VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivní kontrola

https://forum.viry.cz:443/viewtopic.php?t=159281

Stránka 1 z 1

Preventivní kontrola

Napsal: 09 zář 2023 05:37
od czech 08
Zdravím! Prosím o kontrolu logu.



FRST.TXT

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Ran by PC (administrator) on DESKTOP-VNNSM0S (ATComputers CZC) (09-09-2023 06:22:58)
Running from C:\Users\PC\OneDrive\Plocha\FRST64.exe
Loaded Profiles: PC
Platform: Microsoft Windows 10 Home Version 22H2 19045.3393 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Discord Inc. -> Discord Inc.) C:\Users\PC\AppData\Local\Discord\app-1.0.9017\Discord.exe <6>
(explorer.exe ->) () [File not signed] C:\Program Files\BakkesMod\BakkesMod.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25>
(Rémi Mercier) [File not signed] D:\!!!!!FAN CONTROL\FanControl.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2335.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21548.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21548.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [256408 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [tvncontrol] => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [BakkesMod] => C:\Program Files\BakkesMod\BakkesMod.exe [16066560 2021-05-05] () [File not signed]
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [CustomCursor] => "C:\Users\PC\AppData\Local\Blife\CustomCursor\CustomCursor.exe" "/tray" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [it.remote.desktop] => C:\Program Files\remoteit\remoteit.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" --hidden (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [820960 2022-05-31] (OpenVPN Inc. -> )
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\PC\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Discord] => C:\Users\PC\AppData\Local\Discord\Update.exe [1525032 2022-08-08] (Discord Inc. -> GitHub)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Krisp] => "C:\Program Files\Krisp\Krisp.exe" -s (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\PC\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [157858648 2023-03-23] (Bluestack Systems, Inc -> now.gg, Inc.)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [whatpulse] => "C:\Program Files\WhatPulse\WhatPulse.exe" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [electron.app.Pi Network] => C:\Users\PC\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [280880 2023-05-25] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter\nlclientapp.exe [607576 2023-06-30] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\PC\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [1990000 2023-06-09] (ZONER a.s. -> ZONER a.s.)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {7665429a-90dd-11ec-abeb-244bfe775eb1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {ea3aec86-83ed-11eb-ab32-244bfe775eb1} - "E:\LenovoUsbDriver.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [820960 2022-05-31] (OpenVPN Inc. -> )
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\Theinka\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\116.0.5845.180\Installer\chrmstp.exe [2023-09-08] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\Installer\chrmstp.exe [2023-09-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{C57B257B-3D92-4AC0-8FE8-7D6FF81AEF73}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2023-08-27]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Portmaster Notifier.lnk [2023-08-20]
ShortcutTarget: Portmaster Notifier.lnk -> C:\ProgramData\Safing\Portmaster\portmaster-start.exe (Safing ICS Technologies GmbH -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {56F1AD4F-9F1E-429E-AF33-C15F6ED39252} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4947352 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
Task: {C1100914-8E9A-40F8-89E4-2AF6D4403183} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {946CEBA4-CF06-4DC0-96F2-1B8917D103ED} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-06-06] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {CE8401EF-7040-4F4B-9684-E06622436A14} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{E3A4EA60-93D4-4413-9B2B-6FFF17780773} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-12] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {D77CF0FF-44E9-4418-9FA7-DD12716DD721} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{EBFB8447-A147-4518-923D-95424DBBDEB7} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-12] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {247CB7D0-F019-4164-A7AB-58D93D753602} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F9C77B1D-C5BB-43F7-B7A0-D51C171BDDDC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "db0e3690-912b-4fd4-a1ed-f236f8382075" --version "6.15.10623" --silent
Task: {96134779-19F9-4E7A-B9C7-48BA239B34E5} - System32\Tasks\CCleanerSkipUAC - PC => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {276D1DE8-7E7F-4B07-97F3-736ABB898765} - System32\Tasks\FanControl => C:\Windows\system32\cmd.exe [289792 2021-01-24] (Microsoft Windows -> Microsoft Corporation) -> /C start /B FanControl.exe
Task: {BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {D51B55CD-FD32-45C3-B42F-745D0FEFFDD2} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {B0596E80-4F68-4178-9CFE-B4C7AD887460} - System32\Tasks\iTop Christmas Task (One-Time) => "C:\Program Files\iTop Screen Recorder\itopxmas.exe" /isr (No File)
Task: {63B894C7-1AAD-4D8A-A051-C9B6246F6414} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {236C5820-77C5-4653-8084-51C54D87D30C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3745018-141C-4518-8ACF-AD7BE03A8F40} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124352 2023-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F691BFC-D6E5-4A2C-96EC-25457ADDB3D6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124352 2023-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9ACB9B02-7B6B-4907-86A8-6BB2C41BBAE6} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-04] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3E06DEC1-BAEA-463D-8481-60CCE4133B72} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {771FF85C-31AC-42DA-A850-DBCC306A2827} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2463840 2023-04-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {8C6291E7-FDE9-4521-B3AF-7570D64BE9E8} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {51F56D84-B2B8-4E7D-9DCF-BA1D257B23A3} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [File not signed]
Task: {9D302B69-C10B-49DA-9BCC-379062CE79D4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3C97DE6B-EC69-4FE6-A453-6DEE2565A1FA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0F1A9AD-0550-4B37-B012-06B6D2926168} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1659715826 => C:\Users\PC\AppData\Local\Programs\Opera GX\launcher.exe [2673056 2023-08-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PC\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {39AD0263-0A55-40EE-8E38-B514451B1464} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1687623853 => C:\Users\Theinka\AppData\Local\Programs\Opera GX\launcher.exe [2646424 2023-06-14] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Theinka\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {3BD950D2-D0A1-4B9F-A2E0-09D49C8BB732} - System32\Tasks\Opera GX scheduled Autoupdate 1657886657 => C:\Users\PC\AppData\Local\Programs\Opera GX\launcher.exe [2673056 2023-08-23] (Opera Norway AS -> Opera Software)
Task: {2C266ACF-26F8-41DF-BE27-F3A4FAE21601} - System32\Tasks\Opera GX scheduled Autoupdate 1670345292 => C:\Users\Theinka\AppData\Local\Programs\Opera GX\launcher.exe [2646424 2023-06-14] (Opera Norway AS -> Opera Software)
Task: {F91A1D3E-2497-4AC4-AD8C-3F688C921D60} - System32\Tasks\StartRPCService => C:\Windows\system32\NET.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {3E1302F4-A7DB-47F4-938B-486E88F3A128} - System32\Tasks\Zoner.Updater.S-1-5-21-321179341-2139502707-572524282-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1615168 2023-09-08] (ZONER a.s. -> ZONER a.s.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Intel PTT EK Recertification.job => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{41999a4b-53eb-4196-bde0-197c68011fdf}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{db69e62a-0ccc-480d-89fd-964a5e327c4e}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-08]
Edge Extension: (Edge relevant text changes) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-15]
Edge Extension: (Microsoft Edge DevTools Enhancements) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfbdpdaobnofkbopebjglnaadopfikhh [2023-04-09]

FireFox:
========
FF DefaultProfile: 2hjvx19l.default
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\2hjvx19l.default [2021-09-01]
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\spf2f3e4.default-release-1676222568285 [2023-09-07]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-03-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-03-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2023-09-09]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://meet.google.com; hxxps://web.whatsapp.com; hxxps://www.youtube.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-09-08]
CHR Extension: (uBlock Origin) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-07-29]
CHR Extension: (Adblock na Youtube™) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-25]
CHR Extension: (change-language) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-09-06]
CHR Extension: (HTTPS Everywhere) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-05-25]
CHR Extension: (Return YouTube Dislike) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-08-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-27]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-01-13]
CHR Extension: (Amazing css color picker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclbckmnpbnkcpemopdngipibdagmjei [2023-07-29]
CHR Extension: (Page Refresh) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmooaemjmediafeacjplpbpenjnpcneg [2022-12-24]
CHR Extension: (MetaMask) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-09-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-17]
CHR Extension: (ChatGPT File Uploader) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaogphgfdbdbmhkiplemgehihiiececj [2023-07-28]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-26]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-06-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-08-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-18]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-18]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-321179341-2139502707-572524282-1001) Opera GXStable - "C:\Users\PC\AppData\Local\Programs\Opera GX\Launcher.exe"
StartMenuInternet: (HKU\S-1-5-21-321179341-2139502707-572524282-1002) Opera GXStable - "C:\Users\Theinka\AppData\Local\Programs\Opera GX\Launcher.exe"

Brave:
=======
BRA Profile: C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-09-08]
BRA Extension: (Brave Ad Block Updater (Exception-exceptions (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-09-08]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-09-08]
BRA Extension: (Brave NTP background images) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-08-20]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-09-08]
BRA Extension: (Wallet Data Files Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-09-04]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-09-08]
BRA Extension: (Brave NTP sponsored images) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-09-08]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-09-03]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-09-08]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-09-03]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-08-16]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-09-08]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [4040776 2023-09-08] (philandro Software GmbH -> AnyDesk Software GmbH)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8904088 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [587672 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [588184 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-03-10] (BattlEye Innovations e.K. -> )
S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-12] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-12] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\brave_vpn_helper.exe [3171864 2023-09-06] (Brave Software, Inc. -> Brave Software, Inc.)
S4 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [2183192 2023-09-06] (Brave Software, Inc. -> Brave Software, Inc.)
S4 brlapi; C:\Windows\brltty\bin\brltty.exe [847886 2019-10-15] (Microsoft Windows -> )
S4 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817440 2023-08-19] (Microsoft Corporation -> Microsoft Corporation)
S4 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [19792 2023-05-25] (Docker Inc -> Docker Inc.)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S4 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-05-17] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-24] (Epic Games Inc. -> Epic Games, Inc.)
S4 JumpConnect; C:\Program Files (x86)\Phase Five Systems\Jump Desktop Connect\6.10.11.0\JumpConnect.exe [154032 2023-05-02] (PhaseFive Systems LLC -> Phase Five Systems)
S4 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S4 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [73824 2023-04-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S4 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150176 2022-08-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S4 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S4 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S4 nlsvc; C:\Program Files\Locktime Software\NetLimiter\NLSvc.exe [24920 2023-06-30] (Locktime Software s.r.o. -> Locktime Software)
S4 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64736 2022-05-31] (OpenVPN Inc. -> The OpenVPN Project)
S4 PortmasterCore; C:\ProgramData\Safing\Portmaster\portmaster-start.exe [12975896 2023-06-01] (Safing ICS Technologies GmbH -> )
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20802872 2023-08-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746728 2022-03-23] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\elevation_service.exe" [X]
S4 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [238496 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392880 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297880 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39648 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [272576 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559184 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [946160 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [705480 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212680 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [53904 2021-10-01] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319568 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2022-02-21] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [310688 2023-06-06] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 Capsax64Drv; C:\Windows\System32\Drivers\Capsax64Drv.sys [53600 2019-01-23] (成都科来软件有限公司 -> Colasoft Co., Ltd.)
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [608464 2022-12-24] (Intel Corporation -> Intel Corporation)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [15693768 2023-05-08] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
S1 gvm; C:\Windows\system32\DRIVERS\gvm.sys [390144 2023-07-30] (Google LLC -> Google LLC)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 KrispAudioS; C:\Windows\System32\drivers\KrispAudio.sys [60384 2022-12-16] (Krisp Technologies, Inc -> Krisp Technologies, Inc)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [91888 2022-07-26] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net)
S3 libusb0_dji; C:\Windows\system32\DRIVERS\libusb0_dji.sys [73240 2022-07-26] (Microsoft Windows Hardware Compatibility Publisher -> hxxp://libusb-win32.sourceforge.net)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [196696 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Locktime Software)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [28480 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 R0FanControl; D:\!!!!!FAN CONTROL\FanControl.sys [14544 2023-09-09] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2022-07-25] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [240704 2022-03-22] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1046392 2022-03-22] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [175800 2022-03-22] (Oracle Corporation -> Oracle Corporation)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [48136 2021-02-25] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49544 2021-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [420088 2021-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72952 2021-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [38176 2022-07-25] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)
U1 aswbdisk; no ImagePath
S3 GPUZ-v2; \??\C:\Windows\TEMP\GPUZ-v2.sys [X]
U4 npcap_wifi; no ImagePath
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S3 WacHidRouter; \SystemRoot\System32\drivers\wachidrouter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-08 06:35 - 2023-09-08 06:35 - 000000000 ___HD C:\$SysReset
2023-09-07 16:39 - 2023-09-07 16:39 - 012160512 _____ (Tim Kosse) C:\Users\PC\Downloads\FileZilla_3.65.0_win64-setup.exe
2023-09-04 16:44 - 2023-09-06 16:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-02 07:40 - 2023-09-02 07:40 - 000000000 ____D C:\Users\PC\OneDrive\Dokumenty\FeedbackHub
2023-08-31 15:36 - 2023-08-31 15:36 - 000000000 ____D C:\Users\PC\AppData\Local\node-gyp
2023-08-27 17:21 - 2023-09-08 05:57 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-08-27 17:21 - 2023-08-29 10:31 - 000000000 ____D C:\ProgramData\AnyDesk
2023-08-27 17:21 - 2023-08-27 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2023-08-27 16:56 - 2023-08-27 16:57 - 000000000 ___HD C:\$WinREAgent
2023-08-27 14:00 - 2023-08-27 14:00 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-08-21 17:34 - 2023-08-21 17:34 - 000000000 ____D C:\Users\PC\AppData\Roaming\Colasoft
2023-08-21 17:34 - 2023-08-21 17:34 - 000000000 ____D C:\Program Files\Common Files\Colasoft Shared
2023-08-21 17:33 - 2023-08-21 17:34 - 000000000 ____D C:\Program Files\Colasoft Packet Player 2.1
2023-08-21 17:33 - 2023-08-21 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Colasoft Packet Player
2023-08-21 17:33 - 2019-01-23 09:55 - 000053600 _____ (Colasoft Co., Ltd.) C:\Windows\system32\Drivers\Capsax64Drv.sys
2023-08-21 17:18 - 2023-08-21 17:24 - 000000000 ____D C:\Users\PC\AppData\Local\PacketSender
2023-08-21 12:59 - 2023-08-21 12:59 - 000001090 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyenaeFE.lnk
2023-08-21 12:45 - 2023-08-21 13:26 - 000000000 ____D C:\Program Files (x86)\Hyenae
2023-08-21 10:44 - 2023-08-21 10:44 - 000000218 _____ C:\Users\PC\AppData\Local\recently-used.xbel
2023-08-20 18:18 - 2023-08-20 18:18 - 000000000 ____D C:\Users\PC\AppData\Roaming\Locktime
2023-08-20 18:18 - 2023-08-20 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter
2023-08-20 18:18 - 2023-08-20 18:18 - 000000000 ____D C:\ProgramData\Locktime
2023-08-20 18:18 - 2023-08-20 18:18 - 000000000 ____D C:\Program Files\Locktime Software
2023-08-20 18:10 - 2023-09-04 15:33 - 000000000 ____D C:\Users\PC\AppData\Roaming\Portmaster
2023-08-20 18:10 - 2023-08-20 18:10 - 000002067 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portmaster.lnk
2023-08-20 18:09 - 2023-08-20 18:09 - 000000000 ____D C:\ProgramData\Safing
2023-08-20 18:09 - 2023-08-20 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portmaster
2023-08-20 18:09 - 2023-08-20 18:09 - 000000000 ____D C:\Program Files\Safing
2023-08-18 14:21 - 2023-08-21 16:55 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2023-08-18 14:21 - 2023-08-18 14:21 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2023-08-15 19:53 - 2023-08-15 19:53 - 000000128 _____ C:\Users\PC\AppData\Roaming\PUTTY.RND
2023-08-15 19:41 - 2023-08-15 19:41 - 012140960 _____ (Tim Kosse) C:\Users\PC\Downloads\FileZilla_3.64.0_win64-setup.exe
2023-08-14 09:19 - 2023-08-14 10:30 - 000000000 ____D C:\ESD
2023-08-14 09:16 - 2023-08-14 09:16 - 000000000 ___HD C:\$Windows.~WS
2023-08-14 09:16 - 2023-08-14 09:16 - 000000000 ____D C:\$WINDOWS.~BT
2023-08-12 19:32 - 2023-08-12 19:32 - 000000000 ____D C:\Users\PC\AppData\Local\Backup

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-09 06:23 - 2021-12-16 21:02 - 000000000 ____D C:\Windows\SystemTemp
2023-09-09 06:23 - 2021-02-12 18:46 - 000000000 ____D C:\FRST
2023-09-09 06:23 - 2021-01-24 20:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-09 06:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-09 06:20 - 2022-09-13 16:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\discord
2023-09-09 06:20 - 2022-09-13 16:22 - 000000000 ____D C:\Users\PC\AppData\Local\Discord
2023-09-08 20:00 - 2023-06-24 18:24 - 000003798 _____ C:\Windows\system32\Tasks\Opera GX scheduled assistant Autoupdate 1687623853
2023-09-08 20:00 - 2023-05-31 17:43 - 000002266 _____ C:\Windows\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2023-09-08 20:00 - 2023-05-08 18:22 - 000002160 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-09-08 20:00 - 2023-02-12 19:40 - 000003500 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{EBFB8447-A147-4518-923D-95424DBBDEB7}
2023-09-08 20:00 - 2023-02-12 19:40 - 000003276 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{E3A4EA60-93D4-4413-9B2B-6FFF17780773}
2023-09-08 20:00 - 2023-01-30 08:30 - 000003136 _____ C:\Windows\system32\Tasks\MSIAfterburner
2023-09-08 20:00 - 2022-12-24 13:25 - 000002704 _____ C:\Windows\system32\Tasks\iTop Christmas Task (One-Time)
2023-09-08 20:00 - 2022-12-06 18:48 - 000003534 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1670345292
2023-09-08 20:00 - 2022-11-20 18:05 - 000002658 _____ C:\Windows\system32\Tasks\FanControl
2023-09-08 20:00 - 2022-10-11 16:31 - 000002954 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-09-08 20:00 - 2022-09-27 13:29 - 000003044 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-09-08 20:00 - 2022-09-27 13:29 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-09-08 20:00 - 2022-08-05 18:10 - 000003758 _____ C:\Windows\system32\Tasks\Opera GX scheduled assistant Autoupdate 1659715826
2023-09-08 20:00 - 2022-07-15 14:04 - 000003594 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1657886657
2023-09-08 20:00 - 2021-11-25 19:29 - 000003194 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-09-08 20:00 - 2021-11-25 19:29 - 000002244 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - PC
2023-09-08 20:00 - 2021-09-17 16:20 - 000003410 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-08 20:00 - 2021-09-17 16:20 - 000003186 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-08 20:00 - 2021-09-15 17:36 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-08 20:00 - 2021-09-15 17:36 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-08 20:00 - 2021-07-28 15:04 - 000003150 _____ C:\Windows\system32\Tasks\Zoner.Updater.S-1-5-21-321179341-2139502707-572524282-1001
2023-09-08 20:00 - 2021-04-01 09:57 - 000002532 _____ C:\Windows\system32\Tasks\StartRPCService
2023-09-08 20:00 - 2021-01-24 20:13 - 000003220 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2023-09-08 20:00 - 2020-09-27 09:53 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-08 20:00 - 2020-09-27 09:53 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-08 19:58 - 2021-07-18 17:05 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2023-09-08 19:47 - 2021-02-04 13:20 - 000000000 ____D C:\ProgramData\Zoner
2023-09-08 19:02 - 2023-02-06 16:56 - 000000000 ____D C:\Program Files (x86)\ROKLauncher
2023-09-08 18:32 - 2021-07-29 09:12 - 000000572 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2023-09-08 18:30 - 2021-01-24 20:05 - 001693140 _____ C:\Windows\system32\PerfStringBackup.INI
2023-09-08 18:30 - 2019-12-07 16:41 - 000716770 _____ C:\Windows\system32\perfh005.dat
2023-09-08 18:30 - 2019-12-07 16:41 - 000144948 _____ C:\Windows\system32\perfc005.dat
2023-09-08 18:30 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-09-08 18:26 - 2021-03-06 19:11 - 000000000 ____D C:\ProgramData\Avast Software
2023-09-08 18:23 - 2020-09-27 09:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-08 18:23 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2023-09-08 18:21 - 2022-04-09 21:24 - 000000000 ____D C:\MSI
2023-09-08 18:21 - 2021-01-24 20:08 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-08 18:10 - 2022-02-25 15:09 - 000000000 ____D C:\Program Files\TeamViewer
2023-09-08 17:53 - 2023-02-06 17:43 - 000000000 ____D C:\Users\PC\.lim
2023-09-08 17:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-08 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-09-08 06:35 - 2021-01-22 16:52 - 000000000 ____D C:\Windows\Panther
2023-09-08 06:34 - 2022-10-09 16:14 - 000095848 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-09-08 06:34 - 2022-10-09 16:14 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-09-08 06:34 - 2022-05-06 18:19 - 000000000 ____D C:\XboxGames
2023-09-08 06:34 - 2022-02-27 10:04 - 002688512 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-09-08 06:34 - 2022-02-27 10:04 - 000483328 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-09-08 06:34 - 2022-02-27 10:04 - 000210536 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-09-08 06:34 - 2022-02-27 10:04 - 000181864 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-09-08 06:34 - 2022-02-27 10:04 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-09-08 06:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2023-09-08 05:59 - 2021-01-25 11:22 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2023-09-08 05:57 - 2021-09-17 16:20 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-07 20:07 - 2021-01-25 09:18 - 000002382 ____H C:\Users\PC\OneDrive\Dokumenty\Default.rdp
2023-09-07 19:43 - 2022-01-03 18:32 - 000000000 ____D C:\Users\PC\AppData\Local\RealVNC
2023-09-07 19:11 - 2021-12-07 16:26 - 000000000 ____D C:\Users\PC\AppData\Roaming\FileZilla
2023-09-07 15:53 - 2023-02-12 19:41 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-09-07 15:36 - 2021-03-13 09:48 - 000000000 ____D C:\Users\PC\AppData\Roaming\Code
2023-09-07 15:01 - 2020-09-27 07:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-06 18:33 - 2022-04-02 16:38 - 000000128 _____ C:\Users\PC\AppData\Local\PUTTY.RND
2023-09-06 16:44 - 2021-01-22 16:56 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2023-09-06 16:41 - 2023-02-12 19:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-06 15:21 - 2021-01-28 10:59 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2023-09-06 06:52 - 2021-02-27 18:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-05 19:06 - 2021-07-12 17:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Word
2023-09-05 15:47 - 2023-02-12 19:22 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-04 18:23 - 2021-07-13 06:51 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Excel
2023-09-04 16:45 - 2023-02-12 19:22 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-04 13:12 - 2021-09-13 15:47 - 000000000 ____D C:\Users\PC\AppData\Local\UnrealEngine
2023-09-04 06:58 - 2021-08-20 07:03 - 000000000 ____D C:\Users\PC\AppData\Local\Avast Software
2023-09-03 17:35 - 2023-02-03 23:00 - 000000000 ____D C:\Users\PC\.coding-tracker
2023-09-03 16:18 - 2021-06-15 15:12 - 000000000 ____D C:\Users\PC\AppData\Roaming\.tlauncher
2023-09-03 16:14 - 2022-05-04 18:34 - 000000000 ____D C:\Users\PC\AppData\Roaming\GitHub Desktop
2023-09-02 18:21 - 2020-09-27 09:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-02 07:51 - 2021-08-20 07:02 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-09-02 07:40 - 2021-02-11 09:58 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2023-08-31 17:30 - 2022-05-04 17:25 - 000000000 ____D C:\Users\PC\AppData\Roaming\npm
2023-08-31 15:36 - 2022-05-04 17:34 - 000000000 ____D C:\Users\PC\AppData\Local\npm-cache
2023-08-30 23:29 - 2021-06-06 14:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-08-30 08:59 - 2022-07-15 14:04 - 000001425 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2023-08-27 17:21 - 2022-10-28 17:14 - 000000000 ____D C:\Users\PC\AppData\Roaming\AnyDesk
2023-08-27 17:12 - 2021-01-22 16:56 - 000000000 ___SD C:\Users\PC\AppData\Roaming\Microsoft\Credentials
2023-08-27 17:07 - 2020-09-27 07:50 - 000474056 _____ C:\Windows\system32\FNTCACHE.DAT
2023-08-27 17:06 - 2021-09-15 17:42 - 000000000 ___SD C:\Windows\system32\lxss
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-08-27 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-08-27 17:05 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-08-27 17:02 - 2020-09-27 09:53 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-08-27 14:00 - 2023-01-19 16:48 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000946160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000705480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000559184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000392880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000319568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000297880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000272576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000238496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000095960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-08-27 14:00 - 2021-08-20 07:02 - 000039648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-08-27 14:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-08-27 13:57 - 2022-10-28 17:03 - 000000000 ___HD C:\avast! sandbox
2023-08-27 13:57 - 2021-11-25 19:29 - 000000000 ____D C:\Program Files\CCleaner
2023-08-22 07:58 - 2023-05-25 17:00 - 000000000 ____D C:\Users\PC\AppData\Roaming\Docker Desktop
2023-08-22 07:58 - 2023-05-24 19:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\Docker
2023-08-22 07:49 - 2023-05-24 19:42 - 000000000 ____D C:\Users\PC\AppData\Local\Docker
2023-08-21 15:40 - 2021-01-24 20:16 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2023-08-21 15:10 - 2022-10-11 16:31 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-08-21 08:28 - 2021-12-25 09:57 - 000000000 ____D C:\Users\PC\.ssh
2023-08-21 08:12 - 2022-04-29 06:23 - 000000000 ____D C:\Users\PC\.VirtualBox
2023-08-21 07:35 - 2021-01-28 11:31 - 000000000 ____D C:\ProgramData\VirtualBox
2023-08-21 06:57 - 2020-09-27 09:55 - 000000000 ____D C:\ProgramData\Packages
2023-08-20 07:38 - 2022-03-02 07:42 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-08-19 11:12 - 2022-05-14 10:06 - 000000000 ____D C:\Users\PC\AppData\Local\pip
2023-08-18 14:22 - 2022-10-11 16:32 - 000000000 ____D C:\Users\PC\AppData\Local\BlueStacks X
2023-08-18 14:21 - 2021-01-28 17:11 - 000000000 ____D C:\Users\Public\BlueStacks
2023-08-18 14:21 - 2021-01-28 17:11 - 000000000 ____D C:\Users\PC\AppData\Local\Bluestacks
2023-08-18 14:17 - 2022-10-11 16:29 - 000000000 ____D C:\Program Files (x86)\BlueStacks X
2023-08-16 07:44 - 2022-04-02 14:05 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2023-08-16 07:44 - 2021-12-07 16:26 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2023-08-14 13:37 - 2022-10-02 18:01 - 000000000 ____D C:\Users\PC\OneDrive\Dokumenty\DRLSim
2023-08-13 15:47 - 2021-09-07 15:33 - 000000000 ____D C:\Program Files (x86)\Steam
2023-08-13 07:21 - 2023-04-28 13:46 - 000000000 ____D C:\Users\PC\.BigNox
2023-08-13 07:21 - 2021-01-29 11:38 - 000000000 ____D C:\Users\PC\AppData\Local\Nox
2023-08-13 07:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Registration
2023-08-13 07:19 - 2021-09-27 14:38 - 000000000 ____D C:\Users\PC\vmlogs
2023-08-13 07:19 - 2021-09-27 14:38 - 000000000 ____D C:\Users\PC\AppData\Local\NoxSrv
2023-08-13 07:19 - 2021-01-22 16:56 - 000000000 ____D C:\Users\PC
2023-08-12 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-08-12 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-08-12 09:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup

==================== Files in the root of some directories ========

2022-06-08 16:49 - 2022-06-08 16:49 - 000000068 _____ () C:\Users\PC\AppData\Roaming\changzhi_leidian.data
2022-06-08 16:49 - 2022-06-08 16:49 - 000000154 _____ () C:\Users\PC\AppData\Roaming\changzhi_leidianmac.data
2021-01-29 09:16 - 2022-04-22 19:15 - 000000016 _____ () C:\Users\PC\AppData\Roaming\obs-virtualcam.txt
2023-08-15 19:53 - 2023-08-15 19:53 - 000000128 _____ () C:\Users\PC\AppData\Roaming\PUTTY.RND
2023-03-02 15:18 - 2023-03-02 15:18 - 001065984 _____ () C:\Users\PC\AppData\Local\file__0.localstorage
2021-07-19 06:57 - 2022-08-05 18:14 - 000474917 _____ () C:\Users\PC\AppData\Local\parallels_toolbox.log
2022-04-02 16:38 - 2023-09-06 18:33 - 000000128 _____ () C:\Users\PC\AppData\Local\PUTTY.RND
2023-08-21 10:44 - 2023-08-21 10:44 - 000000218 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2021-02-04 14:06 - 2021-04-18 17:04 - 000007602 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2022-02-22 08:11 - 2022-08-05 18:14 - 000004323 _____ () C:\Users\PC\AppData\Local\toolbox_report.xml
2022-12-16 19:51 - 2022-12-20 18:32 - 000000293 _____ () C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219}
2022-12-16 19:51 - 2022-12-20 18:32 - 000000000 _____ () C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




V příloze Addition.txt.



Děkuji!

Re: Preventivní kontrola

Napsal: 10 zář 2023 11:00
od Rudy
Zdravím!
Otevřte poznámkový blok a zkopírujte do ně:
Start

CloseProcesses:
HKLM\...\Run: [tvncontrol] => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [CustomCursor] => "C:\Users\PC\AppData\Local\Blife\CustomCursor\CustomCursor.exe" "/tray" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [it.remote.desktop] => C:\Program Files\remoteit\remoteit.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" --hidden (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Krisp] => "C:\Program Files\Krisp\Krisp.exe" -s (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [whatpulse] => "C:\Program Files\WhatPulse\WhatPulse.exe" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [electron.app.Pi Network] => C:\Users\PC\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {7665429a-90dd-11ec-abeb-244bfe775eb1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {ea3aec86-83ed-11eb-ab32-244bfe775eb1} - "E:\LenovoUsbDriver.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B0596E80-4F68-4178-9CFE-B4C7AD887460} - System32\Tasks\iTop Christmas Task (One-Time) => "C:\Program Files\iTop Screen Recorder\itopxmas.exe" /isr (No File)
Task: {BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
U1 aswbdisk; no ImagePath
S3 GPUZ-v2; \??\C:\Windows\TEMP\GPUZ-v2.sys [X]
U4 npcap_wifi; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219}
C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB}
ContextMenuHandlers1_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
ContextMenuHandlers4_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3822]
AlternateDataStreams: C:\Users\Theinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
FirewallRules: [{D6B2DDEC-CDAA-47E3-A4B1-76F4F796F4CE}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [{9164A233-E972-4DD5-87A4-2E58C35BE0A3}] => (Block) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{7DEC9534-C4D1-470E-9CF5-0F0D4D68469A}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{41745206-C875-4416-B4DA-3A8C7BCB604D}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [{D42FCE2F-7C76-4A1D-9807-16BBAC743B4E}] => (Allow) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [{2D1992FC-2EF1-4633-8E63-B657E8383687}] => (Block) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{FB7696CA-0355-4F93-8627-7C676E971429}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{A3607866-AA9F-4711-A456-CD7F735D3EEB}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{850527CA-7E10-4A60-A157-DA31238F470A}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [UDP Query User{40DF6F46-1BDD-4E1A-9A4A-59B934723E7E}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [TCP Query User{76726584-9B12-4E8E-AD98-6C81D78002E6}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [UDP Query User{2E4F8C5D-1055-4BDD-8112-AF92C3BDD202}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [{B0BA8790-C5C3-4F31-BDB8-E89BBDC41BE0}] => (Allow) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [{A7EDE7AF-3BF6-4F29-BD1E-8F3865775A5A}] => (Block) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{435F5444-55F8-4CB3-B07F-85489BD23F04}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{727089F1-649E-44C0-9D64-F7F9EED22CFF}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{79F31AA6-2889-4FC2-B830-EB18E6E94E5B}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [UDP Query User{0B55E600-A68E-4600-A3E5-4A3A1E33F700}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [TCP Query User{598957E1-198B-47B9-A87F-9946B0F81C08}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [UDP Query User{BFF11645-C50B-4AE6-8197-9A8F7EDB0601}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [TCP Query User{7A6434FF-8223-4AE8-80A8-24FE893A6056}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{BEDB4263-094A-4E4E-A6D9-333652C726F6}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [TCP Query User{5EBC4863-A02F-49C1-943C-9462A315BF31}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [UDP Query User{5A6F61DE-73E7-4312-9C25-264BCE0F4F2B}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [TCP Query User{989F3D25-11B2-4DC6-B964-CAEA3AC32CC4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [UDP Query User{9C5098D8-A8FB-475B-90EB-9BA9E6E151FF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [TCP Query User{3D9F2682-D267-47FF-94A7-BE61577CCBD2}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{4CF07270-C9D1-449E-A53C-EF549879A94E}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [{713AAD50-5E04-48F6-9E0E-FACC0F1D8F1E}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{1205D16F-F998-4801-96D1-61265C148880}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{d0da6e51-4aa6-4d9c-93f5-b6f4f2bcd173}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{F0A7CCE3-ADBD-4EB4-98C0-B228380DFCD6}] => (Allow) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{5A8267A5-9FA4-4B71-A3DA-B0B43F62D765}] => (Block) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{2FE36E53-195D-4DBF-84A1-96F71572D700}] => (Allow) D:\UNITY\2018.3.0f2\Editor\Unity.exe => No File
FirewallRules: [{FA6E7E8A-6DC3-4DAE-B37B-98FB89DA11FF}] => (Allow) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{7796DE29-1AF8-4D14-9678-7481C6D658AD}] => (Block) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{4DB11C3E-638D-4DE4-8828-C205A9AB3939}] => (Allow) D:\UNITY\2018.4.17f1\Editor\Unity.exe => No File
FirewallRules: [{FE34CF34-E65B-435A-870C-3DBA5E32D714}] => (Allow) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{A38C15BF-A9D5-45B7-9E58-C0CC9644DE4E}] => (Block) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{EA95C2D1-7AC3-44B4-97F2-58384E64EE7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ACAE7889-338D-409D-862A-AE6EF35C66BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{01EF38A0-E623-452C-A9B6-D2AF952B41EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{CA8DB1AE-0B7B-40F9-B4FC-9EB3A938A132}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D7AB57EC-9A34-42A0-9C0A-5F1AFCC760B0}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [{70FFFEB4-461F-425D-992A-4EC0F05C59D1}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [TCP Query User{4D16858A-3C72-4EA4-A674-319552EBC97E}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [UDP Query User{46C23E71-4AC5-4989-A327-725FD5B80BEF}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{A55FFAD8-E7C0-4085-8DEF-30EDD2E1A29C}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{CE368BA2-4E9D-446A-BCCA-314310B13FDE}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{D0CB2737-9CD2-4654-AF7E-1EBD34AA2825}] => (Allow) D:\davinci resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [TCP Query User{8107F2F7-4F48-4CAD-B699-4F6A4B152330}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [UDP Query User{0B521A51-CE7C-4833-8074-1F6DA06CE8F2}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{D63F56A1-0591-41CC-882F-D19A2CE09A2F}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{9D80C5DD-C491-418A-B3B4-9A9F19ECACC5}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{A0779E56-5E42-4119-A7E1-CD8097FDEC41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{38A10CCE-7A28-4D97-BF6B-A1BE549A48D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C2CFBE4A-8AF4-4D81-BC12-10492BCE54F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{00E46D47-1EE2-4821-82A2-AAFBDEA34238}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{22D126AE-E2A8-4E1A-88B6-F590C3CA50C3}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [UDP Query User{E0F29BB6-2AEA-4C96-9A18-696FC99A36C1}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [TCP Query User{390E1E54-3935-4956-AF95-44BAB94EF215}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [UDP Query User{7353B879-B0CA-42FD-8C02-DD38E55BFA6E}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A1FD5305-77B3-4D4C-A344-13E4D0A7EB0A}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{47891DE2-CE61-4B4C-B549-87E31E489FE0}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A7C461C2-952D-4B19-9578-B706B8D4DE0B}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{18F5F9B9-64CE-4B86-8BA5-546DE07D9C70}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{948C9C87-8DA3-4EFB-8C6C-0C984DBD113E}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [{672FD62C-6846-4B93-B04E-41556F9677C1}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{30C17B4A-5376-40AE-B262-77879F2B4F4F}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [UDP Query User{A2152938-40AE-41BE-B4FC-ACF10BB4725C}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [TCP Query User{D61E56F8-5110-40F9-827D-9520558AE9F9}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [UDP Query User{EB726475-5695-4BAE-A585-94FFDB6CB473}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{107CA2EE-DE37-436A-B200-ED5C28079C14}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{D72C1201-39CB-463E-B570-D1EEFA94FAD6}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{289D1C3F-23EB-43A9-A0A1-CAADBC22F8C5}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{7FED9405-0F58-4BA5-ABB9-0AC1C0C462EE}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{A28D5B99-42DF-4D2F-99E0-72EAF9E51AC4}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{426895DB-37F0-48B7-9EBF-43DB0B9E449A}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{6C6ADBEB-BF53-4328-8F71-11EA62EE332F}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{8D66A43E-9869-4478-A9C8-D1028E028355}] => (Allow) D:\AnyDesk.exe => No File

EmptyTemp:
Hosts:
End
Uložte do C:\Users\PC\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Preventivní kontrola

Napsal: 18 zář 2023 17:43
od czech 08
Omlouvám se za pozdní odpověď.

fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-09-2023
Ran by PC (18-09-2023 18:37:37) Run:5
Running from D:\
Loaded Profiles: PC & Theinka
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [tvncontrol] => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [CustomCursor] => "C:\Users\PC\AppData\Local\Blife\CustomCursor\CustomCursor.exe" "/tray" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [it.remote.desktop] => C:\Program Files\remoteit\remoteit.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" --hidden (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Krisp] => "C:\Program Files\Krisp\Krisp.exe" -s (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [whatpulse] => "C:\Program Files\WhatPulse\WhatPulse.exe" (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [electron.app.Pi Network] => C:\Users\PC\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (No File)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {7665429a-90dd-11ec-abeb-244bfe775eb1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\MountPoints2: {ea3aec86-83ed-11eb-ab32-244bfe775eb1} - "E:\LenovoUsbDriver.exe"
HKU\S-1-5-21-321179341-2139502707-572524282-1002\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B0596E80-4F68-4178-9CFE-B4C7AD887460} - System32\Tasks\iTop Christmas Task (One-Time) => "C:\Program Files\iTop Screen Recorder\itopxmas.exe" /isr (No File)
Task: {BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
U1 aswbdisk; no ImagePath
S3 GPUZ-v2; \??\C:\Windows\TEMP\GPUZ-v2.sys [X]
U4 npcap_wifi; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219}
C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB}
ContextMenuHandlers1_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
ContextMenuHandlers4_S-1-5-21-321179341-2139502707-572524282-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> No File
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3822]
AlternateDataStreams: C:\Users\Theinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [588]
FirewallRules: [{D6B2DDEC-CDAA-47E3-A4B1-76F4F796F4CE}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [{9164A233-E972-4DD5-87A4-2E58C35BE0A3}] => (Block) C:\Program Files\Unity\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{7DEC9534-C4D1-470E-9CF5-0F0D4D68469A}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{41745206-C875-4416-B4DA-3A8C7BCB604D}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe => No File
FirewallRules: [{D42FCE2F-7C76-4A1D-9807-16BBAC743B4E}] => (Allow) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [{2D1992FC-2EF1-4633-8E63-B657E8383687}] => (Block) C:\Program Files\Unity\Editor\2020.3.3f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{FB7696CA-0355-4F93-8627-7C676E971429}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{A3607866-AA9F-4711-A456-CD7F735D3EEB}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2020.3.3f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{850527CA-7E10-4A60-A157-DA31238F470A}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [UDP Query User{40DF6F46-1BDD-4E1A-9A4A-59B934723E7E}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe] => (Block) C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe => No File
FirewallRules: [TCP Query User{76726584-9B12-4E8E-AD98-6C81D78002E6}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [UDP Query User{2E4F8C5D-1055-4BDD-8112-AF92C3BDD202}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe] => (Block) C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe => No File
FirewallRules: [{B0BA8790-C5C3-4F31-BDB8-E89BBDC41BE0}] => (Allow) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [{A7EDE7AF-3BF6-4F29-BD1E-8F3865775A5A}] => (Block) C:\Program Files\Unity\Editor\2021.1.10f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{435F5444-55F8-4CB3-B07F-85489BD23F04}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [UDP Query User{727089F1-649E-44C0-9D64-F7F9EED22CFF}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe] => (Allow) C:\program files\unity\editor\2021.1.10f1\editor\unity.exe => No File
FirewallRules: [TCP Query User{79F31AA6-2889-4FC2-B830-EB18E6E94E5B}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [UDP Query User{0B55E600-A68E-4600-A3E5-4A3A1E33F700}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe => No File
FirewallRules: [TCP Query User{598957E1-198B-47B9-A87F-9946B0F81C08}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [UDP Query User{BFF11645-C50B-4AE6-8197-9A8F7EDB0601}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [TCP Query User{7A6434FF-8223-4AE8-80A8-24FE893A6056}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [UDP Query User{BEDB4263-094A-4E4E-A6D9-333652C726F6}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => No File
FirewallRules: [TCP Query User{5EBC4863-A02F-49C1-943C-9462A315BF31}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [UDP Query User{5A6F61DE-73E7-4312-9C25-264BCE0F4F2B}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => No File
FirewallRules: [TCP Query User{989F3D25-11B2-4DC6-B964-CAEA3AC32CC4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [UDP Query User{9C5098D8-A8FB-475B-90EB-9BA9E6E151FF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [TCP Query User{3D9F2682-D267-47FF-94A7-BE61577CCBD2}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [UDP Query User{4CF07270-C9D1-449E-A53C-EF549879A94E}D:\unity\editor\unity.exe] => (Allow) D:\unity\editor\unity.exe => No File
FirewallRules: [{713AAD50-5E04-48F6-9E0E-FACC0F1D8F1E}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{1205D16F-F998-4801-96D1-61265C148880}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Video Editor\AceThinker Video Editor.exe => No File
FirewallRules: [{d0da6e51-4aa6-4d9c-93f5-b6f4f2bcd173}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{F0A7CCE3-ADBD-4EB4-98C0-B228380DFCD6}] => (Allow) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{5A8267A5-9FA4-4B71-A3DA-B0B43F62D765}] => (Block) D:\UNITY\2021.3.4f1\Editor\Unity.exe => No File
FirewallRules: [{2FE36E53-195D-4DBF-84A1-96F71572D700}] => (Allow) D:\UNITY\2018.3.0f2\Editor\Unity.exe => No File
FirewallRules: [{FA6E7E8A-6DC3-4DAE-B37B-98FB89DA11FF}] => (Allow) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{7796DE29-1AF8-4D14-9678-7481C6D658AD}] => (Block) D:\UNITY\2021.2.19f1\Editor\Unity.exe => No File
FirewallRules: [{4DB11C3E-638D-4DE4-8828-C205A9AB3939}] => (Allow) D:\UNITY\2018.4.17f1\Editor\Unity.exe => No File
FirewallRules: [{FE34CF34-E65B-435A-870C-3DBA5E32D714}] => (Allow) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{A38C15BF-A9D5-45B7-9E58-C0CC9644DE4E}] => (Block) D:\UNITY\2019.4.1f1\Editor\Unity.exe => No File
FirewallRules: [{EA95C2D1-7AC3-44B4-97F2-58384E64EE7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ACAE7889-338D-409D-862A-AE6EF35C66BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{01EF38A0-E623-452C-A9B6-D2AF952B41EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{CA8DB1AE-0B7B-40F9-B4FC-9EB3A938A132}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D7AB57EC-9A34-42A0-9C0A-5F1AFCC760B0}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [{70FFFEB4-461F-425D-992A-4EC0F05C59D1}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => No File
FirewallRules: [TCP Query User{4D16858A-3C72-4EA4-A674-319552EBC97E}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [UDP Query User{46C23E71-4AC5-4989-A327-725FD5B80BEF}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{A55FFAD8-E7C0-4085-8DEF-30EDD2E1A29C}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{CE368BA2-4E9D-446A-BCCA-314310B13FDE}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [{D0CB2737-9CD2-4654-AF7E-1EBD34AA2825}] => (Allow) D:\davinci resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [TCP Query User{8107F2F7-4F48-4CAD-B699-4F6A4B152330}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [UDP Query User{0B521A51-CE7C-4833-8074-1F6DA06CE8F2}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe] => (Allow) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{D63F56A1-0591-41CC-882F-D19A2CE09A2F}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{9D80C5DD-C491-418A-B3B4-9A9F19ECACC5}] => (Block) D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [{A0779E56-5E42-4119-A7E1-CD8097FDEC41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{38A10CCE-7A28-4D97-BF6B-A1BE549A48D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C2CFBE4A-8AF4-4D81-BC12-10492BCE54F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{00E46D47-1EE2-4821-82A2-AAFBDEA34238}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{22D126AE-E2A8-4E1A-88B6-F590C3CA50C3}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [UDP Query User{E0F29BB6-2AEA-4C96-9A18-696FC99A36C1}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [TCP Query User{390E1E54-3935-4956-AF95-44BAB94EF215}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [UDP Query User{7353B879-B0CA-42FD-8C02-DD38E55BFA6E}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A1FD5305-77B3-4D4C-A344-13E4D0A7EB0A}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{47891DE2-CE61-4B4C-B549-87E31E489FE0}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe => No File
FirewallRules: [{A7C461C2-952D-4B19-9578-B706B8D4DE0B}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{18F5F9B9-64CE-4B86-8BA5-546DE07D9C70}] => (Block) D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe => No File
FirewallRules: [{948C9C87-8DA3-4EFB-8C6C-0C984DBD113E}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [{672FD62C-6846-4B93-B04E-41556F9677C1}] => (Block) C:\users\pc\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{30C17B4A-5376-40AE-B262-77879F2B4F4F}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [UDP Query User{A2152938-40AE-41BE-B4FC-ACF10BB4725C}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe] => (Allow) D:\thunder\microsoft flight simulator 2020\flightsimulator.exe => No File
FirewallRules: [TCP Query User{D61E56F8-5110-40F9-827D-9520558AE9F9}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [UDP Query User{EB726475-5695-4BAE-A585-94FFDB6CB473}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{107CA2EE-DE37-436A-B200-ED5C28079C14}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{D72C1201-39CB-463E-B570-D1EEFA94FAD6}] => (Block) C:\program files\packetsender\packetsender.exe => No File
FirewallRules: [{289D1C3F-23EB-43A9-A0A1-CAADBC22F8C5}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{7FED9405-0F58-4BA5-ABB9-0AC1C0C462EE}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{A28D5B99-42DF-4D2F-99E0-72EAF9E51AC4}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{426895DB-37F0-48B7-9EBF-43DB0B9E449A}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{6C6ADBEB-BF53-4328-8F71-11EA62EE332F}] => (Allow) D:\AnyDesk.exe => No File
FirewallRules: [{8D66A43E-9869-4478-A9C8-D1028E028355}] => (Allow) D:\AnyDesk.exe => No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\tvncontrol" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CustomCursor" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\it.remote.desktop" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Salad" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Krisp" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\whatpulse" => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Microsoft\Windows\CurrentVersion\Run\\electron.app.Pi Network" => removed successfully
HKU\S-1-5-21-321179341-2139502707-572524282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7665429a-90dd-11ec-abeb-244bfe775eb1} => removed successfully
HKU\S-1-5-21-321179341-2139502707-572524282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea3aec86-83ed-11eb-ab32-244bfe775eb1} => removed successfully
"HKU\S-1-5-21-321179341-2139502707-572524282-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Salad" => removed successfully

"C:\Windows\system32\GroupPolicy\Machine" folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B0596E80-4F68-4178-9CFE-B4C7AD887460}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0596E80-4F68-4178-9CFE-B4C7AD887460}" => removed successfully
C:\Windows\System32\Tasks\iTop Christmas Task (One-Time) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iTop Christmas Task (One-Time)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD31B744-7F0A-4BFE-B6E5-C30D7C5DB346}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46F6EC2C-4A95-499B-AB6F-6ABA5585DFC5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\GPUZ-v2 => removed successfully
GPUZ-v2 => service removed successfully
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\PC\AppData\Local\{63BE1D37-80D5-4693-826C-3B6A361CE219} => moved successfully
C:\Users\PC\AppData\Local\{AAF86E04-803E-48BB-9492-DDAD527365CB} => moved successfully
HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\ kwpsshellext => not found
HKU\S-1-5-21-321179341-2139502707-572524282-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ kwpsshellext => not found
C:\ProgramData\DP45977C.lfl => ":677104FCAA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk => ":09A0A90EF3" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9 => ": Legends.lnk" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\Theinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9 => ": Legends.lnk" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6B2DDEC-CDAA-47E3-A4B1-76F4F796F4CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9164A233-E972-4DD5-87A4-2E58C35BE0A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7DEC9534-C4D1-470E-9CF5-0F0D4D68469A}C:\program files\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{41745206-C875-4416-B4DA-3A8C7BCB604D}C:\program files\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D42FCE2F-7C76-4A1D-9807-16BBAC743B4E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D1992FC-2EF1-4633-8E63-B657E8383687}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FB7696CA-0355-4F93-8627-7C676E971429}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3607866-AA9F-4711-A456-CD7F735D3EEB}C:\program files\unity\editor\2020.3.3f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{850527CA-7E10-4A60-A157-DA31238F470A}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{40DF6F46-1BDD-4E1A-9A4A-59B934723E7E}C:\program files\unity\editor\2020.3.3f1\editor\data\tools\nodejs\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{76726584-9B12-4E8E-AD98-6C81D78002E6}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2E4F8C5D-1055-4BDD-8112-AF92C3BDD202}C:\users\pc\appdata\local\programs\discord-bot-client\discord bot client.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B0BA8790-C5C3-4F31-BDB8-E89BBDC41BE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7EDE7AF-3BF6-4F29-BD1E-8F3865775A5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{435F5444-55F8-4CB3-B07F-85489BD23F04}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{727089F1-649E-44C0-9D64-F7F9EED22CFF}C:\program files\unity\editor\2021.1.10f1\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{79F31AA6-2889-4FC2-B830-EB18E6E94E5B}C:\program files\android\android studio\bin\studio64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B55E600-A68E-4600-A3E5-4A3A1E33F700}C:\program files\android\android studio\bin\studio64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{598957E1-198B-47B9-A87F-9946B0F81C08}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BFF11645-C50B-4AE6-8197-9A8F7EDB0601}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7A6434FF-8223-4AE8-80A8-24FE893A6056}C:\program files\blackmagic design\davinci resolve\resolve.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BEDB4263-094A-4E4E-A6D9-333652C726F6}C:\program files\blackmagic design\davinci resolve\resolve.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5EBC4863-A02F-49C1-943C-9462A315BF31}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A6F61DE-73E7-4312-9C25-264BCE0F4F2B}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{989F3D25-11B2-4DC6-B964-CAEA3AC32CC4}C:\program files\blackmagic design\davinci resolve\fuscript.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9C5098D8-A8FB-475B-90EB-9BA9E6E151FF}C:\program files\blackmagic design\davinci resolve\fuscript.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D9F2682-D267-47FF-94A7-BE61577CCBD2}D:\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4CF07270-C9D1-449E-A53C-EF549879A94E}D:\unity\editor\unity.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{713AAD50-5E04-48F6-9E0E-FACC0F1D8F1E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1205D16F-F998-4801-96D1-61265C148880}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{d0da6e51-4aa6-4d9c-93f5-b6f4f2bcd173}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0A7CCE3-ADBD-4EB4-98C0-B228380DFCD6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A8267A5-9FA4-4B71-A3DA-B0B43F62D765}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2FE36E53-195D-4DBF-84A1-96F71572D700}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FA6E7E8A-6DC3-4DAE-B37B-98FB89DA11FF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7796DE29-1AF8-4D14-9678-7481C6D658AD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DB11C3E-638D-4DE4-8828-C205A9AB3939}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE34CF34-E65B-435A-870C-3DBA5E32D714}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A38C15BF-A9D5-45B7-9E58-C0CC9644DE4E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA95C2D1-7AC3-44B4-97F2-58384E64EE7E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACAE7889-338D-409D-862A-AE6EF35C66BF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01EF38A0-E623-452C-A9B6-D2AF952B41EA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA8DB1AE-0B7B-40F9-B4FC-9EB3A938A132}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7AB57EC-9A34-42A0-9C0A-5F1AFCC760B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70FFFEB4-461F-425D-992A-4EC0F05C59D1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4D16858A-3C72-4EA4-A674-319552EBC97E}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{46C23E71-4AC5-4989-A327-725FD5B80BEF}C:\users\pc\appdata\local\discord\app-1.0.9011\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A55FFAD8-E7C0-4085-8DEF-30EDD2E1A29C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE368BA2-4E9D-446A-BCCA-314310B13FDE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0CB2737-9CD2-4654-AF7E-1EBD34AA2825}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8107F2F7-4F48-4CAD-B699-4F6A4B152330}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B521A51-CE7C-4833-8074-1F6DA06CE8F2}D:\thunder\ue_4.27\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D63F56A1-0591-41CC-882F-D19A2CE09A2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D80C5DD-C491-418A-B3B4-9A9F19ECACC5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0779E56-5E42-4119-A7E1-CD8097FDEC41}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38A10CCE-7A28-4D97-BF6B-A1BE549A48D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2CFBE4A-8AF4-4D81-BC12-10492BCE54F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00E46D47-1EE2-4821-82A2-AAFBDEA34238}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{22D126AE-E2A8-4E1A-88B6-F590C3CA50C3}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E0F29BB6-2AEA-4C96-9A18-696FC99A36C1}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{390E1E54-3935-4956-AF95-44BAB94EF215}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7353B879-B0CA-42FD-8C02-DD38E55BFA6E}D:\djisimulator\dji assistant 2 for mavic\djiengine\djiservicecore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1FD5305-77B3-4D4C-A344-13E4D0A7EB0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47891DE2-CE61-4B4C-B549-87E31E489FE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7C461C2-952D-4B19-9578-B706B8D4DE0B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18F5F9B9-64CE-4B86-8BA5-546DE07D9C70}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{948C9C87-8DA3-4EFB-8C6C-0C984DBD113E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{672FD62C-6846-4B93-B04E-41556F9677C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30C17B4A-5376-40AE-B262-77879F2B4F4F}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2152938-40AE-41BE-B4FC-ACF10BB4725C}D:\thunder\microsoft flight simulator 2020\flightsimulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D61E56F8-5110-40F9-827D-9520558AE9F9}C:\program files\packetsender\packetsender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EB726475-5695-4BAE-A585-94FFDB6CB473}C:\program files\packetsender\packetsender.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{107CA2EE-DE37-436A-B200-ED5C28079C14}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D72C1201-39CB-463E-B570-D1EEFA94FAD6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{289D1C3F-23EB-43A9-A0A1-CAADBC22F8C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FED9405-0F58-4BA5-ABB9-0AC1C0C462EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A28D5B99-42DF-4D2F-99E0-72EAF9E51AC4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{426895DB-37F0-48B7-9EBF-43DB0B9E449A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C6ADBEB-BF53-4328-8F71-11EA62EE332F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D66A43E-9869-4478-A9C8-D1028E028355}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 2097152 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 181614395 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 884297214 B
Windows/system/drivers => 7225567 B
Edge => 0 B
Chrome => 864097708 B
Brave => 268457554 B
Firefox => 204808810 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 112016844 B
systemprofile32 => 194908251 B
LocalService => 195202095 B
NetworkService => 195214315 B
PC => 580292324 B
Theinka => 1067327259 B

RecycleBin => 0 B
EmptyTemp: => 4.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-09-2023 18:40:22)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 18:40:23 ====

Re: Preventivní kontrola

Napsal: 18 zář 2023 17:46
od Rudy
Nic se neděje. Bylo smazáno, log je již OK.

Re: Preventivní kontrola

Napsal: 20 zář 2023 15:29
od czech 08
Díky moc!

Re: Preventivní kontrola

Napsal: 20 zář 2023 15:47
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz