA-49D3-B3EE-6A727116A4B0}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{C79AC8B8-D7D0-477B-85F6-01F3F4A97D15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{8D479671-3F15-46D7-A4F9-1A9E104278EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{1864C484-444E-4F80-885D-296A3087A89B}] => (Allow) F:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{13164463-0233-46E7-91F5-78814AE32CE5}] => (Allow) F:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{7326A55F-3B77-4212-97FA-E87D93A4E52E}] => (Allow) F:\SteamLibrary\steamapps\common\AoE2DE\AoE2DE_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation)
FirewallRules: [{D907A191-2591-402A-AE2B-BE0BF922F1A0}] => (Allow) F:\SteamLibrary\steamapps\common\AoE2DE\AoE2DE_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation)
FirewallRules: [{3C4832C4-8335-4FF9-8649-D35BF33D405C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96ED206D-75DD-46C3-8964-141518C93CC1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9C7AC2A-DD8D-4E41-B3CC-E898A246FD13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{6BCDF877-32C1-48AE-ADEB-612808B66D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{40DDA231-103A-4923-AC41-7976E351AFC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{AEAB1273-E66A-4525-9D2A-8D0F0396C212}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3BB6EF1A-F856-4B18-8A8B-720FD78531B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{523E57CC-30B4-48CF-A766-AE1FA3E3FBD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BE32ED44-B1C1-48D6-82D5-743F51A60730}] => (Allow) F:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{DA1B4086-3A42-4C04-BA8F-BE474ABDACA6}] => (Allow) F:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{3237C5F8-AD53-4202-8E08-AD393FE79141}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{C298C091-D071-4544-B7BB-BE2EBBCAECC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{98652DF8-0EBA-4D80-9D95-B4456182BACC}] => (Allow) F:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{5D07F35F-D824-4F6B-9C16-D90EA020C0AF}] => (Allow) F:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{154A6067-8E23-4D6A-8527-C6162EDCD123}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{F1A75B4E-8261-44F7-8868-586CC7E12E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{0818BB70-F2A6-44A7-858F-AC49336952CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe => No File
FirewallRules: [{86A0CC70-AA66-45AF-8114-C40A99B660BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe => No File
FirewallRules: [{A48D668A-B551-4354-997F-368281A07B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe => No File
FirewallRules: [{341EF611-E330-4AF4-A1D7-4932AAC3C33A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe => No File
FirewallRules: [{8804189C-7B10-4F96-9066-29382CB5375F}] => (Allow) F:\SteamLibrary\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [File not signed]
FirewallRules: [{8434A73C-A4F7-44CA-A3F5-443B9AA93F4A}] => (Allow) F:\SteamLibrary\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [File not signed]
FirewallRules: [{188DAAFE-64EB-444A-9100-C4D665AB4620}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F86FD9D5-40A0-4C1E-80F5-B653DFC67836}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1BD01095-8E29-41D3-826D-70742FF4AE69}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F327F930-88BF-4F4B-8B58-2B375CE0BE83}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E3B05687-4675-4085-AD65-ED09FB0E6A3F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2A8209D6-2B13-4F67-BF42-9F4FCC16C214}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{9C833886-BE26-4FB1-86DF-1B7471A04BFD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{416C2221-B1A9-4A02-AA39-E2FB8D4CCDDF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{58E822DA-8E60-4588-80EE-1CA30E9C8017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{6117ECC1-2698-4363-A897-1E2791C219E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{D2D9FC9E-0FE1-4E94-B8E5-2771F1185A42}] => (Allow) C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{DC0C76EE-9A0C-4FF7-B6F7-AE8527E51BC2}C:\users\lisak\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\lisak\appdata\roaming\bittorrent\updates\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{9B03015A-9448-4591-86EA-7241A8E0D060}C:\users\lisak\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\lisak\appdata\roaming\bittorrent\updates\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{A463A41D-AAD9-47F6-B993-8DD32F5B904D}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Block) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [UDP Query User{B9810AF8-8576-4C12-9B87-394EEDADDBC7}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Block) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [{AC3655D6-4B7C-4F5A-9D7D-762B0719A266}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{77546761-10B9-4B8E-9B90-8271056B605E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{1048F2CC-CFC7-45F0-8E1C-E089877C8AB8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{293AE2D6-1C21-4CF1-8BE5-B4D856BC2CD1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7ABB25CF-DE4F-415D-995B-0F654EB79505}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{454ED7BF-71F2-4DE5-825B-2A9878FABC57}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{D327AC1B-D098-45D7-9320-473A3368687F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{E7B8B857-1084-4AF6-9E16-6A1BBA67DEA4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{4A52FE8D-CC43-4917-8AC6-9494736696CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe => No File
FirewallRules: [{F1D5DB75-7A8C-47C1-BD8B-96BCFCBE8409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe => No File
FirewallRules: [{29417C03-2D84-43EC-BA35-F9C68D1A43CB}] => (Allow) F:\SteamLibrary\steamapps\common\Wartales\Wartales.exe () [File not signed]
FirewallRules: [{9F24F58A-8E39-47E9-9B11-1E7DC0820C9F}] => (Allow) F:\SteamLibrary\steamapps\common\Wartales\Wartales.exe () [File not signed]
FirewallRules: [{6F93EB61-C4AA-47D0-A8E3-C16C38DBCA0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2BE7D678-161C-491C-852D-1B12EE12073D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2026913E-2B53-43B8-8928-E804EA3C9554}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{84293CBD-9925-4315-88B9-D70AFF9D7A8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{09630183-E7EB-4698-B5DF-B132CB580E39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{774277EF-DEB4-4C46-B70C-517B40E09CCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4ACAED06-10B2-4A18-80CE-773830F5D4A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2F734873-2BD2-4183-97F9-E1E58DFF2CC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{76D0011A-8AF6-4C27-85EB-84564FA9FA86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7FBE08BF-1E35-4320-9FC8-4BA94C1A4C43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{131DE304-4506-4892-9D61-75FB2E38580B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\Launcher\FuncomLauncher.exe (FUNCOM OSLO AS -> Funcom)
FirewallRules: [{9080BB88-242E-4A42-A4A4-153718E10D83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\Launcher\FuncomLauncher.exe (FUNCOM OSLO AS -> Funcom)
FirewallRules: [TCP Query User{8337836F-5421-4C69-A08C-51FE5FD40B65}C:\program files (x86)\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe (FUNCOM OSLO AS -> Funcom Oslo AS)
FirewallRules: [UDP Query User{E80B2ED7-BFB4-41D0-8A16-DB0764E09BE2}C:\program files (x86)\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe (FUNCOM OSLO AS -> Funcom Oslo AS)
FirewallRules: [{B0BCA36E-D15D-4B72-A8EA-B93919B351AA}] => (Allow) F:\SteamLibrary\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{29E70891-7D8D-4B69-8CAF-459C0FEB6BE9}] => (Allow) F:\SteamLibrary\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{66628DC8-FC26-4195-87BB-732BE4224C08}] => (Allow) LPort=32682
FirewallRules: [{FC896968-28C6-474E-BABA-5211A1599E73}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B4CA05DE-232E-4928-A39B-EF4A45637AD6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53166740-CBA2-483C-8208-C55FC09F3D0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FD114DE3-4D75-4E69-867A-05C14450B4CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9CE4668-F81C-423F-82D2-E619F4833F14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4A4EE3B-4222-4599-94E4-EF4255673C45}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3B21A0E-866B-4E23-A4B3-2A70139C1F52}] => (Allow) LPort=32683
FirewallRules: [{96647FB7-D1EA-4790-8BF9-F0D6A62EA6CE}] => (Allow) LPort=26822

==================== Restore Points =========================

09-05-2023 19:01:48 Instalační služba modulů systému Windows
11-05-2023 21:27:20 Instalováno Realtek Ethernet Controller Driver
15-05-2023 15:01:47 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: EOS Webcam Utility
Description: EOS Webcam Utility
Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}
Manufacturer: (Standard system devices)
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/15/2023 03:11:58 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: SecurityHealthService.exe, verze: 10.0.22621.1635, časové razítko: 0xc9cb2878
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.1485, časové razítko: 0xb7f0154a
Kód výjimky: 0xc0000374
Posun chyby: 0x000000000010be19
ID chybujícího procesu: 0x0x404c
Čas spuštění chybující aplikace: 0x0x1d9872ed4017eb2
Cesta k chybující aplikaci: C:\WINDOWS\system32\SecurityHealthService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 60363ee4-f2b5-44bd-843d-12afb0384739
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/15/2023 03:11:53 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\VOUSATíR$ přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 15 May 2023 13:11:52 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ed9885e0-5671-4e0b-bdf7-cdc3037665bd

Metoda: GET(313ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/15/2023 03:11:52 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 15 May 2023 13:11:52 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3e8fe0cf-1968-488c-ad52-c75b95008798

Metoda: GET(437ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/15/2023 03:11:44 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/15/2023 03:10:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (05/15/2023 03:10:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (05/15/2023 03:10:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (05/15/2023 03:10:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (05/15/2023 03:22:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/15/2023 03:12:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (05/15/2023 03:02:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (05/15/2023 03:00:04 PM) (Source: DCOM) (EventID: 10010) (User: VOUSATíR)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/15/2023 02:51:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (05/14/2023 01:20:34 PM) (Source: DCOM) (EventID: 10010) (User: VOUSATíR)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/14/2023 01:15:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/14/2023 01:15:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:52:10, ‎13.‎05.‎2023) bylo neočekávané.


Windows Defender:
================
Date: 2023-04-18 22:46:32
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL; file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_C:\Users\lisak\AppData\Local\Temp\wsc7B16.tmp; file:_C:\Users\lisak\AppData\Local\Temp\wscA567.tmp; file:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL->(VFS:wscd2890.tmp); process:_pid:15444,ProcessStart:133263243654335130; regkey:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE\\cleaninethelper; runonce:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE\\cleaninethelper
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\SysWOW64\rundll32.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

Date: 2023-04-18 22:46:15
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL; file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_C:\Users\lisak\AppData\Local\Temp\wsc7B16.tmp; file:_C:\Users\lisak\AppData\Local\Temp\wscA567.tmp; file:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL->(VFS:wscd2890.tmp)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\SysWOW64\rundll32.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

Date: 2023-04-18 22:46:15
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_c:\users\lisak\appdata\local\temp\wsca567.tmp; process:_pid:1960,ProcessStart:133263243107219147; regkey:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN\\InetHelper; runkey:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN\\InetHelper; winlogonshell:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\\SHELL:"C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe"
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: VOUSATíR\lisak
Název procesu: C:\Windows\SysWOW64\rundll32.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

Date: 2023-04-18 22:46:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL; file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_C:\Users\lisak\AppData\Local\Temp\wsc7B16.tmp; file:_C:\Users\lisak\AppData\Local\Temp\wscA567.tmp; file:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL->(VFS:wscd2890.tmp)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\SysWOW64\rundll32.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

Date: 2023-04-18 22:46:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL; file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_C:\Users\lisak\AppData\Local\Temp\wsc7B16.tmp; file:_C:\Users\lisak\AppData\Local\Temp\wscA567.tmp; file:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL->(VFS:wscd2890.tmp)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

CodeIntegrity:
===============
Date: 2023-05-15 15:24:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 3.G0 04/27/2023
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK MAX (MS-7C02)
Processor: AMD Ryzen 7 3700X 8-Core Processor
Percentage of memory in use: 58%
Total physical RAM: 16309.52 MB
Available physical RAM: 6771.83 MB
Total Virtual: 35765.52 MB
Available Virtual: 19485.28 MB

==================== Drives ================================

Drive c: (SSD-OS) (Fixed) (Total:475.69 GB) (Free:25.37 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (SSD-SYSTEM) (Fixed) (Total:0.49 GB) (Free:0.45 GB) (Model: ST1000DM003-1ER162) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (2TB-DATA) (Fixed) (Total:1863 GB) (Free:1099.59 GB) (Model: ST2000DM008-2FR102) NTFS
Drive f: (1TB-STEAM) (Fixed) (Total:931.02 GB) (Free:538.54 GB) (Model: ST1000DM003-1ER162) NTFS

\\?\Volume{8ad2e326-c190-43df-99ec-c5c47a742df9}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{e03f0816-28d9-4ec0-a9a6-35a520475b96}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{e38f3e9e-b449-48a9-b17b-a4c7e6f79f51}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6CC01275)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Rudy píše: 15 kvě 2023 14:49 Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-15-2023
# Duration: 00:00:00
# OS: Windows 11 (Build 22621.1702)
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Seznam Doplněk – Esko - olfeabkoenfaoljndfecamgilllcpiak
Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1549 octets] - [07/01/2021 11:33:31]
AdwCleaner[C00].txt - [1701 octets] - [07/01/2021 11:33:54]
AdwCleaner[S01].txt - [1528 octets] - [07/01/2021 11:35:46]
AdwCleaner[S02].txt - [1746 octets] - [15/05/2023 15:31:12]
AdwCleaner[C02].txt - [1898 octets] - [15/05/2023 15:31:22]
AdwCleaner[S03].txt - [1725 octets] - [15/05/2023 15:32:03]
AdwCleaner[C03].txt - [1915 octets] - [15/05/2023 15:32:14]
AdwCleaner[S04].txt - [1990 octets] - [15/05/2023 16:13:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

Každopádně říkám si, že tu neplechu musí dělat asi nějaký proces. Teď po tom scanu, kdy cleaner ukončil všechny aplikace, se ten zmiňovaný problém nevyskytl. Na PC jsem dlouho nic nedělal a skoro ho neslyším.

Dejte nové logy FRST+Addition.

Rudy píše: 15 kvě 2023 16:13 Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2023 01
Ran by lisak (administrator) on VOUSATíR (Micro-Star International Co., Ltd MS-7C02) (15-05-2023 17:43:19)
Running from C:\Users\lisak\OneDrive\Plocha\FRST64.exe
Loaded Profiles: lisak
Platform: Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(Discord Inc. -> Discord Inc.) C:\Users\lisak\AppData\Local\Discord\app-1.0.9013\Discord.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1103480 2022-09-26] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [457872 2021-03-08] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [Discord] => C:\Users\lisak\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm.exe [522648 2023-01-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2602888 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [BitTorrent] => C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe [2677928 2023-01-30] (BitTorrent Inc -> BitTorrent Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3532928 2022-05-24] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [electron.app.Untapped.gg Companion] => C:\Users\lisak\AppData\Local\Programs\untapped-companion\Untapped.gg Companion.exe --autostart (No File)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [bt] => C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe [2677928 2023-01-30] (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7592400 2023-05-04] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5067224 2023-05-09] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1008\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2602888 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3731235652-646393183-1318076386-1008\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-21-3731235652-646393183-1318076386-1008\...\Run: [Discord] => C:\Users\Eve\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.93\Installer\chrmstp.exe [2023-05-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02AEC26B-3504-4012-AB62-D879A23E2F0A} - System32\Tasks\Opera scheduled Autoupdate 1587158667 => C:\Users\lisak\AppData\Local\Programs\Opera\launcher.exe--scheduledautoupdate $(Arg0)
Task: {0BAD41A4-2DF9-41C2-A83B-689A7F2D171B} - System32\Tasks\GoogleUpdateTaskMachineGDU => C:\WINDOWS\SysWOW64\XPSViewer\TasksG\G-1-52-53\TG_1.3.34.62.exe-in 312d354046abf7fa749f62a857e4c6e8 726a58a6f896e83a7f2dd409310d98f2 -in 312d354046abf7fa749f62a857e4c6e8 726a58a6f896e83a7f2dd409310d98f2 (Access Denied) <==== ATTENTION <==== ATTENTION
Task: {0DFE7EFE-04BD-4DE7-96B5-DFBD3C3C21AD} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2463840 2023-04-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {103F4520-1463-43B4-A16A-BD1683A301EE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11B966E7-2EFB-4F31-ABF2-B888DC318D18} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {12F942D3-19A8-4B3E-9363-D81F382D53DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {14B0071A-D159-47ED-9B0F-4F0D44D9988A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196744 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {19632E62-C41E-4507-8F60-D17E8A81C937} - System32\Tasks\MXWTPTTTYKDUYVXJ_run => C:\Users\lisak\AppData\Roaming\NVIDIA\ComputeCache\MXWTPTTTYKDUYVXJ.exe [368640 2023-03-08] (Microsoft Corporation) [File not signed]
Task: {1CF7D586-3399-40D3-AD0B-A8D7CD801CAD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {333E828D-86CF-4D2A-80D0-95D312D25792} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3F3C2B74-E198-4553-B94E-E84D75C658EA} - System32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A} => C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe/i "C:\Users\lisak\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi" AI_SETUPEXEPATH="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe" SETUPEXEDIR="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\" ADDLOCAL=MainFeature,MicrosoftVisualC (the data entry has 820 more characters).
Task: {3FB26A9B-EB02-4338-A62C-02B8D6F98623} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exeDetect_Monitor
Task: {440684BF-F59F-45BD-B848-A34D67F8F918} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exeDetect_DisplayID
Task: {556602EB-BBCE-4F72-8B26-06FC60CD5016} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe/RunOnAC ReadyToReboot
Task: {55812B74-70E5-4942-AA98-D06F6CAB3D9F} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {68E89026-E923-4464-94C0-506992DD9EF1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3731235652-646393183-1318076386-1008 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196744 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DFB4993-3E1C-4CC8-80A4-8E538DFE8B66} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93FDF6A8-1FF8-4595-AF0B-94B19DD1C59A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {95FED327-0ADC-4F4A-AFED-CDD7FF93560E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exeLogonUpdateResults
Task: {A382A8FB-0228-47C1-AEDE-761D54E3189A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {ADA36804-5451-42E5-9726-DAB09805775C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {B6E94F0D-5D2E-4414-8C08-7CCCFDA9C4DE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7C6BD6D-0BD9-4C6B-92EB-D1520BB96C43} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BA53116A-E90F-4E57-AE8F-F458897C6889} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD0854B6-054B-4266-A761-9EECF3118B01} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {C98A1FDA-0998-4824-B82C-EC50A3D1212B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBD90A96-6915-4292-BAB0-B6BBB0969394} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CD9B37BE-92EB-43D4-ABB6-D02D1DDAA327} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-17] (Google LLC -> Google LLC)
Task: {D225D0C2-9E7E-4233-B601-15207068F913} - System32\Tasks\Opera scheduled assistant Autoupdate 1587158673 => C:\Users\lisak\AppData\Local\Programs\Opera\launcher.exe--scheduledautoupdate --component-name=assistant --component-path="C:\Users\lisak\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {DA73C9DB-2D10-462A-A3E0-3C5A551ADC4C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBD65D62-8F6C-4E85-A09D-D98BBE077883} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe/RunOnBattery ReadyToReboot
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {ECD8D9DF-2C45-441B-BC18-DF1F508748E1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3731235652-646393183-1318076386-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196744 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9CD1F0B-F374-48B7-8077-3BBFAC0FBE2A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD21E163-312B-47B5-BC44-CFE73D879D98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-17] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exeѡ/i C:\Users\lisak\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe SETUPEXEDIR=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=E:\ AI_PREREQFILES=C:\Users\lisak\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64_14_29_30135.exe AI_PREREQDIRS=C:\Users\lisak\AppData\Roaming AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x64 AI_SETUPEXEPATH=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe SETUPEXEDIR=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2022-01-27T09:42:19.0008433Z TARGETLOCKED=TRUE TARGETDIR=E:\ APPDIR=C:\Program Files\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{33d86b26-5369-432c-b54d-fbd5d1037999}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6fbe3e34-d7e8-4bf9-98c1-d265f04eaa8e}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8880da3b-0623-4751-98ff-80e71a2063e0}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{cb625c51-155e-4373-92f6-fec651f3682a}: [DhcpNameServer] 172.20.10.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-15]
Edge DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}&sourceid=62744&thru=quicksearch
Edge DefaultSearchKeyword: Default -> seznam
Edge DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
Edge Extension: (Ochrana Kaspersky) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-04-19]
Edge Extension: (Seznam doplněk - Email) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2023-04-01]
Edge Extension: (BetterTTV) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2023-04-21]
Edge Extension: (Edge relevant text changes) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-26]
Edge Extension: (Seznam.cz) - C:\Users\lisak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-04-19]
Edge HKU\S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-3731235652-646393183-1318076386-1008\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: hntpunyv.default
FF ProfilePath: C:\Users\lisak\AppData\Roaming\Mozilla\Firefox\Profiles\hntpunyv.default [2021-01-08]
FF ProfilePath: C:\Users\lisak\AppData\Roaming\Mozilla\Firefox\Profiles\tl3qtz7n.default-release [2023-04-23]
FF Notifications: Mozilla\Firefox\Profiles\tl3qtz7n.default-release -> hxxp://brnocon.cz
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2021-03-07] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3731235652-646393183-1318076386-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\lisak\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-31] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-01-11] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-01-11] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default [2023-05-15]
CHR DownloadDir: C:\Users\lisak\Downloads
CHR Notifications: Default -> hxxps://insider.razer.com; hxxps://kytary.cz; hxxps://wpnull.org; hxxps://www.chess.com; hxxps://www.facebook.com; hxxps://www.g2a.com; hxxps://www.netflix.com; hxxps://www.reddit.com; hxxps://www.wish.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}&sourceid=62744&thru=quicksearch
CHR DefaultSearchKeyword: Default -> seznam
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Torrent Scanner) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-02-28]
CHR Extension: (Ochrana Kaspersky) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-04-19]
CHR Extension: (BetterTTV) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-04-21]
CHR Extension: (Dark Theme for Google Chrome) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2022-05-11]
CHR Extension: (Seznam doplněk - Email) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2023-05-15]
CHR Extension: (Return YouTube Dislike) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-05-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-21]
CHR Extension: (Beyond 20) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnblbpbepfbfmoobegdogkglpbhcjofh [2022-11-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam.cz) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-05-15]
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-31]
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-31]
CHR Extension: (Safe Torrent Scanner) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-10-30]
CHR Extension: (Ochrana Kaspersky) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-10-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-30]
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-01-05]
CHR Extension: (Safe Torrent Scanner) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-01-05]
CHR Extension: (Ochrana Kaspersky) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-01-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lisak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-05]
CHR Profile: C:\Users\lisak\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-31]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2021-06-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2023-04-30] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-13] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-02-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncHelper.exe [3445624 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 kpm_service_10.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe [520600 2023-01-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
S3 KSDE5.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe [644264 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [70776 2023-03-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150176 2022-08-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 MSI_Companion_Service; C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe [140528 2022-05-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe [37104 2022-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [34032 2022-05-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 NativePushService; C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.086.0423.0001\OneDriveUpdaterService.exe [3781496 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [148024 2023-05-10] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [514616 2023-05-10] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2030624 2022-05-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [464416 2022-05-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1351744 2022-06-03] (Razer USA Ltd. -> Razer Inc.)
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [299136 2022-05-24] (Razer USA Ltd. -> Razer Inc.)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [534440 2022-04-28] (Razer USA Ltd. -> Razer Inc.)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-12-27] (Twitch Interactive, Inc. -> )
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-09-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S2 Wallpaper Engine Service; F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [520288 2021-03-01] (Skutta, Kristjan -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 EpicOnlineServices; "C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26168 2021-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [713240 2023-03-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1779264 2023-03-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [235720 2023-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [353896 2023-03-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [350352 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [179320 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [259488 2023-03-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [28480 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [75280 2021-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2021-06-28] (Oculus VR, LLC -> Facebook Inc.)
S3 R0RazerSynapseService; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.sys [14544 2022-06-09] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_400a42c66fb0e159\rt68cx21x64.sys [598976 2022-01-17] (Realtek Semiconductor Corp. -> Realtek)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\WINDOWS\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_025d; C:\WINDOWS\System32\drivers\RzDev_025d.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0c02; C:\WINDOWS\System32\drivers\RzDev_0c02.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2023-03-08] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-26] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [86016 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-09-21] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S1 nkcbypws; \??\C:\WINDOWS\system32\drivers\nkcbypws.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-15 15:40 - 2023-05-15 15:40 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-15 15:40 - 2023-05-15 15:40 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-15 15:30 - 2023-05-15 15:30 - 008791352 _____ (Malwarebytes) C:\Users\lisak\Downloads\adwcleaner.exe
2023-05-15 15:11 - 2023-05-15 15:11 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-05-15 12:07 - 2023-05-15 12:07 - 000016242 _____ C:\Users\lisak\Downloads\priloha_1189669531_0_notifikace.pdf
2023-05-13 13:06 - 2023-05-13 14:38 - 000000000 ____D C:\Users\lisak\Downloads\CONAN
2023-05-11 21:35 - 2023-05-11 21:35 - 000003176 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2023-05-11 21:35 - 2023-05-11 21:35 - 000000000 ____D C:\Program Files\WD
2023-05-11 21:35 - 2023-05-11 21:35 - 000000000 ____D C:\Program Files\Verbatim
2023-05-11 21:35 - 2023-05-11 21:35 - 000000000 ____D C:\Program Files\ENE
2023-05-11 21:32 - 2022-05-16 17:23 - 000013576 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\acpimof.dll
2023-05-10 07:16 - 2023-05-10 07:16 - 000000000 ___HD C:\$WinREAgent
2023-05-09 07:49 - 2023-05-09 07:49 - 008634208 _____ C:\Users\lisak\Downloads\V5_Startovaci_sada.rar
2023-05-09 07:26 - 2023-05-09 07:26 - 001745245 ____N C:\WINDOWS\Minidump\050923-10281-01.dmp
2023-05-04 21:50 - 2023-04-26 18:47 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-05-04 21:50 - 2023-04-26 18:47 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-05-04 21:50 - 2023-04-26 18:47 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-05-04 21:50 - 2023-04-26 18:47 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-05-04 21:50 - 2023-04-26 18:47 - 001479216 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-05-04 21:50 - 2023-04-26 18:47 - 001479216 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-05-04 21:50 - 2023-04-26 18:47 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-05-04 21:50 - 2023-04-26 18:47 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-05-04 21:50 - 2023-04-26 18:46 - 001226736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 001194480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 000851968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 000671256 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-05-04 21:50 - 2023-04-26 18:43 - 000506352 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 002166296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 001621016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 000979456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 000758768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-05-04 21:50 - 2023-04-26 18:42 - 000741400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-05-04 21:50 - 2023-04-26 18:41 - 013769216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 011650048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 006083568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 005911024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 005835288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-05-04 21:50 - 2023-04-26 18:41 - 000457712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-05-04 21:50 - 2023-04-26 18:40 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-05-04 21:50 - 2023-04-26 01:34 - 000104369 _____ C:\WINDOWS\system32\nvinfo.pb
2023-05-04 21:46 - 2023-05-04 21:46 - 000003226 _____ C:\Users\lisak\Downloads\Karsus lore.txt
2023-05-03 09:35 - 2023-05-09 07:26 - 000000000 ____D C:\WINDOWS\Minidump
2023-05-03 09:35 - 2023-05-03 09:35 - 002258109 ____N C:\WINDOWS\Minidump\050323-10046-01.dmp
2023-05-02 13:28 - 2023-05-02 13:28 - 000001062 _____ C:\Users\lisak\Downloads\art.txt
2023-04-19 23:04 - 2023-04-19 23:04 - 002985547 _____ C:\Users\lisak\Downloads\elementor-pro-v3.12.2.zip
2023-04-19 19:33 - 2023-04-30 19:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-19 19:03 - 2023-04-19 19:03 - 000164548 _____ C:\Users\lisak\Downloads\UrlShortener-REL1_39-4e5ddb1.tar.gz
2023-04-19 18:47 - 2023-04-19 18:47 - 000004508 _____ C:\Users\lisak\Downloads\LocalSettings.php
2023-04-19 17:16 - 2023-04-19 17:18 - 000000000 ____D C:\Users\lisak\Downloads\mediawiki-1.39.3
2023-04-19 13:40 - 2023-04-19 13:41 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2023-04-19 13:39 - 2023-04-19 13:39 - 002469680 _____ C:\Users\lisak\Downloads\151191926-history-glory-stinger-logo.wav
2023-04-19 12:30 - 2023-04-19 23:08 - 000000056 _____ C:\Users\lisak\Downloads\SG.txt
2023-04-19 12:25 - 2023-04-19 12:26 - 068005968 _____ C:\Users\lisak\Downloads\mediawiki-1.39.3.zip
2023-04-19 11:01 - 2023-04-19 11:01 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity
2023-04-19 11:00 - 2023-04-19 11:00 - 000527423 _____ ( ) C:\Users\lisak\Downloads\Lame_v3.99.3_for_Windows.exe
2023-04-19 11:00 - 2023-04-19 11:00 - 000202295 _____ C:\Users\lisak\Downloads\libmp3lame-win-3.99.3.zip
2023-04-19 10:59 - 2023-04-19 10:59 - 000000000 ____D C:\Program Files\Audacity
2023-04-19 10:57 - 2023-04-19 10:58 - 014392168 _____ (Audacity Team ) C:\Users\lisak\Downloads\audacity-win-3.2.5-x64.exe
2023-04-19 10:55 - 2023-04-19 14:00 - 000000000 ____D C:\Users\lisak\Downloads\Adobe Photoshop Lightroom Classic 2023
2023-04-19 10:42 - 2023-04-19 10:42 - 000092380 _____ C:\Users\lisak\Downloads\takeout-20230419T084149Z-001.zip
2023-04-19 03:18 - 2023-04-19 03:18 - 1411934879 _____ C:\Users\lisak\Downloads\ND 01B.mp4
2023-04-19 02:17 - 2023-04-19 17:11 - 000000000 ____D C:\Users\lisak\Documents\ND (converted)_AME
2023-04-19 01:26 - 2023-04-19 17:12 - 000432277 _____ C:\Users\lisak\Documents\ND (converted).aep
2023-04-19 01:18 - 2023-04-19 01:18 - 000000000 ____D C:\ProgramData\Red Giant
2023-04-19 01:18 - 2023-04-19 01:18 - 000000000 ____D C:\Program Files\Red Giant
2023-04-19 01:15 - 2023-04-19 01:18 - 000000000 ____D C:\Program Files\Maxon Cinema 4D 2023
2023-04-19 01:15 - 2023-04-19 01:15 - 000001256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2023.lnk
2023-04-18 22:25 - 2023-04-18 22:25 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2023.lnk
2023-04-18 19:59 - 2023-04-18 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
2023-04-18 19:59 - 2023-04-18 19:59 - 000000000 ____D C:\Program Files (x86)\QuickTime Alternative
2023-04-18 19:59 - 2010-03-17 22:53 - 000180224 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QTCF.dll
2023-04-18 19:59 - 2010-03-17 22:53 - 000094208 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QuickTimeVR.qtx
2023-04-18 19:59 - 2010-03-17 22:53 - 000069632 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QuickTime.qts
2023-04-18 17:16 - 2023-04-19 14:50 - 000000000 ____D C:\Users\lisak\Documents\Adobe After Effects Auto-Save
2023-04-18 17:13 - 2023-04-18 22:36 - 000390009 _____ C:\Users\lisak\Documents\ND.aep
2023-04-18 15:26 - 2023-04-18 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon
2023-04-18 15:25 - 2023-04-18 15:26 - 000000000 ____D C:\Program Files\Maxon Cinema 4D R22
2023-04-18 14:56 - 2023-04-18 14:56 - 000000000 ____D C:\Users\lisak\AppData\LocalLow\BitTorrent.WebView2
2023-04-18 14:43 - 2023-04-18 14:43 - 000010742 _____ C:\Users\lisak\Downloads\AudioWaveformVisualizer.setting
2023-04-18 13:12 - 2023-04-18 13:16 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Wondershare
2023-04-18 13:11 - 2023-04-18 14:36 - 000000000 ____D C:\Users\lisak\AppData\Local\Wondershare
2023-04-18 13:11 - 2023-04-18 14:36 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2023-04-18 13:11 - 2023-04-18 13:17 - 000000000 ____D C:\ProgramData\Wondershare
2023-04-18 13:11 - 2023-04-18 13:11 - 000000000 ____D C:\Users\lisak\Documents\Wondershare
2023-04-18 13:07 - 2023-04-18 13:12 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-04-18 11:52 - 2023-04-18 11:52 - 000002139 _____ C:\Users\lisak\Downloads\ReactorInstallLog.txt
2023-04-18 11:50 - 2023-04-18 11:50 - 000044914 _____ C:\Users\lisak\Downloads\Reactor-Installer.lua
2023-04-18 00:26 - 2023-04-18 00:26 - 005433979 _____ C:\Users\lisak\Downloads\pravidla_grafika.pdf
2023-04-18 00:26 - 2023-04-18 00:26 - 000946569 _____ C:\Users\lisak\Downloads\katy_postav.pdf
2023-04-18 00:26 - 2023-04-18 00:26 - 000662328 _____ C:\Users\lisak\Downloads\pravidla_tisk.pdf
2023-04-18 00:26 - 2023-04-18 00:26 - 000406568 _____ C:\Users\lisak\Downloads\Demoni_tisk.pdf
2023-04-18 00:26 - 2023-04-18 00:26 - 000367954 _____ C:\Users\lisak\Downloads\virovy_tisk.pdf
2023-04-16 09:41 - 2023-04-16 09:41 - 000030233 _____ C:\Users\lisak\Downloads\692156ac6cf239062e8a44eaea4bed8f3739b076402f6ccb52be4d976aa00b0c-2023-04-15-21-52-21.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-15 17:43 - 2021-01-07 12:30 - 000000000 ____D C:\FRST
2023-05-15 17:42 - 2022-10-27 10:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-15 17:33 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-15 17:28 - 2020-04-16 23:56 - 000000000 ____D C:\Users\lisak\AppData\Local\Discord
2023-05-15 16:47 - 2020-04-17 00:08 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-15 16:29 - 2020-04-16 23:56 - 000000000 ____D C:\Users\lisak\AppData\Roaming\discord
2023-05-15 16:15 - 2020-09-20 10:02 - 000000000 ____D C:\Users\lisak\AppData\Local\D3DSCache
2023-05-15 16:14 - 2021-06-28 18:47 - 000000000 ____D C:\Users\lisak\AppData\Local\Oculus
2023-05-15 16:14 - 2020-04-17 00:11 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-15 15:44 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-15 15:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-15 15:44 - 2020-04-16 23:32 - 000000000 ____D C:\ProgramData\Packages
2023-05-15 15:40 - 2022-10-27 10:26 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-15 15:40 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-05-15 15:33 - 2022-10-27 10:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-15 15:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-05-15 15:33 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-05-15 15:33 - 2020-04-17 00:40 - 000000000 ____D C:\MSI
2023-05-15 15:33 - 2020-04-16 23:50 - 000000000 ___RD C:\Users\lisak\OneDrive
2023-05-15 15:05 - 2020-04-16 23:48 - 000000000 ____D C:\Users\lisak\AppData\Local\Packages
2023-05-15 15:02 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-15 14:53 - 2022-10-27 10:18 - 000000000 ____D C:\Users\lisak
2023-05-15 14:53 - 2020-04-17 07:01 - 000000000 ____D C:\Program Files (x86)\Steam
2023-05-15 09:06 - 2021-12-05 21:48 - 000000000 ____D C:\Users\lisak\AppData\Roaming\FuncomLauncher
2023-05-14 14:15 - 2020-04-18 00:14 - 000000000 ____D C:\Users\lisak\AppData\Local\CrashDumps
2023-05-13 18:52 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-05-13 17:53 - 2020-04-17 07:05 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-05-13 13:06 - 2020-05-07 16:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-05-13 13:05 - 2020-06-10 21:17 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-13 13:04 - 2022-10-26 22:35 - 000079312 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-05-13 13:04 - 2022-10-26 22:35 - 000062968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-05-13 13:04 - 2021-11-19 18:45 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-05-13 13:04 - 2020-05-25 10:16 - 000488912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-05-13 13:04 - 2020-04-17 02:12 - 002794960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-05-13 13:04 - 2020-04-17 02:12 - 000247248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2023-05-13 13:04 - 2020-04-17 02:12 - 000202192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-05-13 13:04 - 2020-04-17 02:12 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-05-12 09:49 - 2022-10-27 10:25 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 09:49 - 2022-10-27 10:25 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-11 21:48 - 2020-04-17 00:08 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-11 21:35 - 2020-04-17 00:36 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-11 21:34 - 2020-04-17 00:39 - 000000000 ____D C:\Program Files (x86)\MSI
2023-05-11 21:32 - 2020-04-17 00:39 - 000000000 ____D C:\Users\lisak\AppData\Local\Downloaded Installations
2023-05-11 21:32 - 2020-04-17 00:36 - 000000000 ____D C:\Program Files\AMD
2023-05-11 21:30 - 2022-10-27 10:18 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Windows
2023-05-11 21:30 - 2020-04-17 00:40 - 000000000 ____D C:\ProgramData\MSI
2023-05-11 21:28 - 2020-04-17 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-05-11 21:28 - 2020-04-17 00:18 - 000000000 ____D C:\Program Files\CPUID
2023-05-11 21:27 - 2020-04-17 00:33 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-05-11 18:27 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-05-11 18:21 - 2020-12-29 22:24 - 000000000 ____D C:\Users\lisak\AppData\Roaming\vlc
2023-05-10 19:50 - 2020-05-07 16:37 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Word
2023-05-10 19:47 - 2022-10-27 10:25 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-10 19:47 - 2022-10-11 19:27 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-10 19:35 - 2021-06-28 19:25 - 000000000 ____D C:\Program Files\Oculus
2023-05-10 19:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-10 19:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-05-10 19:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-10 19:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-10 07:17 - 2022-10-27 10:19 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-10 07:13 - 2020-04-16 23:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-10 07:11 - 2020-04-16 23:59 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-10 05:41 - 2022-10-27 10:17 - 000349944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-10 05:40 - 2022-05-07 12:05 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-10 05:40 - 2022-05-07 12:05 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-05-10 05:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-05-09 19:10 - 2022-05-07 12:14 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-05-09 19:10 - 2022-05-07 12:14 - 000023775 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-05-09 17:31 - 2022-09-26 21:47 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-05-09 07:27 - 2022-10-27 10:25 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3731235652-646393183-1318076386-1008
2023-05-09 07:27 - 2022-10-27 10:25 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3731235652-646393183-1318076386-1001
2023-05-09 07:27 - 2022-10-27 10:25 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-05-09 07:27 - 2022-09-26 21:47 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-08 14:01 - 2020-09-20 01:04 - 000012288 ___SH C:\DumpStack.log.tmp
2023-05-05 22:06 - 2020-04-18 19:06 - 000000000 ____D C:\Users\lisak\AppData\Roaming\audacity
2023-05-05 21:03 - 2021-11-21 17:03 - 000000000 ____D C:\Users\lisak\Documents\Zvukové záznamy
2023-05-05 21:01 - 2021-07-01 23:12 - 000000000 ____D C:\Users\lisak\AppData\Roaming\com.spitfireaudio
2023-05-05 12:34 - 2020-04-17 07:25 - 000000000 ____D C:\Users\lisak\AppData\Local\BattlEye
2023-05-05 09:30 - 2020-04-21 11:40 - 000000000 ____D C:\Users\lisak\AppData\Local\NVIDIA
2023-05-04 10:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-05-03 09:38 - 2021-07-05 20:34 - 000000000 ____D C:\Users\lisak\AppData\Local\DBG
2023-05-03 01:08 - 2021-02-21 20:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-04-30 19:01 - 2020-05-07 17:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-28 01:18 - 2020-04-19 19:18 - 000000000 ____D C:\Users\lisak\AppData\Roaming\obs-studio
2023-04-26 18:46 - 2023-03-09 21:40 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-04-26 18:41 - 2023-03-09 21:40 - 003430448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-04-26 18:39 - 2023-03-09 21:40 - 006798792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-04-26 18:39 - 2022-10-06 15:44 - 007935568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-04-25 14:42 - 2022-10-27 10:25 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-25 14:42 - 2022-10-27 10:25 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-23 19:18 - 2022-02-10 22:04 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-19 19:55 - 2020-05-07 17:31 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-19 19:27 - 2020-05-07 17:31 - 000000000 ____D C:\Users\lisak\AppData\LocalLow\Mozilla
2023-04-19 12:09 - 2020-12-29 19:01 - 000000000 ____D C:\Users\lisak\AppData\Roaming\BitTorrent
2023-04-19 11:22 - 2022-09-02 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2023-04-19 11:22 - 2022-09-02 13:32 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2023-04-19 11:00 - 2015-02-15 11:03 - 000421888 _____ C:\Users\lisak\Documents\lame_enc.dll
2023-04-19 10:59 - 2020-04-18 19:06 - 000000871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2023-04-19 10:59 - 2020-04-18 19:06 - 000000000 ____D C:\Users\lisak\AppData\Local\Audacity
2023-04-19 10:55 - 2020-04-17 23:25 - 000000000 ____D C:\Users\lisak\AppData\Local\BitTorrentHelper
2023-04-19 10:54 - 2020-04-21 11:38 - 000000000 ____D C:\Program Files\Adobe
2023-04-19 10:54 - 2020-04-16 23:48 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Adobe
2023-04-19 01:20 - 2023-02-14 22:26 - 000000000 ____D C:\Users\lisak\Downloads\Crusaders
2023-04-19 01:20 - 2020-04-21 11:38 - 000000000 ____D C:\ProgramData\Adobe
2023-04-19 01:20 - 2020-04-21 11:38 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-04-19 01:16 - 2022-09-15 09:22 - 000000000 ____D C:\Users\lisak\AppData\Roaming\com.adobe.dunamis
2023-04-19 01:16 - 2021-09-29 12:59 - 000000000 ____D C:\Users\lisak\Documents\Adobe
2023-04-19 01:15 - 2022-01-04 21:38 - 000000000 ____D C:\Users\Public\Documents\Adobe
2023-04-19 00:52 - 2020-04-21 11:38 - 000000000 ____D C:\Users\lisak\AppData\Local\Adobe
2023-04-18 22:42 - 2020-04-16 23:53 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-04-18 21:29 - 2020-04-21 11:38 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-04-18 19:59 - 2020-12-27 16:05 - 000000000 ____D C:\ProgramData\Apple Computer
2023-04-15 11:59 - 2020-05-07 16:37 - 000000000 ____D C:\Users\lisak\AppData\Roaming\Microsoft\Office
2023-04-15 11:32 - 2023-04-14 18:22 - 000472269 _____ C:\Users\lisak\Downloads\Helheim.pdf

==================== Files in the root of some directories ========

2020-12-30 20:35 - 2020-12-30 20:35 - 000000016 _____ () C:\Users\lisak\AppData\Roaming\obs-virtualcam.txt
2020-04-24 01:20 - 2023-03-08 15:47 - 000008227 _____ () C:\Users\lisak\AppData\Roaming\VoiceMeeterDefault.xml
2022-03-25 21:06 - 2022-03-25 21:07 - 000001480 _____ () C:\Users\lisak\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-10-04 00:55 - 2022-01-29 00:22 - 000007639 _____ () C:\Users\lisak\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by lisak (15-05-2023 17:44:07)
Running from C:\Users\lisak\OneDrive\Plocha
Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) (2022-10-27 08:25:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3731235652-646393183-1318076386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3731235652-646393183-1318076386-503 - Limited - Disabled)
Eve (S-1-5-21-3731235652-646393183-1318076386-1008 - Limited - Enabled) => C:\Users\Eve
Guest (S-1-5-21-3731235652-646393183-1318076386-501 - Limited - Disabled)
lisak (S-1-5-21-3731235652-646393183-1318076386-1001 - Administrator - Enabled) => C:\Users\lisak
WDAGUtilityAccount (S-1-5-21-3731235652-646393183-1318076386-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe After Effects 2023 (HKLM-x32\...\AEFT_23_1) (Version: 23.1 - Adobe Inc.)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated)
Adobe Media Encoder 2023 (HKLM-x32\...\AME_23_0_1) (Version: 23.0.1 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD Product Verification Tool version 1.0.6.0 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.6.0 - AMD)
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.22.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.36 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{8de7ed70-e784-45ea-951c-088ea579e49a}) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Audacity 3.2.5 (64bitový) (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team)
Balanced (HKLM-x32\...\{24819F88-1B0B-4808-9982-5DC9C4AC7FA6}) (Version: 5.00.0000 - Advanced Micro Devices, Inc.) Hidden
Balíček ovladače systému Windows - Canon U.S.A., Inc. (WUDFRd) Camera (10/08/2020 12.33.19.728) (HKLM\...\45FEB4F1B965D5CBFE7F81E714112E1F1ABDB5FF) (Version: 10/08/2020 12.33.19.728 - Canon U.S.A., Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\BitTorrent) (Version: 7.11.0.46673 - BitTorrent Inc.)
BitTorrent Web (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\btweb) (Version: 1.1.1 - BitTorrent, Inc.)
Blackmagic RAW Common Components (HKLM\...\{BF73F11D-8A70-438B-A357-38E1F1A62164}) (Version: 2.8 - Blackmagic Design)
CPUID CPU-Z MSI 2.03 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 2.03 - CPUID, Inc.)
CPUID HWMonitor 1.46 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.46 - CPUID, Inc.)
DaVinci Resolve (HKLM\...\{7A0D85EC-72B0-4060-943C-169B1EF74C62}) (Version: 18.1.40009 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7FA59352-9416-49BB-A98F-FDF3C95C8214}) (Version: 2.0.6.0 - Blackmagic Design)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-3731235652-646393183-1318076386-1008\...\Discord) (Version: 0.0.308 - Discord Inc.)
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
EOS Webcam Utility (HKLM\...\{8D5BC29A-769E-4EBE-8ECD-7DF1A02A0563}) (Version: 1.1.4 - Canon U.S.A., Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{79170B44-F4C8-4EFA-8B53-B654EA341DEB}) (Version: 2.0.30.0 - Epic Games, Inc.)
Express Courier Beta verze 0.5.4 (HKLM-x32\...\{56224C24-4579-4A63-80E2-18284A0990F7}_is1) (Version: 0.5.4 - Simopt, s.r.o.)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fronimo 3.0 (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Fronimo 3.0) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.93 - Google LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{98FA95F2-1EFE-447F-AEBD-9AC235A57624}) (Version: 10.3.0.340 - Kaspersky) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{98FA95F2-1EFE-447F-AEBD-9AC235A57624}) (Version: 10.3.0.340 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky)
Kontakt 6 PORTABLE (HKLM\...\{9380734D-6F66-4F76-A7D3-6D117FAA4773}_is1) (Version: 6.5.3 - Native Instruments)
Kontrola stavu osobního počítače s Windows (HKLM\...\{659D4AA6-69A7-4281-B320-90E7E2F21530}) (Version: 2.3.2106.25001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LuteScribe (HKLM-x32\...\{43EEEC5D-DD3F-4C6A-BB81-44B4BBD08721}) (Version: 1.2.2 - Orlando Lutes)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v2023.0.0) (Version: - Maxon Computer GmbH)
Maxon Cinema 4D 2023 (HKLM\...\Maxon Cinema 4D 2023) (Version: 2023 - Maxon)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Microsoft .NET Core Host - 2.0.9 (x64) (HKLM\...\{0B28A1DB-A543-45FB-8767-DF71EE5A9323}) (Version: 16.36.26615 - Microsoft Corporation) Hidden
Microsoft .NET Core Host - 3.1.8 (x64) (HKLM\...\{D375EE6D-18EF-4EC9-8260-555DEB0EE4EC}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 2.0.9 (x64) (HKLM\...\{5ABDD743-82EB-444C-913F-F2BC033AEAE6}) (Version: 16.36.26615 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.8 (x64) (HKLM\...\{907E0A78-B4DF-4E35-9878-FEE2F22B6852}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 2.0.9 (x64) (HKLM\...\{A75E492B-1D84-4E86-BDCA-077B4C536B6D}) (Version: 16.36.26615 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.8 (x64) (HKLM\...\{912B84A5-61CC-4308-B244-5C34C2C02899}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM\...\{0EC8A4AE-29FE-43B9-90C8-4D8D7D62393C}) (Version: 8.50.40411 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM-x32\...\{06b884b0-4947-4439-859f-098e431012d6}) (Version: 2.1.202 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Developer Pack (HKLM-x32\...\{ed7373e5-d579-4663-83e1-28d41ada77fe}) (Version: 4.6.1590 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.2 SDK (HKLM-x32\...\{5F01B3C4-9BEC-465D-9C68-BB97D381FFAD}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Targeting Pack (ENU) (HKLM-x32\...\{C80951BD-6904-474F-BBC5-03A6C777F37C}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Targeting Pack (HKLM-x32\...\{A18D4C2A-07A8-40E4-9797-DD324E6EA4FC}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 2.0.9 Runtime Package Store (x64) (HKLM\...\{88072DD5-CE0A-3AB3-A9DF-53031BFE8BA0}) (Version: 2.0.13103.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office 2019 pro studenty a domácnosti - cs-cz (HKLM\...\HomeStudent2019Retail - cs-cz) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.086.0423.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM\...\{F3871724-6A58-425C-8E4C-4A54935AA68F}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32\...\{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 112.0.1 (x64 cs)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0 - Mozilla)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0411.01 - MSI)
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.5.0.108 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.3.136 - Native Instruments)
NeverdieAudio Speachy (HKLM\...\NeverdieAudio Speachy_is1) (Version: 1.0 - NeverdieAudio)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 531.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.79 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.4 - OBS Project)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paradox Launcher v2 (HKLM\...\{8C5CF4CE-D589-40B4-A77F-01FD64602C50}) (Version: 2.4.0 - Paradox Interactive)
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.3.10.220926 - XPPen Technology)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.9 - Power Software Ltd)
ProjectSAM The Free Orchestra (HKLM-x32\...\ProjectSAM The Free Orchestra) (Version: 1.0.0.1 - ProjectSAM)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0531.052416 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.4.1201.2021 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
SideQuest 0.10.26 (HKLM\...\4924ec51-3e48-5cb7-b145-2119467094c7) (Version: 0.10.26 - Shane Harris)
SINE Player version 1.0.5.589 (HKLM\...\{F2C84AF9-7DD0-4126-8640-D9232FA29793}_is1) (Version: 1.0.5.589 - Orchestral Tools)
SoundBridge (64 bit) (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\{22BB2C21-AD40-4159-93C8-496ED8341B63}) (Version: 2.0.2 BETA - SoundBridge)
Soundtrack by Twitch (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372D0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Spitfire Audio version 3.3.23 (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.3.23 - Spitfire Audio Holdings Ltd)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
TP-Link TL-WN725N Driver (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 2.1.0 - TP-Link)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Wondershare NativePush_is1) (Version: - )
Yeelight Chroma Connector (HKLM\...\{14DF1D32-2946-44AE-BCE3-B9DDDFEC74E5}) (Version: 1.0.11 - Yeelight)
Zim Desktop Wiki (HKLM\...\404fbece-3a0a-4f4f-b1f1-82ce46af9696) (Version: - )
Zoom (HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-20] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa [2023-04-01] (Apple Inc.) [Startup Task]
Lexmark Printer Home -> C:\Program Files\WindowsApps\58539F3C.LexmarkPrinterHome_3.0.73.0_neutral__xyj5e99tmxdva [2020-05-01] (Lexmark International, Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-17] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-04] (Microsoft Corp.)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.14.0_x64__kzh8wxbdkxb8p [2023-05-11] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.14.0_x64__kzh8wxbdkxb8p [2023-05-11] (MICRO-STAR INTERNATIONAL CO., LTD)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.96.61291.0_x64__8wekyb3d8bbwe [2023-05-15] (Microsoft Corporation) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-05-04] (NVIDIA Corp.)
PowerOff Timer -> C:\Program Files\WindowsApps\7026LibertatiaNetwork.PowerOffTimer_1.1.8.0_neutral__gxq537y54331a [2023-02-27] (Devcoons)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2023-04-19] (Adobe Systems Incorporated)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0 [2023-04-27] (Spotify AB) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2023-05-14] (Bytedance Pte. Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3731235652-646393183-1318076386-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3731235652-646393183-1318076386-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-3731235652-646393183-1318076386-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3731235652-646393183-1318076386-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-02-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-03-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-02-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-02-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-03-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncShell64.dll [2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\nvshext.dll [2023-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-09-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-02-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-03-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-29] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-10-03 19:49 - 2020-10-03 19:49 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files\Oculus\Support\oculus-runtime;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime Alternative\QTSystem
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lisak\Downloads\25459-outer_space-night-planet-astronomical_object-astronomy-5120x1440.jpg
HKU\S-1-5-21-3731235652-646393183-1318076386-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\Eve\Pictures\wallpaperflare.com_wallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Facebook.MessengerDesktop"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "electron.app.Untapped.gg Companion"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "bt"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B18F57AF-024A-4D9D-AAE1-9E5BAA8F1DBD}E:\mára\overwatch\_retail_\overwatch.exe] => (Allow) E:\mára\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{411FDEFC-5559-45EE-A9AA-94FCE1886B97}E:\mára\overwatch\_retail_\overwatch.exe] => (Allow) E:\mára\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{68AF5F24-BF0C-4013-BA2F-593ECDC083B3}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{F85ACF71-1E0B-448D-A7FD-24CCFA51A866}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{6D9CBD7D-2EBB-42E5-936C-F599F6E66308}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{0BE98812-0FF8-4695-B08D-25B8FA062A3E}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{8C93B9B7-0BF0-4638-86EB-093131AF348A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{8A24ABDB-A81D-4A50-8ABE-87A76ACDB636}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{38C2A8E0-3269-46BC-A5B8-14A745463B10}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{D17ED8B4-9E9A-4F79-A006-096EC3AD0F70}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{7B510CEC-436D-415E-BDB2-60C18DE5A6E9}C:\users\lisak\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\lisak\appdata\local\programs\evernote\evernote.exe => No File
FirewallRules: [TCP Query User{E29A6144-BE81-453F-893E-BA14C00B0E81}C:\users\lisak\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\lisak\appdata\local\programs\evernote\evernote.exe => No File
FirewallRules: [{39626976-BBB9-4407-A976-32242419E766}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{B742334C-584C-4643-9256-0328BB0380D0}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{885BC7D3-3375-4F79-818A-5E7EB15B3E07}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [TCP Query User{639864C4-0A54-462E-812A-678257707D4B}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{2C0904DB-4CB0-44AA-82A6-59299CBE8C2B}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{7DC30C4B-9C27-4A39-8365-0F9B926E10A2}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{7774F681-EC9B-453E-A7E2-EA24E0837D6A}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{435E1549-F05E-470C-989D-6DBD48F86644}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{BF191AA8-0AD4-4562-AF4B-23D2EDA8109A}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{A8D72285-1067-48ED-A305-33D039B54556}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{E014F7FA-596D-4166-9421-3F15D351F6DD}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe => No File
FirewallRules: [{E809A1C3-3EA9-48E7-A774-D9B40AB9A923}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe => No File
FirewallRules: [{18245366-35BB-4B88-8122-A18093A41B3D}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus\MetroExodus.exe => No File
FirewallRules: [{3DB5ADC0-8D71-4147-958E-DD431B6F3390}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus\MetroExodus.exe => No File
FirewallRules: [{C43970C4-A924-4537-BB15-68C29F5617F5}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{CB23AAAA-FE8B-4EDC-BB04-F80D123046A8}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [UDP Query User{8D190438-F542-4AB2-91A9-DA283B90369A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0C166C9E-C759-47CD-B39D-F0347D3F7477}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{FC4595C6-94D7-4EDB-81D3-21629DEFAA50}F:\genshin impact game\genshinimpact.exe] => (Allow) F:\genshin impact game\genshinimpact.exe => No File
FirewallRules: [TCP Query User{58207D38-715A-4E52-A747-05E9C62142E9}F:\genshin impact game\genshinimpact.exe] => (Allow) F:\genshin impact game\genshinimpact.exe => No File
FirewallRules: [{0961C1D1-CA12-44C6-A71D-006DDED6BF55}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{D1061355-0739-4886-AEAF-55F0C2B34CCE}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{870BD67A-6540-4B28-BDB9-4F40C261C292}] => (Allow) E:\Mára\Steam\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [{C3F2525D-5759-4C33-B3DA-1F999A99B1B5}] => (Allow) E:\Mára\Steam\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [{A0EAE481-A41E-468E-A93E-3D16C5738B42}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{50785596-D6E3-49FB-B903-E43000A785CF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{F8634E39-894E-4444-8523-6A6BDFB2CA41}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1549D927-0F12-4304-A1CA-34781FDA01E8}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F236E1F5-C953-4E06-B3C8-842456FF743D}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{A2BEF8AE-ABFD-4AF6-B2CA-D781D99602F0}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{C87A2776-3987-4BF7-94E1-B3D62C4EE462}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6C4889D5-D15D-467F-9EA4-81BDC7F56855}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E24FB9FA-EDF2-4959-9D89-BC4F531FA747}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{9C47D655-BE0C-485D-9CF1-415A6F3DA81D}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{51437224-C7AD-4C44-AD05-5471D38370D8}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{05702ACD-8C76-4175-B170-9746E492137A}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{64B8862F-BCE0-4EAD-A94C-D547EEE8AFEC}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{0DA64469-6A91-4AEC-A1B6-D64B9A5CAFEC}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{1EAA5400-C9AC-4BF1-B816-AD12FEF25EA9}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{8D244E46-A225-4DF9-96F7-4631DD824025}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{A175C48B-77B2-4275-BA61-A3BC9A949E5A}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{49EDC39B-E2DC-4CC1-96FF-027F643CA885}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{7C89BA90-66D9-4A71-A53D-A478D2485332}] => (Allow) E:\Mára\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{6E1A9724-540C-4FC7-BD32-20B9683306B5}] => (Allow) E:\Mára\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{A54C444F-BB3E-40EE-ACA6-07587BE39D0F}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{11C457BB-8F2C-4460-949C-7AE2FC3E0FBD}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [UDP Query User{972D4ECD-82AD-4497-B0E3-0704D98DE505}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{1CB9F89F-7318-46C9-B6A0-58E4172C63B9}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{19247196-F7FA-4DD4-86A4-CD1B76766154}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{FA40798B-99C1-43BA-9BC6-05E62FE233BE}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{35B7524C-A1BF-416D-98C7-49EB1B683EF4}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{5DBB0D90-AF35-41F1-8EA6-2950280DBFEA}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{01E9C48C-B191-4FEE-9000-E0380669F221}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [TCP Query User{8BE9859E-0C3F-4BC6-8CCC-E9EBCAAD8654}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [{FE478A53-ECBC-4EF5-8314-3A950870B6FE}] => (Allow) F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{7B5DF61C-F9DD-49E4-8F82-D7BD0A2628AD}] => (Allow) F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{2B49F393-D391-49A3-BAAF-8193C5988705}] => (Allow) F:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{A69868F7-8F63-4A1F-8FA9-64DB0EF722A0}] => (Allow) F:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{ADEC760C-82A8-47E1-A9CC-B86235FC249D}] => (Allow) F:\SteamLibrary\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{9C58AEF6-E1AD-43F9-B698-023542393AAD}] => (Allow) F:\SteamLibrary\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{24131A71-7AA9-41E9-8E84-DA19839AE104}] => (Allow) F:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [{79B97B6C-24A0-4142-BB78-288B26197377}] => (Allow) F:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [UDP Query User{B10B2309-FEE2-4334-B237-FBE84D5C7CBA}C:\program files\yeelight\yeelight chroma connector\yeelight chroma connector.exe] => (Allow) C:\program files\yeelight\yeelight chroma connector\yeelight chroma connector.exe (Yeelink Information Technology Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{F23F08E5-0CDC-4DF4-8096-D7D19FA9E7F9}C:\program files\yeelight\yeelight chroma connector\yeelight chroma connector.exe] => (Allow) C:\program files\yeelight\yeelight chroma connector\yeelight chroma connector.exe (Yeelink Information Technology Co., Ltd.) [File not signed]
FirewallRules: [{CA934344-F674-488F-AE48-017B54F51B8A}] => (Allow) F:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{A8D16F78-5D22-463E-BC7B-1232B22F8A76}] => (Allow) F:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{0A747DFF-C49C-42D3-BB1B-DE4841C6A187}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{EF9919D2-D554-4F7A-A135-3CD4BC33A527}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{0726817C-38AB-4E6D-AC91-94DB4C57C114}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E1C15E05-ACE8-40C6-A6F7-EF8F3D56D785}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{905E0265-8296-4495-9B08-E0AD20ABEF5F}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe => No File
FirewallRules: [{B423CD49-69A6-473E-8526-94F9EBF598CE}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe => No File
FirewallRules: [{2BD2D527-33F6-42AE-96EC-B5587D35E53D}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe => No File
FirewallRules: [{D2B6CC0D-5EA8-401D-B12D-EC39075B9C37}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe => No File
FirewallRules: [UDP Query User{CCDCF473-7180-4D47-8ADC-3B850ADFD66A}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe] => (Allow) F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe => No File
FirewallRules: [TCP Query User{493A0268-5ADD-4791-A435-AF0E1B2B7EE2}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe] => (Allow) F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe => No File
FirewallRules: [UDP Query User{039CE335-AE9C-4A06-AADA-9A8BF63FF80B}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{B7894402-F504-4D1F-9F63-153519280EE0}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{4CA71BC9-B21F-4D45-9137-90FBBC35E0AB}] => (Allow) C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [{1E7176D8-D87F-4322-9AD1-1EB08DD92F44}] => (Allow) C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{D3FBA496-ED09-4865-AAB7-FE5194A674F9}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{5BD55FF5-2E4B-4F2B-A1CF-FDDE80F4CD83}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [{AEC93AA5-25CA-4B4B-86B7-A1FCFCA014A4}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD Projekt Red)
FirewallRules: [{0463EB4E-E35E-4184-9FB2-C7852348BF86}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD Projekt Red)
FirewallRules: [UDP Query User{B9D00014-9811-4607-8239-40BA3C840FBB}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{02BCFD34-B301-4A66-9ED0-289F27EE3884}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{35FDC254-63D2-4D2F-BCE8-C786DCAA516B}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{CC0E34D7-249B-49C4-AB72-C2B3614F267E}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{E90FCE44-67AB-42C8-9917-409F67FF77FB}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{B71CCFB0-0A22-4D7B-8418-41AFEE49FC34}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{99F9CF02-E472-433A-ADD1-76FD4B26ACD5}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{AD18EACB-1920-48FC-AE68-4812E6315BA5}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{A577E954-F11B-4C50-9ECD-EC9B074C3EB6}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{05D474A7-9903-4663-87D9-F260895B6CBC}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [{620F36E6-A166-421A-82DF-9568C381AFE8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{76A8B981-3E5C-40C4-A72B-DF3663339AA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{9B73569B-2673-4CDE-A977-293272AE65B5}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{5C679C0A-D60A-4CDE-8018-4C4E507C0E1B}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [{73E7F2D0-B3A4-4747-90F1-B310C2416F20}] => (Allow) C:\Users\lisak\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{720C13A0-9FA6-4BB2-ABF2-3736CF8FDB43}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [UDP Query User{C7C71A46-EB8C-4D98-A173-23952F03523D}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{8174560B-07DE-444A-A1BF-064EE4238E5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{57C7B0DD-2985-47B0-A104-1A1D7FBAA99A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{17C75B92-14DF-4714-B70A-5644830373D2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{15CE156B-7129-4D3E-A7D3-BC06C08A1DAE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{50A1987A-387F-416C-A14C-DF2263118AB6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0CA6F6A6-AF7E-41CD-A6E4-F27D4E160E9E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{51FB7431-0E84-4F9F-A01E-1B9106CCA587}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{BD0C40AD-2289-457A-8FE0-5A128316722E}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{B6E1BAE9-EDF1-4D65-B80B-238625A066F1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{E2F8EDE8-9013-4010-B1F4-626E84106FE1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{F23806F5-2547-4F0D-A955-881C59A968F3}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{60E99736-57B3-419E-A0A4-1DBF7F5E9D21}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{7A525C38-EE29-488E-A3D7-12EEE5EC4BBD}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{B8DB679F-A56D-43B4-A3C6-4FFE04312121}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{CAE03781-8EA0-4D08-B767-12B64EF65358}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{68B00215-639C-48EF-9AB7-4E5ECDC799F8}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{4209FA72-756C-43DD-8519-D0DFD6DCBEB1}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [UDP Query User{BE2103C7-3D2C-447C-A2F1-02624126FE23}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [TCP Query User{EADC1B64-987C-4EFA-A1D0-FDFCC5026E6C}C:\users\lisak\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\lisak\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [UDP Query User{4B609BDB-AC89-4394-BB61-768BAF798AC5}C:\users\lisak\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\lisak\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [TCP Query User{2A38F7B0-43F2-465F-A7C1-4D11813E6E6C}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe => No File
FirewallRules: [UDP Query User{DC581265-2DC9-445C-A5FF-3E347A865DC3}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe => No File
FirewallRules: [{3BE18E0D-F243-481C-9973-FAB4F02A740B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{4A5C00EA-DCB2-4F7D-8042-DFB99BBD90C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{12D8D622-C8F4-4575-9538-F70D19E41492}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{75129256-B0E0-4380-BE99-C1BCA0D43E19}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{9B94F4BB-A0EA-49D3-B3EE-6A727116A4B0}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{C79AC8B8-D7D0-477B-85F6-01F3F4A97D15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{8D479671-3F15-46D7-A4F9-1A9E104278EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{1864C484-444E-4F80-885D-296A3087A89B}] => (Allow) F:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{13164463-0233-46E7-91F5-78814AE32CE5}] => (Allow) F:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{7326A55F-3B77-4212-97FA-E87D93A4E52E}] => (Allow) F:\SteamLibrary\steamapps\common\AoE2DE\AoE2DE_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation)
FirewallRules: [{D907A191-2591-402A-AE2B-BE0BF922F1A0}] => (Allow) F:\SteamLibrary\steamapps\common\AoE2DE\AoE2DE_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation)
FirewallRules: [{3C4832C4-8335-4FF9-8649-D35BF33D405C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96ED206D-75DD-46C3-8964-141518C93CC1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9C7AC2A-DD8D-4E41-B3CC-E898A246FD13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{6BCDF877-32C1-48AE-ADEB-612808B66D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{40DDA231-103A-4923-AC41-7976E351AFC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{AEAB1273-E66A-4525-9D2A-8D0F0396C212}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3BB6EF1A-F856-4B18-8A8B-720FD78531B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{523E57CC-30B4-48CF-A766-AE1FA3E3FBD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BE32ED44-B1C1-48D6-82D5-743F51A60730}] => (Allow) F:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{DA1B4086-3A42-4C04-BA8F-BE474ABDACA6}] => (Allow) F:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{3237C5F8-AD53-4202-8E08-AD393FE79141}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{C298C091-D071-4544-B7BB-BE2EBBCAECC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{98652DF8-0EBA-4D80-9D95-B4456182BACC}] => (Allow) F:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{5D07F35F-D824-4F6B-9C16-D90EA020C0AF}] => (Allow) F:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{154A6067-8E23-4D6A-8527-C6162EDCD123}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{F1A75B4E-8261-44F7-8868-586CC7E12E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{0818BB70-F2A6-44A7-858F-AC49336952CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe => No File
FirewallRules: [{86A0CC70-AA66-45AF-8114-C40A99B660BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe => No File
FirewallRules: [{A48D668A-B551-4354-997F-368281A07B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe => No File
FirewallRules: [{341EF611-E330-4AF4-A1D7-4932AAC3C33A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe => No File
FirewallRules: [{8804189C-7B10-4F96-9066-29382CB5375F}] => (Allow) F:\SteamLibrary\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [File not signed]
FirewallRules: [{8434A73C-A4F7-44CA-A3F5-443B9AA93F4A}] => (Allow) F:\SteamLibrary\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [File not signed]
FirewallRules: [{188DAAFE-64EB-444A-9100-C4D665AB4620}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F86FD9D5-40A0-4C1E-80F5-B653DFC67836}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1BD01095-8E29-41D3-826D-70742FF4AE69}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F327F930-88BF-4F4B-8B58-2B375CE0BE83}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E3B05687-4675-4085-AD65-ED09FB0E6A3F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2A8209D6-2B13-4F67-BF42-9F4FCC16C214}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{9C833886-BE26-4FB1-86DF-1B7471A04BFD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{416C2221-B1A9-4A02-AA39-E2FB8D4CCDDF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{58E822DA-8E60-4588-80EE-1CA30E9C8017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{6117ECC1-2698-4363-A897-1E2791C219E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{D2D9FC9E-0FE1-4E94-B8E5-2771F1185A42}] => (Allow) C:\Users\lisak\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{DC0C76EE-9A0C-4FF7-B6F7-AE8527E51BC2}C:\users\lisak\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\lisak\appdata\roaming\bittorrent\updates\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{9B03015A-9448-4591-86EA-7241A8E0D060}C:\users\lisak\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\lisak\appdata\roaming\bittorrent\updates\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{A463A41D-AAD9-47F6-B993-8DD32F5B904D}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Block) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [UDP Query User{B9810AF8-8576-4C12-9B87-394EEDADDBC7}C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe] => (Block) C:\program files (x86)\blackmagic design\davinci control panels\setup utility\davinci control panels setup.exe (Blackmagic Design Pty Ltd -> Blackmagic Design)
FirewallRules: [{AC3655D6-4B7C-4F5A-9D7D-762B0719A266}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{77546761-10B9-4B8E-9B90-8271056B605E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{1048F2CC-CFC7-45F0-8E1C-E089877C8AB8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{293AE2D6-1C21-4CF1-8BE5-B4D856BC2CD1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7ABB25CF-DE4F-415D-995B-0F654EB79505}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{454ED7BF-71F2-4DE5-825B-2A9878FABC57}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{D327AC1B-D098-45D7-9320-473A3368687F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{E7B8B857-1084-4AF6-9E16-6A1BBA67DEA4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{4A52FE8D-CC43-4917-8AC6-9494736696CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe => No File
FirewallRules: [{F1D5DB75-7A8C-47C1-BD8B-96BCFCBE8409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe => No File
FirewallRules: [{29417C03-2D84-43EC-BA35-F9C68D1A43CB}] => (Allow) F:\SteamLibrary\steamapps\common\Wartales\Wartales.exe () [File not signed]
FirewallRules: [{9F24F58A-8E39-47E9-9B11-1E7DC0820C9F}] => (Allow) F:\SteamLibrary\steamapps\common\Wartales\Wartales.exe () [File not signed]
FirewallRules: [{6F93EB61-C4AA-47D0-A8E3-C16C38DBCA0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2BE7D678-161C-491C-852D-1B12EE12073D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2026913E-2B53-43B8-8928-E804EA3C9554}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{84293CBD-9925-4315-88B9-D70AFF9D7A8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{09630183-E7EB-4698-B5DF-B132CB580E39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{774277EF-DEB4-4C46-B70C-517B40E09CCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4ACAED06-10B2-4A18-80CE-773830F5D4A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2F734873-2BD2-4183-97F9-E1E58DFF2CC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{76D0011A-8AF6-4C27-85EB-84564FA9FA86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7FBE08BF-1E35-4320-9FC8-4BA94C1A4C43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{131DE304-4506-4892-9D61-75FB2E38580B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\Launcher\FuncomLauncher.exe (FUNCOM OSLO AS -> Funcom)
FirewallRules: [{9080BB88-242E-4A42-A4A4-153718E10D83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\Launcher\FuncomLauncher.exe (FUNCOM OSLO AS -> Funcom)
FirewallRules: [TCP Query User{8337836F-5421-4C69-A08C-51FE5FD40B65}C:\program files (x86)\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe (FUNCOM OSLO AS -> Funcom Oslo AS)
FirewallRules: [UDP Query User{E80B2ED7-BFB4-41D0-8A16-DB0764E09BE2}C:\program files (x86)\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe (FUNCOM OSLO AS -> Funcom Oslo AS)
FirewallRules: [{B0BCA36E-D15D-4B72-A8EA-B93919B351AA}] => (Allow) F:\SteamLibrary\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{29E70891-7D8D-4B69-8CAF-459C0FEB6BE9}] => (Allow) F:\SteamLibrary\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{66628DC8-FC26-4195-87BB-732BE4224C08}] => (Allow) LPort=32682
FirewallRules: [{FC896968-28C6-474E-BABA-5211A1599E73}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B4CA05DE-232E-4928-A39B-EF4A45637AD6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53166740-CBA2-483C-8208-C55FC09F3D0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FD114DE3-4D75-4E69-867A-05C14450B4CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9CE4668-F81C-423F-82D2-E619F4833F14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4A4EE3B-4222-4599-94E4-EF4255673C45}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA534A72-6479-4480-9FA2-1ED37694E158}] => (Allow) LPort=32683
FirewallRules: [{F093414D-8F6D-4D30-9F05-F6C38BDB66ED}] => (Allow) LPort=26822

==================== Restore Points =========================

09-05-2023 19:01:48 Instalační služba modulů systému Windows
11-05-2023 21:27:20 Instalováno Realtek Ethernet Controller Driver
15-05-2023 15:01:47 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: EOS Webcam Utility
Description: EOS Webcam Utility
Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}
Manufacturer: (Standard system devices)
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/15/2023 03:33:46 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\VOUSATíR$ přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 15 May 2023 13:33:46 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3cbf3e43-0d1e-4415-a9d0-dd462357d65c

Metoda: GET(328ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/15/2023 03:33:45 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 15 May 2023 13:33:45 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: daf66abb-255d-4a26-8365-0629a39e5f17

Metoda: GET(422ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/15/2023 03:33:38 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/15/2023 03:11:58 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: SecurityHealthService.exe, verze: 10.0.22621.1635, časové razítko: 0xc9cb2878
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.1485, časové razítko: 0xb7f0154a
Kód výjimky: 0xc0000374
Posun chyby: 0x000000000010be19
ID chybujícího procesu: 0x0x404c
Čas spuštění chybující aplikace: 0x0x1d9872ed4017eb2
Cesta k chybující aplikaci: C:\WINDOWS\system32\SecurityHealthService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 60363ee4-f2b5-44bd-843d-12afb0384739
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/15/2023 03:11:53 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\VOUSATíR$ přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 15 May 2023 13:11:52 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ed9885e0-5671-4e0b-bdf7-cdc3037665bd

Metoda: GET(313ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/15/2023 03:11:52 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 15 May 2023 13:11:52 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3e8fe0cf-1968-488c-ad52-c75b95008798

Metoda: GET(437ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/15/2023 03:11:44 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/15/2023 03:10:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (05/15/2023 04:40:19 PM) (Source: DCOM) (EventID: 10010) (User: VOUSATíR)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/15/2023 04:14:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (05/15/2023 04:14:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (05/15/2023 04:14:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/15/2023 04:14:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (05/15/2023 04:13:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Synapse Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Spustit nakonfigurovaný program pro obnovení.

Error: (05/15/2023 04:13:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Game Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/15/2023 04:13:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2023-04-18 22:46:32
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL; file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_C:\Users\lisak\AppData\Local\Temp\wsc7B16.tmp; file:_C:\Users\lisak\AppData\Local\Temp\wscA567.tmp; file:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL->(VFS:wscd2890.tmp); process:_pid:15444,ProcessStart:133263243654335130; regkey:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE\\cleaninethelper; runonce:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE\\cleaninethelper
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\SysWOW64\rundll32.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

Date: 2023-04-18 22:46:15
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL; file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_C:\Users\lisak\AppData\Local\Temp\wsc7B16.tmp; file:_C:\Users\lisak\AppData\Local\Temp\wscA567.tmp; file:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL->(VFS:wscd2890.tmp)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\SysWOW64\rundll32.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

Date: 2023-04-18 22:46:15
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_c:\users\lisak\appdata\local\temp\wsca567.tmp; process:_pid:1960,ProcessStart:133263243107219147; regkey:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN\\InetHelper; runkey:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN\\InetHelper; winlogonshell:_HKCU@S-1-5-21-3731235652-646393183-1318076386-1001\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\\SHELL:"C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe"
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: VOUSATíR\lisak
Název procesu: C:\Windows\SysWOW64\rundll32.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

Date: 2023-04-18 22:46:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL; file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_C:\Users\lisak\AppData\Local\Temp\wsc7B16.tmp; file:_C:\Users\lisak\AppData\Local\Temp\wscA567.tmp; file:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL->(VFS:wscd2890.tmp)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\SysWOW64\rundll32.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

Date: 2023-04-18 22:46:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL; file:_C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe; file:_C:\Users\lisak\AppData\Local\Temp\wsc7B16.tmp; file:_C:\Users\lisak\AppData\Local\Temp\wscA567.tmp; file:_C:\Users\lisak\Downloads\[FTUApps.com] - Adobe After Effects 2023 v23.2.1.3 (x64) Multilingual Pre-Activated\MSASN1.DLL->(VFS:wscd2890.tmp)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
Verze bezpečnostních informací: AV: 1.387.1473.0, AS: 1.387.1473.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.20200.4, NIS: 0.0.0.0

CodeIntegrity:
===============
Date: 2023-05-15 15:54:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2023-05-15 15:45:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 3.G0 04/27/2023
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK MAX (MS-7C02)
Processor: AMD Ryzen 7 3700X 8-Core Processor
Percentage of memory in use: 32%
Total physical RAM: 16309.52 MB
Available physical RAM: 10965.36 MB
Total Virtual: 35765.52 MB
Available Virtual: 28499.52 MB

==================== Drives ================================

Drive c: (SSD-OS) (Fixed) (Total:475.69 GB) (Free:25.73 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (SSD-SYSTEM) (Fixed) (Total:0.49 GB) (Free:0.45 GB) (Model: ST1000DM003-1ER162) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (2TB-DATA) (Fixed) (Total:1863 GB) (Free:1099.59 GB) (Model: ST2000DM008-2FR102) NTFS
Drive f: (1TB-STEAM) (Fixed) (Total:931.02 GB) (Free:538.54 GB) (Model: ST1000DM003-1ER162) NTFS

\\?\Volume{8ad2e326-c190-43df-99ec-c5c47a742df9}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{e03f0816-28d9-4ec0-a9a6-35a520475b96}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{e38f3e9e-b449-48a9-b17b-a4c7e6f79f51}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6CC01275)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Perotin píše: 15 kvě 2023 16:11 Každopádně říkám si, že tu neplechu musí dělat asi nějaký proces. Teď po tom scanu, kdy cleaner ukončil všechny aplikace, se ten zmiňovaný problém nevyskytl. Na PC jsem dlouho nic nedělal a skoro ho neslyším.

V tomto stavu jsem též spustil náročnější aplikaci (hru) a zde je výkon lepší zhruba tak o třetinu. Dříve mi to také nedělalo problémy, ale nyní ano. Tak těžko říct, který proces to dělá :/ . Trochu podezřívám MSI center.

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
FirewallRules: [UDP Query User{38C2A8E0-3269-46BC-A5B8-14A745463B10}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{D17ED8B4-9E9A-4F79-A006-096EC3AD0F70}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{7B510CEC-436D-415E-BDB2-60C18DE5A6E9}C:\users\lisak\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\lisak\appdata\local\programs\evernote\evernote.exe => No File
FirewallRules: [TCP Query User{E29A6144-BE81-453F-893E-BA14C00B0E81}C:\users\lisak\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\lisak\appdata\local\programs\evernote\evernote.exe => No File
FirewallRules: [{39626976-BBB9-4407-A976-32242419E766}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{B742334C-584C-4643-9256-0328BB0380D0}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{885BC7D3-3375-4F79-818A-5E7EB15B3E07}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [TCP Query User{639864C4-0A54-462E-812A-678257707D4B}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{2C0904DB-4CB0-44AA-82A6-59299CBE8C2B}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{7DC30C4B-9C27-4A39-8365-0F9B926E10A2}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{7774F681-EC9B-453E-A7E2-EA24E0837D6A}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{435E1549-F05E-470C-989D-6DBD48F86644}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{BF191AA8-0AD4-4562-AF4B-23D2EDA8109A}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{A8D72285-1067-48ED-A305-33D039B54556}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{E014F7FA-596D-4166-9421-3F15D351F6DD}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe => No File
FirewallRules: [{E809A1C3-3EA9-48E7-A774-D9B40AB9A923}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe => No File
FirewallRules: [{18245366-35BB-4B88-8122-A18093A41B3D}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus\MetroExodus.exe => No File
FirewallRules: [{3DB5ADC0-8D71-4147-958E-DD431B6F3390}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus\MetroExodus.exe => No File
FirewallRules: [{C43970C4-A924-4537-BB15-68C29F5617F5}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{CB23AAAA-FE8B-4EDC-BB04-F80D123046A8}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [UDP Query User{FC4595C6-94D7-4EDB-81D3-21629DEFAA50}F:\genshin impact game\genshinimpact.exe] => (Allow) F:\genshin impact game\genshinimpact.exe => No File
FirewallRules: [TCP Query User{58207D38-715A-4E52-A747-05E9C62142E9}F:\genshin impact game\genshinimpact.exe] => (Allow) F:\genshin impact game\genshinimpact.exe => No File
FirewallRules: [{0961C1D1-CA12-44C6-A71D-006DDED6BF55}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{D1061355-0739-4886-AEAF-55F0C2B34CCE}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{870BD67A-6540-4B28-BDB9-4F40C261C292}] => (Allow) E:\Mára\Steam\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [{C3F2525D-5759-4C33-B3DA-1F999A99B1B5}] => (Allow) E:\Mára\Steam\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [{A0EAE481-A41E-468E-A93E-3D16C5738B42}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{50785596-D6E3-49FB-B903-E43000A785CF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{F8634E39-894E-4444-8523-6A6BDFB2CA41}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1549D927-0F12-4304-A1CA-34781FDA01E8}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F236E1F5-C953-4E06-B3C8-842456FF743D}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{A2BEF8AE-ABFD-4AF6-B2CA-D781D99602F0}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{C87A2776-3987-4BF7-94E1-B3D62C4EE462}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6C4889D5-D15D-467F-9EA4-81BDC7F56855}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E24FB9FA-EDF2-4959-9D89-BC4F531FA747}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{9C47D655-BE0C-485D-9CF1-415A6F3DA81D}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{51437224-C7AD-4C44-AD05-5471D38370D8}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{05702ACD-8C76-4175-B170-9746E492137A}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{64B8862F-BCE0-4EAD-A94C-D547EEE8AFEC}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{0DA64469-6A91-4AEC-A1B6-D64B9A5CAFEC}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{1EAA5400-C9AC-4BF1-B816-AD12FEF25EA9}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{8D244E46-A225-4DF9-96F7-4631DD824025}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{A175C48B-77B2-4275-BA61-A3BC9A949E5A}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{49EDC39B-E2DC-4CC1-96FF-027F643CA885}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{7C89BA90-66D9-4A71-A53D-A478D2485332}] => (Allow) E:\Mára\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{6E1A9724-540C-4FC7-BD32-20B9683306B5}] => (Allow) E:\Mára\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{A54C444F-BB3E-40EE-ACA6-07587BE39D0F}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{11C457BB-8F2C-4460-949C-7AE2FC3E0FBD}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [UDP Query User{972D4ECD-82AD-4497-B0E3-0704D98DE505}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{1CB9F89F-7318-46C9-B6A0-58E4172C63B9}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{19247196-F7FA-4DD4-86A4-CD1B76766154}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{FA40798B-99C1-43BA-9BC6-05E62FE233BE}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{35B7524C-A1BF-416D-98C7-49EB1B683EF4}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{5DBB0D90-AF35-41F1-8EA6-2950280DBFEA}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{01E9C48C-B191-4FEE-9000-E0380669F221}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [TCP Query User{8BE9859E-0C3F-4BC6-8CCC-E9EBCAAD8654}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [{FE478A53-ECBC-4EF5-8314-3A950870B6FE}] => (Allow) F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{7B5DF61C-F9DD-49E4-8F82-D7BD0A2628AD}] => (Allow) F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{2B49F393-D391-49A3-BAAF-8193C5988705}] => (Allow) F:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{A69868F7-8F63-4A1F-8FA9-64DB0EF722A0}] => (Allow) F:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{ADEC760C-82A8-47E1-A9CC-B86235FC249D}] => (Allow) F:\SteamLibrary\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{9C58AEF6-E1AD-43F9-B698-023542393AAD}] => (Allow) F:\SteamLibrary\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{24131A71-7AA9-41E9-8E84-DA19839AE104}] => (Allow) F:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [{79B97B6C-24A0-4142-BB78-288B26197377}] => (Allow) F:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [{CA934344-F674-488F-AE48-017B54F51B8A}] => (Allow) F:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{A8D16F78-5D22-463E-BC7B-1232B22F8A76}] => (Allow) F:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{0A747DFF-C49C-42D3-BB1B-DE4841C6A187}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{EF9919D2-D554-4F7A-A135-3CD4BC33A527}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{0726817C-38AB-4E6D-AC91-94DB4C57C114}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E1C15E05-ACE8-40C6-A6F7-EF8F3D56D785}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{905E0265-8296-4495-9B08-E0AD20ABEF5F}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe => No File
FirewallRules: [{B423CD49-69A6-473E-8526-94F9EBF598CE}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe => No File
FirewallRules: [{2BD2D527-33F6-42AE-96EC-B5587D35E53D}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe => No File
FirewallRules: [{D2B6CC0D-5EA8-401D-B12D-EC39075B9C37}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe => No File
FirewallRules: [UDP Query User{CCDCF473-7180-4D47-8ADC-3B850ADFD66A}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe] => (Allow) F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe => No File
FirewallRules: [TCP Query User{493A0268-5ADD-4791-A435-AF0E1B2B7EE2}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe] => (Allow) F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe => No File
FirewallRules: [UDP Query User{039CE335-AE9C-4A06-AADA-9A8BF63FF80B}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{B7894402-F504-4D1F-9F63-153519280EE0}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{D3FBA496-ED09-4865-AAB7-FE5194A674F9}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{5BD55FF5-2E4B-4F2B-A1CF-FDDE80F4CD83}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B9D00014-9811-4607-8239-40BA3C840FBB}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{02BCFD34-B301-4A66-9ED0-289F27EE3884}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{35FDC254-63D2-4D2F-BCE8-C786DCAA516B}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{CC0E34D7-249B-49C4-AB72-C2B3614F267E}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{E90FCE44-67AB-42C8-9917-409F67FF77FB}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{B71CCFB0-0A22-4D7B-8418-41AFEE49FC34}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{9B73569B-2673-4CDE-A977-293272AE65B5}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{5C679C0A-D60A-4CDE-8018-4C4E507C0E1B}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{51FB7431-0E84-4F9F-A01E-1B9106CCA587}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{BD0C40AD-2289-457A-8FE0-5A128316722E}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{B6E1BAE9-EDF1-4D65-B80B-238625A066F1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{E2F8EDE8-9013-4010-B1F4-626E84106FE1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{7A525C38-EE29-488E-A3D7-12EEE5EC4BBD}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{B8DB679F-A56D-43B4-A3C6-4FFE04312121}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{CAE03781-8EA0-4D08-B767-12B64EF65358}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{68B00215-639C-48EF-9AB7-4E5ECDC799F8}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{4209FA72-756C-43DD-8519-D0DFD6DCBEB1}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [UDP Query User{BE2103C7-3D2C-447C-A2F1-02624126FE23}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [TCP Query User{EADC1B64-987C-4EFA-A1D0-FDFCC5026E6C}C:\users\lisak\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\lisak\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [UDP Query User{4B609BDB-AC89-4394-BB61-768BAF798AC5}C:\users\lisak\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\lisak\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [TCP Query User{2A38F7B0-43F2-465F-A7C1-4D11813E6E6C}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe => No File
FirewallRules: [UDP Query User{DC581265-2DC9-445C-A5FF-3E347A865DC3}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe => No File
FirewallRules: [{3BE18E0D-F243-481C-9973-FAB4F02A740B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{4A5C00EA-DCB2-4F7D-8042-DFB99BBD90C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{9B94F4BB-A0EA-49D3-B3EE-6A727116A4B0}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{C79AC8B8-D7D0-477B-85F6-01F3F4A97D15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{8D479671-3F15-46D7-A4F9-1A9E104278EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{B9C7AC2A-DD8D-4E41-B3CC-E898A246FD13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{6BCDF877-32C1-48AE-ADEB-612808B66D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{98652DF8-0EBA-4D80-9D95-B4456182BACC}] => (Allow) F:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{5D07F35F-D824-4F6B-9C16-D90EA020C0AF}] => (Allow) F:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{154A6067-8E23-4D6A-8527-C6162EDCD123}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{F1A75B4E-8261-44F7-8868-586CC7E12E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{0818BB70-F2A6-44A7-858F-AC49336952CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe => No File
FirewallRules: [{86A0CC70-AA66-45AF-8114-C40A99B660BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe => No File
FirewallRules: [{A48D668A-B551-4354-997F-368281A07B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe => No File
FirewallRules: [{341EF611-E330-4AF4-A1D7-4932AAC3C33A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe => No File
FirewallRules: [{58E822DA-8E60-4588-80EE-1CA30E9C8017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{6117ECC1-2698-4363-A897-1E2791C219E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{D327AC1B-D098-45D7-9320-473A3368687F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{4A52FE8D-CC43-4917-8AC6-9494736696CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe => No File
FirewallRules: [{F1D5DB75-7A8C-47C1-BD8B-96BCFCBE8409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe => No File
C:\Users\lisak\Downloads\[FTUApps.com]
C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [BitTorrent] => C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe [2677928 2023-01-30] (BitTorrent Inc -> BitTorrent Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [electron.app.Untapped.gg Companion] => C:\Users\lisak\AppData\Local\Programs\untapped-companion\Untapped.gg Companion.exe --autostart (No File)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5067224 2023-05-09] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {0BAD41A4-2DF9-41C2-A83B-689A7F2D171B} - System32\Tasks\GoogleUpdateTaskMachineGDU => C:\WINDOWS\SysWOW64\XPSViewer\TasksG\G-1-52-53\TG_1.3.34.62.exe-in 312d354046abf7fa749f62a857e4c6e8 726a58a6f896e83a7f2dd409310d98f2 -in 312d354046abf7fa749f62a857e4c6e8 726a58a6f896e83a7f2dd409310d98f2 (Access Denied) <==== ATTENTION
Task: {CD9B37BE-92EB-43D4-ABB6-D02D1DDAA327} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-17] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exeѡ/i C:\Users\lisak\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe SETUPEXEDIR=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=E:\ AI_PREREQFILES=C:\Users\lisak\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64_14_29_30135.exe AI_PREREQDIRS=C:\Users\lisak\AppData\Roaming AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x64 AI_SETUPEXEPATH=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe SETUPEXEDIR=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2022-01-27T09:42:19.0008433Z TARGETLOCKED=TRUE TARGETDIR=E:\ APPDIR=C:\Program Files\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-01-11] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-01-11] <==== ATTENTION
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte do C:\Users\lisak\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by lisak (15-05-2023 18:16:30) Run:2
Running from C:\Users\lisak\OneDrive\Plocha
Loaded Profiles: lisak & Eve
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [UDP Query User{38C2A8E0-3269-46BC-A5B8-14A745463B10}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{D17ED8B4-9E9A-4F79-A006-096EC3AD0F70}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{7B510CEC-436D-415E-BDB2-60C18DE5A6E9}C:\users\lisak\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\lisak\appdata\local\programs\evernote\evernote.exe => No File
FirewallRules: [TCP Query User{E29A6144-BE81-453F-893E-BA14C00B0E81}C:\users\lisak\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\lisak\appdata\local\programs\evernote\evernote.exe => No File
FirewallRules: [{39626976-BBB9-4407-A976-32242419E766}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{B742334C-584C-4643-9256-0328BB0380D0}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{885BC7D3-3375-4F79-818A-5E7EB15B3E07}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [TCP Query User{639864C4-0A54-462E-812A-678257707D4B}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{2C0904DB-4CB0-44AA-82A6-59299CBE8C2B}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{7DC30C4B-9C27-4A39-8365-0F9B926E10A2}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{7774F681-EC9B-453E-A7E2-EA24E0837D6A}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{435E1549-F05E-470C-989D-6DBD48F86644}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{BF191AA8-0AD4-4562-AF4B-23D2EDA8109A}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{A8D72285-1067-48ED-A305-33D039B54556}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{E014F7FA-596D-4166-9421-3F15D351F6DD}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe => No File
FirewallRules: [{E809A1C3-3EA9-48E7-A774-D9B40AB9A923}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe => No File
FirewallRules: [{18245366-35BB-4B88-8122-A18093A41B3D}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus\MetroExodus.exe => No File
FirewallRules: [{3DB5ADC0-8D71-4147-958E-DD431B6F3390}] => (Allow) E:\Mára\Steam\steamapps\common\Metro Exodus\MetroExodus.exe => No File
FirewallRules: [{C43970C4-A924-4537-BB15-68C29F5617F5}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{CB23AAAA-FE8B-4EDC-BB04-F80D123046A8}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [UDP Query User{FC4595C6-94D7-4EDB-81D3-21629DEFAA50}F:\genshin impact game\genshinimpact.exe] => (Allow) F:\genshin impact game\genshinimpact.exe => No File
FirewallRules: [TCP Query User{58207D38-715A-4E52-A747-05E9C62142E9}F:\genshin impact game\genshinimpact.exe] => (Allow) F:\genshin impact game\genshinimpact.exe => No File
FirewallRules: [{0961C1D1-CA12-44C6-A71D-006DDED6BF55}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{D1061355-0739-4886-AEAF-55F0C2B34CCE}] => (Allow) F:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{870BD67A-6540-4B28-BDB9-4F40C261C292}] => (Allow) E:\Mára\Steam\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [{C3F2525D-5759-4C33-B3DA-1F999A99B1B5}] => (Allow) E:\Mára\Steam\steamapps\common\Hollow Knight\hollow_knight.exe => No File
FirewallRules: [{A0EAE481-A41E-468E-A93E-3D16C5738B42}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{50785596-D6E3-49FB-B903-E43000A785CF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{F8634E39-894E-4444-8523-6A6BDFB2CA41}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1549D927-0F12-4304-A1CA-34781FDA01E8}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F236E1F5-C953-4E06-B3C8-842456FF743D}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{A2BEF8AE-ABFD-4AF6-B2CA-D781D99602F0}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{C87A2776-3987-4BF7-94E1-B3D62C4EE462}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6C4889D5-D15D-467F-9EA4-81BDC7F56855}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E24FB9FA-EDF2-4959-9D89-BC4F531FA747}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{9C47D655-BE0C-485D-9CF1-415A6F3DA81D}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{51437224-C7AD-4C44-AD05-5471D38370D8}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{05702ACD-8C76-4175-B170-9746E492137A}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{64B8862F-BCE0-4EAD-A94C-D547EEE8AFEC}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{0DA64469-6A91-4AEC-A1B6-D64B9A5CAFEC}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{1EAA5400-C9AC-4BF1-B816-AD12FEF25EA9}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{8D244E46-A225-4DF9-96F7-4631DD824025}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{A175C48B-77B2-4275-BA61-A3BC9A949E5A}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{49EDC39B-E2DC-4CC1-96FF-027F643CA885}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{7C89BA90-66D9-4A71-A53D-A478D2485332}] => (Allow) E:\Mára\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{6E1A9724-540C-4FC7-BD32-20B9683306B5}] => (Allow) E:\Mára\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{A54C444F-BB3E-40EE-ACA6-07587BE39D0F}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{11C457BB-8F2C-4460-949C-7AE2FC3E0FBD}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [UDP Query User{972D4ECD-82AD-4497-B0E3-0704D98DE505}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{1CB9F89F-7318-46C9-B6A0-58E4172C63B9}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{19247196-F7FA-4DD4-86A4-CD1B76766154}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{FA40798B-99C1-43BA-9BC6-05E62FE233BE}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{35B7524C-A1BF-416D-98C7-49EB1B683EF4}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{5DBB0D90-AF35-41F1-8EA6-2950280DBFEA}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{01E9C48C-B191-4FEE-9000-E0380669F221}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [TCP Query User{8BE9859E-0C3F-4BC6-8CCC-E9EBCAAD8654}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe => No File
FirewallRules: [{FE478A53-ECBC-4EF5-8314-3A950870B6FE}] => (Allow) F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{7B5DF61C-F9DD-49E4-8F82-D7BD0A2628AD}] => (Allow) F:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{2B49F393-D391-49A3-BAAF-8193C5988705}] => (Allow) F:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{A69868F7-8F63-4A1F-8FA9-64DB0EF722A0}] => (Allow) F:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{ADEC760C-82A8-47E1-A9CC-B86235FC249D}] => (Allow) F:\SteamLibrary\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{9C58AEF6-E1AD-43F9-B698-023542393AAD}] => (Allow) F:\SteamLibrary\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{24131A71-7AA9-41E9-8E84-DA19839AE104}] => (Allow) F:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [{79B97B6C-24A0-4142-BB78-288B26197377}] => (Allow) F:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [{CA934344-F674-488F-AE48-017B54F51B8A}] => (Allow) F:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{A8D16F78-5D22-463E-BC7B-1232B22F8A76}] => (Allow) F:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{0A747DFF-C49C-42D3-BB1B-DE4841C6A187}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{EF9919D2-D554-4F7A-A135-3CD4BC33A527}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{0726817C-38AB-4E6D-AC91-94DB4C57C114}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E1C15E05-ACE8-40C6-A6F7-EF8F3D56D785}] => (Allow) F:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{905E0265-8296-4495-9B08-E0AD20ABEF5F}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe => No File
FirewallRules: [{B423CD49-69A6-473E-8526-94F9EBF598CE}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe => No File
FirewallRules: [{2BD2D527-33F6-42AE-96EC-B5587D35E53D}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe => No File
FirewallRules: [{D2B6CC0D-5EA8-401D-B12D-EC39075B9C37}] => (Allow) F:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe => No File
FirewallRules: [UDP Query User{CCDCF473-7180-4D47-8ADC-3B850ADFD66A}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe] => (Allow) F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe => No File
FirewallRules: [TCP Query User{493A0268-5ADD-4791-A435-AF0E1B2B7EE2}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe] => (Allow) F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe => No File
FirewallRules: [UDP Query User{039CE335-AE9C-4A06-AADA-9A8BF63FF80B}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{B7894402-F504-4D1F-9F63-153519280EE0}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{D3FBA496-ED09-4865-AAB7-FE5194A674F9}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{5BD55FF5-2E4B-4F2B-A1CF-FDDE80F4CD83}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B9D00014-9811-4607-8239-40BA3C840FBB}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{02BCFD34-B301-4A66-9ED0-289F27EE3884}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{35FDC254-63D2-4D2F-BCE8-C786DCAA516B}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{CC0E34D7-249B-49C4-AB72-C2B3614F267E}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{E90FCE44-67AB-42C8-9917-409F67FF77FB}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{B71CCFB0-0A22-4D7B-8418-41AFEE49FC34}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{9B73569B-2673-4CDE-A977-293272AE65B5}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{5C679C0A-D60A-4CDE-8018-4C4E507C0E1B}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{51FB7431-0E84-4F9F-A01E-1B9106CCA587}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{BD0C40AD-2289-457A-8FE0-5A128316722E}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{B6E1BAE9-EDF1-4D65-B80B-238625A066F1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{E2F8EDE8-9013-4010-B1F4-626E84106FE1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{7A525C38-EE29-488E-A3D7-12EEE5EC4BBD}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{B8DB679F-A56D-43B4-A3C6-4FFE04312121}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{CAE03781-8EA0-4D08-B767-12B64EF65358}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{68B00215-639C-48EF-9AB7-4E5ECDC799F8}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{4209FA72-756C-43DD-8519-D0DFD6DCBEB1}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [UDP Query User{BE2103C7-3D2C-447C-A2F1-02624126FE23}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [TCP Query User{EADC1B64-987C-4EFA-A1D0-FDFCC5026E6C}C:\users\lisak\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\lisak\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [UDP Query User{4B609BDB-AC89-4394-BB61-768BAF798AC5}C:\users\lisak\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\lisak\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [TCP Query User{2A38F7B0-43F2-465F-A7C1-4D11813E6E6C}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe => No File
FirewallRules: [UDP Query User{DC581265-2DC9-445C-A5FF-3E347A865DC3}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe] => (Allow) E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe => No File
FirewallRules: [{3BE18E0D-F243-481C-9973-FAB4F02A740B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{4A5C00EA-DCB2-4F7D-8042-DFB99BBD90C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{9B94F4BB-A0EA-49D3-B3EE-6A727116A4B0}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [{C79AC8B8-D7D0-477B-85F6-01F3F4A97D15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{8D479671-3F15-46D7-A4F9-1A9E104278EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File
FirewallRules: [{B9C7AC2A-DD8D-4E41-B3CC-E898A246FD13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{6BCDF877-32C1-48AE-ADEB-612808B66D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{98652DF8-0EBA-4D80-9D95-B4456182BACC}] => (Allow) F:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{5D07F35F-D824-4F6B-9C16-D90EA020C0AF}] => (Allow) F:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{154A6067-8E23-4D6A-8527-C6162EDCD123}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{F1A75B4E-8261-44F7-8868-586CC7E12E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{0818BB70-F2A6-44A7-858F-AC49336952CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe => No File
FirewallRules: [{86A0CC70-AA66-45AF-8114-C40A99B660BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe => No File
FirewallRules: [{A48D668A-B551-4354-997F-368281A07B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe => No File
FirewallRules: [{341EF611-E330-4AF4-A1D7-4932AAC3C33A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe => No File
FirewallRules: [{58E822DA-8E60-4588-80EE-1CA30E9C8017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{6117ECC1-2698-4363-A897-1E2791C219E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe => No File
FirewallRules: [{D327AC1B-D098-45D7-9320-473A3368687F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{4A52FE8D-CC43-4917-8AC6-9494736696CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe => No File
FirewallRules: [{F1D5DB75-7A8C-47C1-BD8B-96BCFCBE8409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe => No File
C:\Users\lisak\Downloads\[FTUApps.com]
C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [BitTorrent] => C:\Users\lisak\AppData\Roaming\BitTorrent\BitTorrent.exe [2677928 2023-01-30] (BitTorrent Inc -> BitTorrent Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Run: [electron.app.Untapped.gg Companion] => C:\Users\lisak\AppData\Local\Programs\untapped-companion\Untapped.gg Companion.exe --autostart (No File)
HKU\S-1-5-21-3731235652-646393183-1318076386-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5067224 2023-05-09] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {0BAD41A4-2DF9-41C2-A83B-689A7F2D171B} - System32\Tasks\GoogleUpdateTaskMachineGDU => C:\WINDOWS\SysWOW64\XPSViewer\TasksG\G-1-52-53\TG_1.3.34.62.exe-in 312d354046abf7fa749f62a857e4c6e8 726a58a6f896e83a7f2dd409310d98f2 -in 312d354046abf7fa749f62a857e4c6e8 726a58a6f896e83a7f2dd409310d98f2 (Access Denied) <==== ATTENTION
Task: {CD9B37BE-92EB-43D4-ABB6-D02D1DDAA327} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-17] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exeѡ/i C:\Users\lisak\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe SETUPEXEDIR=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=E:\ AI_PREREQFILES=C:\Users\lisak\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64_14_29_30135.exe AI_PREREQDIRS=C:\Users\lisak\AppData\Roaming AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x64 AI_SETUPEXEPATH=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe SETUPEXEDIR=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2022-01-27T09:42:19.0008433Z TARGETLOCKED=TRUE TARGETDIR=E:\ APPDIR=C:\Program Files\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-01-11] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-01-11] <==== ATTENTION
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{38C2A8E0-3269-46BC-A5B8-14A745463B10}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D17ED8B4-9E9A-4F79-A006-096EC3AD0F70}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7B510CEC-436D-415E-BDB2-60C18DE5A6E9}C:\users\lisak\appdata\local\programs\evernote\evernote.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E29A6144-BE81-453F-893E-BA14C00B0E81}C:\users\lisak\appdata\local\programs\evernote\evernote.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{39626976-BBB9-4407-A976-32242419E766}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B742334C-584C-4643-9256-0328BB0380D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{885BC7D3-3375-4F79-818A-5E7EB15B3E07}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{639864C4-0A54-462E-812A-678257707D4B}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2C0904DB-4CB0-44AA-82A6-59299CBE8C2B}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7DC30C4B-9C27-4A39-8365-0F9B926E10A2}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7774F681-EC9B-453E-A7E2-EA24E0837D6A}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{435E1549-F05E-470C-989D-6DBD48F86644}C:\users\lisak\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BF191AA8-0AD4-4562-AF4B-23D2EDA8109A}C:\program files\rockstar games\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A8D72285-1067-48ED-A305-33D039B54556}C:\program files\rockstar games\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E014F7FA-596D-4166-9421-3F15D351F6DD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E809A1C3-3EA9-48E7-A774-D9B40AB9A923}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18245366-35BB-4B88-8122-A18093A41B3D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3DB5ADC0-8D71-4147-958E-DD431B6F3390}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C43970C4-A924-4537-BB15-68C29F5617F5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB23AAAA-FE8B-4EDC-BB04-F80D123046A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FC4595C6-94D7-4EDB-81D3-21629DEFAA50}F:\genshin impact game\genshinimpact.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{58207D38-715A-4E52-A747-05E9C62142E9}F:\genshin impact game\genshinimpact.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0961C1D1-CA12-44C6-A71D-006DDED6BF55}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D1061355-0739-4886-AEAF-55F0C2B34CCE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{870BD67A-6540-4B28-BDB9-4F40C261C292}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3F2525D-5759-4C33-B3DA-1F999A99B1B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0EAE481-A41E-468E-A93E-3D16C5738B42}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50785596-D6E3-49FB-B903-E43000A785CF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8634E39-894E-4444-8523-6A6BDFB2CA41}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1549D927-0F12-4304-A1CA-34781FDA01E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F236E1F5-C953-4E06-B3C8-842456FF743D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2BEF8AE-ABFD-4AF6-B2CA-D781D99602F0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C87A2776-3987-4BF7-94E1-B3D62C4EE462}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C4889D5-D15D-467F-9EA4-81BDC7F56855}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E24FB9FA-EDF2-4959-9D89-BC4F531FA747}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C47D655-BE0C-485D-9CF1-415A6F3DA81D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51437224-C7AD-4C44-AD05-5471D38370D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{05702ACD-8C76-4175-B170-9746E492137A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64B8862F-BCE0-4EAD-A94C-D547EEE8AFEC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0DA64469-6A91-4AEC-A1B6-D64B9A5CAFEC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1EAA5400-C9AC-4BF1-B816-AD12FEF25EA9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D244E46-A225-4DF9-96F7-4631DD824025}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A175C48B-77B2-4275-BA61-A3BC9A949E5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{49EDC39B-E2DC-4CC1-96FF-027F643CA885}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C89BA90-66D9-4A71-A53D-A478D2485332}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E1A9724-540C-4FC7-BD32-20B9683306B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A54C444F-BB3E-40EE-ACA6-07587BE39D0F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11C457BB-8F2C-4460-949C-7AE2FC3E0FBD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{972D4ECD-82AD-4497-B0E3-0704D98DE505}C:\program files\rockstar games\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1CB9F89F-7318-46C9-B6A0-58E4172C63B9}C:\program files\rockstar games\grand theft auto v\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{19247196-F7FA-4DD4-86A4-CD1B76766154}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FA40798B-99C1-43BA-9BC6-05E62FE233BE}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{35B7524C-A1BF-416D-98C7-49EB1B683EF4}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5DBB0D90-AF35-41F1-8EA6-2950280DBFEA}C:\users\lisak\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{01E9C48C-B191-4FEE-9000-E0380669F221}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8BE9859E-0C3F-4BC6-8CCC-E9EBCAAD8654}F:\steamlibrary\steamapps\common\total war rome ii\rome2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE478A53-ECBC-4EF5-8314-3A950870B6FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B5DF61C-F9DD-49E4-8F82-D7BD0A2628AD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B49F393-D391-49A3-BAAF-8193C5988705}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A69868F7-8F63-4A1F-8FA9-64DB0EF722A0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ADEC760C-82A8-47E1-A9CC-B86235FC249D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C58AEF6-E1AD-43F9-B698-023542393AAD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24131A71-7AA9-41E9-8E84-DA19839AE104}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{79B97B6C-24A0-4142-BB78-288B26197377}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA934344-F674-488F-AE48-017B54F51B8A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A8D16F78-5D22-463E-BC7B-1232B22F8A76}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A747DFF-C49C-42D3-BB1B-DE4841C6A187}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF9919D2-D554-4F7A-A135-3CD4BC33A527}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0726817C-38AB-4E6D-AC91-94DB4C57C114}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1C15E05-ACE8-40C6-A6F7-EF8F3D56D785}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{905E0265-8296-4495-9B08-E0AD20ABEF5F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B423CD49-69A6-473E-8526-94F9EBF598CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2BD2D527-33F6-42AE-96EC-B5587D35E53D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D2B6CC0D-5EA8-401D-B12D-EC39075B9C37}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CCDCF473-7180-4D47-8ADC-3B850ADFD66A}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{493A0268-5ADD-4791-A435-AF0E1B2B7EE2}F:\steamlibrary\steamapps\common\miscreated\bin64\miscreated.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{039CE335-AE9C-4A06-AADA-9A8BF63FF80B}C:\program files (x86)\diablo iii\x64\diablo iii64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B7894402-F504-4D1F-9F63-153519280EE0}C:\program files (x86)\diablo iii\x64\diablo iii64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D3FBA496-ED09-4865-AAB7-FE5194A674F9}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5BD55FF5-2E4B-4F2B-A1CF-FDDE80F4CD83}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9D00014-9811-4607-8239-40BA3C840FBB}C:\program files (x86)\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{02BCFD34-B301-4A66-9ED0-289F27EE3884}C:\program files (x86)\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{35FDC254-63D2-4D2F-BCE8-C786DCAA516B}C:\program files\wizards of the coast\mtga\mtga.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CC0E34D7-249B-49C4-AB72-C2B3614F267E}C:\program files\wizards of the coast\mtga\mtga.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E90FCE44-67AB-42C8-9917-409F67FF77FB}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B71CCFB0-0A22-4D7B-8418-41AFEE49FC34}F:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9B73569B-2673-4CDE-A977-293272AE65B5}C:\program files (x86)\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C679C0A-D60A-4CDE-8018-4C4E507C0E1B}C:\program files (x86)\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{51FB7431-0E84-4F9F-A01E-1B9106CCA587}C:\program files (x86)\diablo iii\x64\diablo iii64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BD0C40AD-2289-457A-8FE0-5A128316722E}C:\program files (x86)\diablo iii\x64\diablo iii64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B6E1BAE9-EDF1-4D65-B80B-238625A066F1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E2F8EDE8-9013-4010-B1F4-626E84106FE1}C:\program files (x86)\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7A525C38-EE29-488E-A3D7-12EEE5EC4BBD}C:\program files\wizards of the coast\mtga\mtga.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B8DB679F-A56D-43B4-A3C6-4FFE04312121}C:\program files\wizards of the coast\mtga\mtga.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CAE03781-8EA0-4D08-B767-12B64EF65358}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{68B00215-639C-48EF-9AB7-4E5ECDC799F8}C:\program files (x86)\wowko\world of warcraft\_retail_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4209FA72-756C-43DD-8519-D0DFD6DCBEB1}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BE2103C7-3D2C-447C-A2F1-02624126FE23}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EADC1B64-987C-4EFA-A1D0-FDFCC5026E6C}C:\users\lisak\appdata\local\programs\opera gx\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4B609BDB-AC89-4394-BB61-768BAF798AC5}C:\users\lisak\appdata\local\programs\opera gx\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2A38F7B0-43F2-465F-A7C1-4D11813E6E6C}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DC581265-2DC9-445C-A5FF-3E347A865DC3}E:\mára\steam\steamapps\common\call of cthulhu\cya\binaries\win64\callofcthulhu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BE18E0D-F243-481C-9973-FAB4F02A740B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A5C00EA-DCB2-4F7D-8042-DFB99BBD90C4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B94F4BB-A0EA-49D3-B3EE-6A727116A4B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C79AC8B8-D7D0-477B-85F6-01F3F4A97D15}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D479671-3F15-46D7-A4F9-1A9E104278EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9C7AC2A-DD8D-4E41-B3CC-E898A246FD13}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6BCDF877-32C1-48AE-ADEB-612808B66D87}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{98652DF8-0EBA-4D80-9D95-B4456182BACC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D07F35F-D824-4F6B-9C16-D90EA020C0AF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{154A6067-8E23-4D6A-8527-C6162EDCD123}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1A75B4E-8261-44F7-8868-586CC7E12E6E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0818BB70-F2A6-44A7-858F-AC49336952CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86A0CC70-AA66-45AF-8114-C40A99B660BA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A48D668A-B551-4354-997F-368281A07B37}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{341EF611-E330-4AF4-A1D7-4932AAC3C33A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58E822DA-8E60-4588-80EE-1CA30E9C8017}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6117ECC1-2698-4363-A897-1E2791C219E9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D327AC1B-D098-45D7-9320-473A3368687F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A52FE8D-CC43-4917-8AC6-9494736696CD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1D5DB75-7A8C-47C1-BD8B-96BCFCBE8409}" => removed successfully
"C:\Users\lisak\Downloads\[FTUApps.com]" => not found
"C:\Users\lisak\AppData\Local\Microsoft\Windows\InetHelper\cleaner.exe" => not found
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-3731235652-646393183-1318076386-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent" => removed successfully
"HKU\S-1-5-21-3731235652-646393183-1318076386-1001\Software\Microsoft\Windows\CurrentVersion\Run\\electron.app.Untapped.gg Companion" => removed successfully
"HKU\S-1-5-21-3731235652-646393183-1318076386-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BAD41A4-2DF9-41C2-A83B-689A7F2D171B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BAD41A4-2DF9-41C2-A83B-689A7F2D171B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineGDU => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineGDU" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CD9B37BE-92EB-43D4-ABB6-D02D1DDAA327}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD9B37BE-92EB-43D4-ABB6-D02D1DDAA327}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => moved successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => removed successfully
C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully
C:\DumpStack.log.tmp => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 2883584 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 945642036 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 572184013 B
Windows/system/drivers => 80277374 B
Edge => 0 B
Chrome => 1556766991 B
Firefox => 921807025 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 74856 B
systemprofile32 => 12733181 B
LocalService => 13108205 B
NetworkService => 13119979 B
lisak => 110253551 B
Eve => 110253551 B
OVRLibraryService => 110253551 B

RecycleBin => 10940032609 B
EmptyTemp: => 14.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:24:42 ====

Odinstaloval jsem MSI, ten hluk větráků se výrazně zlepšil.
Zapnu hru - mám pod 60 FPS. Zapnu ten cleaner, on ukončí vše, zapnu hru a vše co mi předtím běželo a mám 120 FPS.
Co to je sakra

Tohle nevím, naše fórum se zabývá především IT bezpečností. Zkuste to na některém herním fóru. Postránce malware je váš PC čistý.

Rudy píše: 15 kvě 2023 17:49 Tohle nevím, naše fórum se zabývá především IT bezpečností. Zkuste to na některém herním fóru. Postránce malware je váš PC čistý.

Moc děkuji za pomoc!

Rádo se stalo!