Kontrola logu - problikávání bílé obrazovky

Zpráva

red · #1 Příspěvek od **red** » 27 led 2024 03:30

Dobrý den,

prosím o kontrolu logu, na PC mi občas problikne bílá obrazovka - je to chvilkové a děje se to při otevírání webových stránek. Je to náhodné a jsou to standardní stránky typu seznam, idnes atd.

Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.01.2024
Ran by red (administrator) on RED (MSI MS-7756) (27-01-2024 03:18:41)
Running from C:\Users\red\Downloads\eepl.com
Loaded Profiles: red
Platform: Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneAgent.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(DriverStore\FileRepository\c0361901.inf_amd64_e0351ea22e7ad253\B361909\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0361901.inf_amd64_e0351ea22e7ad253\B361909\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(explorer.exe ->) (Greenshot) [File not signed] C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Logitech Inc -> Logitech) C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe <7>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <14>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0361901.inf_amd64_e0351ea22e7ad253\B361909\atiesrxx.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2020-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2018-08-27] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1792256 2023-06-23] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-02-10] (Adobe Inc. -> )
HKLM-x32\...\Run: [Logi Tune] => C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe [138838416 2023-07-03] (Logitech Inc -> Logitech)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\red\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [MicrosoftEdgeAutoLaunch_8B4B69D160AA12BA5821F85CAB2F1CEB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [GoogleChromeAutoLaunch_16ED7BFD1EED139D2EE228272905FC2D] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2693920 2024-01-13] (Google LLC -> Google LLC)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe -os-restarted -osint -url hxxps://identity.myaccount.electroluxgroup.eu/production/OIDC/reset.html?apiKey=3_NR3F4BUwdlmIMgw1ZJ24MxNSELbywUMvw6_zUHJ5I (the data entry has 365 more characters). [671648 2024-01-24] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\MountPoints2: {8c6e99f0-c368-11eb-9d1c-d43d7e9c209f} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\...\Run: [MicrosoftEdgeAutoLaunch_5D8FF3C57F3750D6A930A5DAC7C2A886] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2021-04-07] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.227\Installer\chrmstp.exe [2024-01-23] (Google LLC -> Google LLC)
Startup: C:\Users\red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-02-04]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A4F7BEA-9316-4AA6-989D-A96D1C0B5A78} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {89670105-03C4-44BD-95DF-49302B416971} - System32\Tasks\{4687D069-BA72-421F-93B0-A47858BEA53A} => C:\WINDOWS\system32\pcalua.exe [53760 2023-11-14] (Microsoft Windows -> Microsoft Corporation) -> -a "F:\Instal\ACDSee Pro photo manager 8.1.99 cz\Czech.exe" -d "F:\Instal\ACDSee Pro photo manager 8.1.99 cz"
Task: {CBD1214A-3339-4343-BCC5-7F31615253BD} - System32\Tasks\{E44AD98E-3E3C-49A2-85AF-764F3C88CA27} => C:\WINDOWS\system32\pcalua.exe [53760 2023-11-14] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\InstallShield Installation Information\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}\setup.exe" -c -runfromtemp -l0x0009 -removeonly DriverOnly
Task: {DE0CE407-ADF9-4081-9DEA-0BBD844A12B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {355AA4B4-923F-4F84-9BEB-1BCE2A52772A} - System32\Tasks\AMD Updater => "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN (No File)
Task: {960FD5B8-A08A-4727-A223-84626E8CD0DF} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {729D97D8-A9E5-4E25-A9E1-A95FBD1027F1} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {729D97D8-A9E5-4E25-A9E1-A95FBD1027F1} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {729D97D8-A9E5-4E25-A9E1-A95FBD1027F1} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {E84A5A7B-D4F8-41E9-BCD0-9E838C353C95} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260832 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {6AC6A8D0-C144-431A-B3CF-5ED6C61C439F} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1825360 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {C3B7B599-FBE9-4F97-9506-06C9E07B5819} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8405C9AA-40A7-4A9F-92AF-7F03FF3BBB48} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [37097112 2023-12-15] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {149E8D17-0693-4677-AF75-72729B9D9247} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B7EABC85-77F5-40B7-A0F9-9F021963A3D5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "f0478c76-f886-4f10-ac70-de71b48116ae" --version "6.20.10897" --silent
Task: {1D0D4BB4-1A12-45C6-A01D-BE713506B51C} - System32\Tasks\CCleanerSkipUAC - red => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {57ED0225-7562-4471-922C-E43B92B5DDDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-08] (Google Inc -> Google Inc.)
Task: {691E5BB7-B5D8-4ED4-B3CE-50B52E461CFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-08] (Google Inc -> Google Inc.)
Task: {614DDC4C-9720-4285-9BAA-7604A95C0BC7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBE79270-0DA6-4F5E-BA35-EEF15D3B6535} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEE3D829-9646-40C6-BC72-11B11697B04B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {822BB560-23A3-4E5E-9614-DFACF766348E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {E769A488-6CFF-4C14-A72E-E14E645AE649} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1F98367-513F-43D4-9CF7-4904B08E184B} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671648 2024-01-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F4CE3AAF-5547-4728-A06C-FA835A318C32} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {17C33492-FEAF-4FB5-99C6-DA409FC457F0} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E53CCF52-15EE-4531-9A67-40BBFFCE4923} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {041F7734-6D86-4CCA-A29B-FD4A163473EA} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E86824F3-F897-4092-B479-69F2F5A5F418} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F86CC42-4C32-4F50-9DE7-6912EF079225} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{3d1dc618-8bc2-4c66-b217-bc8a5882ec32}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{658d8550-ff20-4297-9f7d-0b0144964b1c}: [NameServer] 217.77.165.81,217.77.165.211
Tcpip\..\Interfaces\{841e4486-813a-4688-b268-f7418fab6769}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-27]
Edge Extension: (Dokumenty Google offline) - C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (Edge relevant text changes) - C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-02]

FireFox:
========
FF DefaultProfile: 9ax8sbf2.default
FF ProfilePath: C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default [2024-01-27]
FF Homepage: Mozilla\Firefox\Profiles\9ax8sbf2.default -> www.seznam.cz
FF NetworkProxy: Mozilla\Firefox\Profiles\9ax8sbf2.default -> autoconfig_url", "localhost, 127.0.0.1"
FF Extension: (Avira Browser Safety) - C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default\Extensions\abs@avira.com.xpi [2022-05-30]
FF Extension: (Valence) - C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default\Extensions\fxdevtools-adapters@mozilla.org [2017-08-14] [Legacy]
FF Extension: (Password Exporter) - C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-07-09] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\itms.js [2018-08-27]

Chrome:
=======
CHR Profile: C:\Users\red\AppData\Local\Google\Chrome\User Data\Default [2024-01-27]
CHR Extension: (Avira Browser Safety) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-12]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-25]
CHR Extension: (Hangouts Google) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2022-06-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. -> Apple Inc.)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6782232 2024-01-17] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [268600 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [298400 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
S2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11280288 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
R3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11280288 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-12] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10688256 2023-10-05] (Logitech Inc -> Logitech, Inc.)
R2 LogiTuneUpdaterService; C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe [5804432 2023-07-03] (Logitech Inc -> Logitech, Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [18168576 2023-12-14] (Logitech Inc -> Logitech, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] (NETGEAR -> )

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [190712 2023-03-17] (Avira Operations GmbH -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-05-26] (Avira Operations GmbH -> Avira Operations GmbH)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-02-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-10-05] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-10-05] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-10-05] (Logitech Inc -> Logitech)
R3 MTKBTFilterx64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [347016 2022-06-12] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
S3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1591192 2022-06-12] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2020-08-11] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28784 2023-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
U5 rtp_filesystem_filter; C:\Windows\System32\Drivers\rtp_filesystem_filter.sys [219448 2023-07-12] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_filter; C:\WINDOWS\System32\DRIVERS\rtp_filter.sys [376952 2023-12-20] (Avira Operations GmbH -> Avira Operations GmbH)
U5 rtp_process_monitor; C:\Windows\System32\Drivers\rtp_process_monitor.sys [199992 2023-07-12] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [41984 2023-11-10] (Avira Operations GmbH -> Avira Operations GmbH)
R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [25312 2007-01-19] (NETGEAR -> Windows (R) Codename Longhorn DDK provider)
R2 speedfan; C:\WINDOWS\SysWoW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2023-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2016-02-03] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2023-01-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-31] (Microsoft Windows -> Microsoft Corporation)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-27 03:18 - 2024-01-27 03:19 - 000029549 _____ C:\Users\red\Downloads\FRST.txt
2024-01-27 03:17 - 2024-01-27 03:18 - 002389504 _____ (Farbar) C:\Users\red\Downloads\eepl.com
2024-01-25 08:19 - 2024-01-25 08:19 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2024-01-25 08:19 - 2024-01-25 08:19 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2024-01-25 08:19 - 2024-01-25 08:19 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2024-01-22 03:10 - 2024-01-22 03:10 - 000000000 ____D C:\Users\eu91\AppData\Local\Backup
2024-01-22 03:02 - 2024-01-22 03:02 - 000000000 ____D C:\Users\eu91\AppData\Local\Avira
2024-01-20 21:17 - 2024-01-20 21:17 - 000002288 _____ C:\Users\eu91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2024-01-20 21:17 - 2024-01-20 21:17 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Mozilla
2024-01-20 21:17 - 2024-01-20 21:17 - 000000000 ____D C:\Users\eu91\AppData\Local\Mozilla
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\Roaming\com.adobe.dunamis
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\LocalLow\Adobe
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\Local\SolidDocuments
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\Local\Adobe
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\.ms-ad
2024-01-20 20:26 - 2024-01-20 20:26 - 000000000 ____D C:\Users\eu91\AppData\Local\RadeonSettings
2024-01-20 20:24 - 2024-01-20 20:24 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Word
2024-01-20 20:24 - 2024-01-20 20:24 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Office
2024-01-20 20:24 - 2024-01-20 20:24 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\AddIns
2024-01-20 20:23 - 2024-01-20 20:23 - 000000000 ____D C:\Users\eu91\AppData\Local\PlaceholderTileLogoFolder
2024-01-20 20:23 - 2024-01-20 20:23 - 000000000 ____D C:\Users\eu91\AppData\Local\Comms
2024-01-20 20:22 - 2024-01-24 01:59 - 000000000 ____D C:\Users\eu91\AppData\Roaming\logitune
2024-01-20 20:22 - 2024-01-20 20:22 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1006
2024-01-20 20:22 - 2024-01-20 20:22 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Spelling
2024-01-20 20:22 - 2024-01-20 20:22 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Logishrd
2024-01-20 20:22 - 2024-01-20 20:22 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Greenshot
2024-01-20 20:22 - 2024-01-20 20:22 - 000000000 ____D C:\Users\eu91\AppData\Local\Greenshot
2024-01-20 20:20 - 2024-01-23 18:24 - 000000000 ____D C:\Users\eu91\AppData\Local\LogiOptionsPlus
2024-01-20 20:20 - 2024-01-23 18:00 - 000000000 ___RD C:\Users\eu91\OneDrive
2024-01-20 20:20 - 2024-01-21 19:04 - 000000000 ____D C:\Users\eu91\AppData\Local\D3DSCache
2024-01-20 20:20 - 2024-01-20 21:19 - 000000000 ____D C:\Users\eu91\AppData\Local\Packages
2024-01-20 20:20 - 2024-01-20 21:17 - 000000000 ____D C:\Users\eu91\AppData\Local\ConnectedDevicesPlatform
2024-01-20 20:20 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Adobe
2024-01-20 20:20 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91
2024-01-20 20:20 - 2024-01-20 20:26 - 000002336 _____ C:\Users\eu91\Desktop\Google Chrome.lnk
2024-01-20 20:20 - 2024-01-20 20:21 - 000000000 ____D C:\Users\eu91\AppData\Local\AMD
2024-01-20 20:20 - 2024-01-20 20:20 - 000002350 _____ C:\Users\eu91\Desktop\Microsoft Edge.lnk
2024-01-20 20:20 - 2024-01-20 20:20 - 000000020 ___SH C:\Users\eu91\ntuser.ini
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Šablony
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Soubory cookie
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Poslední
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Okolní tiskárny
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Okolní síť
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Nabídka Start
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Dokumenty
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Documents\Obrázky
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Documents\Hudba
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Documents\Filmy
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Data aplikací
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\AppData\Local\Data aplikací
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___SD C:\Users\eu91\AppData\Roaming\Microsoft\SystemCertificates
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___SD C:\Users\eu91\AppData\Roaming\Microsoft\Protect
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___SD C:\Users\eu91\AppData\Roaming\Microsoft\Crypto
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___SD C:\Users\eu91\AppData\Roaming\Microsoft\Credentials
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___RD C:\Users\eu91\3D Objects
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Windows
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Vault
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\LocalLow\AMD
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Local\VirtualStore
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Local\Publishers
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Local\Google
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Local\AviraWebView2Cache
2024-01-20 20:20 - 2021-04-08 01:38 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Network
2024-01-19 19:53 - 2024-01-19 19:53 - 000117294 _____ C:\Users\red\Downloads\IMG_8854.jpeg
2024-01-18 10:48 - 2024-01-18 10:48 - 002239414 _____ C:\Users\red\Downloads\Lynx investujte-chytre-7-tipu.pdf
2024-01-17 19:33 - 2024-01-17 19:33 - 000448272 _____ C:\Users\red\Downloads\print_1475782326.pdf
2024-01-16 20:16 - 2024-01-16 20:16 - 000099078 _____ C:\Users\red\Downloads\IMG_8780.jpeg
2024-01-16 19:50 - 2024-01-16 19:50 - 000065422 _____ C:\Users\red\Downloads\IMG_8543.jpeg
2024-01-16 19:48 - 2024-01-16 19:48 - 000094930 _____ C:\Users\red\Downloads\IMG_8637.jpeg
2024-01-14 11:49 - 2024-01-14 11:49 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-12 20:24 - 2024-01-12 20:24 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-01-12 17:14 - 2024-01-12 17:14 - 001010990 _____ C:\Users\red\Downloads\20231011-caddy (1).pdf
2024-01-12 17:13 - 2024-01-12 17:13 - 000538438 _____ C:\Users\red\Downloads\20231011-caddy-california (1).pdf
2024-01-10 02:14 - 2024-01-10 02:17 - 000000000 ___HD C:\$WinREAgent
2024-01-07 11:53 - 2024-01-07 11:53 - 000185437 _____ C:\Users\red\Downloads\50_sequioa_usneseni_rmc_0371_17_r_2021_z_3.5.2021.pdf
2024-01-06 02:43 - 2024-01-06 02:43 - 000234713 _____ C:\Users\red\Downloads\RZ-na-prani-1-12-2020-30-11-2021.xlsx
2024-01-05 14:16 - 2024-01-05 14:16 - 000162273 _____ C:\Users\red\Downloads\FIO harmonogram pokynů.pdf
2024-01-05 11:05 - 2024-01-05 11:05 - 000062321 _____ C:\Users\red\Downloads\faktura9240096534.pdf
2024-01-02 03:28 - 2024-01-02 03:28 - 004806236 _____ C:\Users\red\Downloads\technickadatacaddy-cz-ok.pdf
2024-01-02 03:27 - 2024-01-02 03:27 - 004806236 _____ C:\Users\red\Downloads\technickadatacaddy-cz-210512.pdf
2024-01-01 11:13 - 2024-01-01 11:13 - 011383608 _____ C:\Users\red\Downloads\Co sleduji 1 2-1.pdf
2024-01-01 10:44 - 2024-01-01 10:44 - 008815747 _____ C:\Users\red\Downloads\Co sleduji II.-1.pdf
2023-12-29 02:03 - 2023-12-29 02:03 - 000113685 _____ C:\Users\red\Downloads\IMG_8308 (1).jpeg
2023-12-29 01:41 - 2023-12-29 01:41 - 000113685 _____ C:\Users\red\Downloads\IMG_8308.jpeg
2023-12-29 01:37 - 2023-12-29 01:37 - 004476177 _____ C:\Users\red\Downloads\WBD (1).pdf
2023-12-29 01:37 - 2023-12-29 01:37 - 001383694 _____ C:\Users\red\Downloads\CVS výsledky.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-27 03:19 - 2022-02-28 15:45 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-27 03:19 - 2016-10-02 12:13 - 000000000 ____D C:\FRST
2024-01-27 03:14 - 2017-10-14 00:09 - 000000000 ____D C:\Users\red\AppData\Local\CrashDumps
2024-01-27 03:13 - 2016-02-19 20:36 - 000000000 ____D C:\Program Files\CCleaner
2024-01-27 03:13 - 2016-02-04 03:21 - 000000000 ____D C:\Users\red\AppData\Roaming\Microsoft\Excel
2024-01-27 03:13 - 2016-02-04 03:19 - 000000000 ____D C:\Users\red\Documents\Soubory aplikace Outlook
2024-01-27 03:11 - 2022-05-31 01:27 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-27 03:11 - 2017-01-08 13:36 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-27 03:08 - 2023-10-04 16:34 - 000000000 ____D C:\Users\red\AppData\Local\LogiOptionsPlus
2024-01-27 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-27 02:43 - 2019-12-07 15:42 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-01-26 19:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-26 19:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-26 19:36 - 2023-10-05 12:17 - 000000000 ____D C:\Users\red\AppData\Roaming\logitune
2024-01-26 19:36 - 2016-03-02 20:24 - 000000000 ___RD C:\Users\red\OneDrive
2024-01-26 03:56 - 2023-09-21 22:10 - 001436991 _____ C:\Users\red\Downloads\uzavrene fondy11.xlsx
2024-01-26 03:16 - 2023-06-21 19:00 - 000000000 ____D C:\Users\red\AppData\Roaming\Telegram Desktop
2024-01-26 03:16 - 2018-05-29 21:48 - 000000000 ____D C:\Users\red\AppData\Local\D3DSCache
2024-01-26 01:30 - 2022-06-09 07:37 - 000000000 ____D C:\Users\red\Documents\Práce + finance
2024-01-25 08:19 - 2021-05-07 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2024-01-25 08:19 - 2021-04-08 01:42 - 000003478 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2024-01-25 08:19 - 2016-02-02 23:21 - 000000000 ____D C:\Program Files (x86)\Avira
2024-01-24 08:26 - 2016-03-19 12:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-01-24 08:26 - 2016-02-02 21:19 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-24 08:24 - 2022-09-21 11:55 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-01-24 08:24 - 2022-09-21 11:55 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-01-24 08:24 - 2021-04-08 01:42 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-01-24 01:59 - 2021-06-02 00:05 - 000000000 ___HD C:\OneDriveTemp
2024-01-23 23:44 - 2020-06-16 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-22 08:52 - 2021-04-08 01:37 - 000000000 ____D C:\Users\red
2024-01-21 14:01 - 2021-04-08 01:38 - 001605812 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-21 14:01 - 2019-12-07 15:41 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2024-01-21 14:01 - 2019-12-07 15:41 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2024-01-21 14:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-20 21:19 - 2018-07-02 19:10 - 000000000 ____D C:\ProgramData\Packages
2024-01-20 21:18 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-01-20 21:17 - 2023-03-23 11:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-01-20 20:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-01-20 20:20 - 2016-02-02 20:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-01-20 20:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-01-20 19:57 - 2021-04-08 01:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-19 20:06 - 2023-10-26 17:32 - 000000000 ____D C:\Users\red\AppData\Roaming\discord
2024-01-19 19:58 - 2023-10-26 17:32 - 000000000 ____D C:\Users\red\AppData\Local\Discord
2024-01-19 19:55 - 2016-02-04 03:20 - 000000000 ____D C:\Users\red\AppData\Roaming\Microsoft\Word
2024-01-19 17:39 - 2020-07-24 17:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-19 03:22 - 2022-10-14 16:48 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-19 03:22 - 2022-10-14 16:48 - 000002021 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-01-19 03:22 - 2021-04-08 01:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-01-17 13:35 - 2016-02-04 03:20 - 000000000 ____D C:\Users\red\AppData\Roaming\Microsoft\Office
2024-01-17 01:44 - 2022-12-14 18:28 - 000003706 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater
2024-01-14 16:27 - 2023-10-26 17:32 - 000002254 _____ C:\Users\red\Desktop\Discord.lnk
2024-01-14 11:48 - 2016-02-04 02:18 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-12 08:47 - 2016-02-02 21:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-10 21:42 - 2021-04-08 01:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-10 03:42 - 2022-08-12 01:02 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2024-01-10 03:42 - 2021-04-08 01:35 - 000532592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-10 03:42 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-10 03:42 - 2017-09-18 11:02 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-01-10 03:41 - 2023-02-16 01:40 - 004727216 _____ C:\WINDOWS\system32\rtp.db
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-10 02:41 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-10 02:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-01-10 00:42 - 2016-02-03 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-10 00:39 - 2016-02-03 07:25 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-08 19:13 - 2016-02-03 02:05 - 000000000 ____D C:\Users\red\AppData\LocalLow\Adobe
2024-01-06 02:44 - 2017-12-19 18:59 - 000000000 ____D C:\Users\red\AppData\Local\Packages
2024-01-04 14:21 - 2016-02-02 23:31 - 000000000 ____D C:\Users\red\AppData\Roaming\vlc
2024-01-02 01:00 - 2023-09-21 02:15 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-12-29 12:17 - 2016-04-03 11:34 - 000000000 ____D C:\Users\red\AppData\Local\Greenshot

==================== Files in the root of some directories ========

2019-02-03 14:12 - 2019-02-03 14:12 - 000000142 _____ () C:\Users\red\AppData\Roaming\.ptbt1
2018-02-14 11:12 - 2021-01-28 14:15 - 000013312 _____ () C:\Users\red\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-08-07 01:04 - 2023-08-07 01:04 - 000000017 _____ () C:\Users\red\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.01.2024
Ran by red (27-01-2024 03:20:36)
Running from C:\Users\red\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) (2021-04-08 00:43:02)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4021570292-3320076861-2236006042-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4021570292-3320076861-2236006042-503 - Limited - Disabled)
defaultuser100000 (S-1-5-21-4021570292-3320076861-2236006042-1009 - Limited - Enabled)
eu91 (S-1-5-21-4021570292-3320076861-2236006042-1006 - Limited - Enabled) => C:\Users\eu91
Guest (S-1-5-21-4021570292-3320076861-2236006042-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4021570292-3320076861-2236006042-1003 - Limited - Enabled)
red (S-1-5-21-4021570292-3320076861-2236006042-1001 - Administrator - Enabled) => C:\Users\red
WDAGUtilityAccount (S-1-5-21-4021570292-3320076861-2236006042-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {5F40539F-99F0-6C11-B264-299FAD5733AA}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}
FW: Avira Security (Enabled) {71EC0A3F-391C-0E33-A103-0C8A6DF0EBF0}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}
FW: Avira Security (Enabled) {12CE3622-C811-64DE-1773-AA1774F2B8E1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Pro (HKLM-x32\...\{F99F74B4-972B-4B06-B893-6B3B0DB0128B}) (Version: 8.1.99 - ACD Systems Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe)
Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_2_1) (Version: 17.2.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2019.0816.1152.21357 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
ASUS AXE5400 Bluetooth Driver (HKLM-x32\...\{F80392A6-68E0-409A-B8B7-D434B204EC71}) (Version: 1.926.0.197 - ASUS)
ASUS AXE5400 Tri-Band PCIe WiFi Adapter (HKLM-x32\...\{C180DF90-0CDF-40F3-B9C7-0F36973BBEF7}) (Version: 3.3.0.564 - ASUS)
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.43.1.16819 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.98.1 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.27.0.19 - Avira Operations GmbH) Hidden
Balíček ovladače systému Windows - Panasonic Corporation (WUDFRd) Lumix (01/25/2017 1.0.0.1) (HKLM\...\C1796EE2B699AE60ED2EE6EC9E7797A930C410FB) (Version: 01/25/2017 1.0.0.1 - Panasonic Corporation)
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.3 a 6.3_is1) (Version: 1.1 - )
CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform)
Discord (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Discord) (Version: 1.0.9020 - Discord Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2206.2990 - Avira Operations GmbH & Co. KG) Hidden
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.227 - Google LLC)
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
Hugin (HKLM\...\{4D4D36E4-0BFF-4D51-B745-FF2401C501D8}) (Version: 20.18.0 - Hugin developer team)
Infovox Desktop 2.2 (HKLM-x32\...\{52C32940-C538-40CF-8DE9-B91090F49938}) (Version: 2.220.3 - Acapela Group)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
iTunes (HKLM\...\{51E78C79-92F0-48B2-8A9A-3A5C0A7DD3F2}) (Version: 12.6.5.3 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Ledger Live 2.60.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.60.0 - Ledger Live Team)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.60.496306 - Logitech)
Logi Tune (HKLM-x32\...\{ce7953d3-a849-4b66-bf0e-ffd5d2f43765}) (Version: 3.3.32.0 - Logitech)
Logi Tune 3.3.32 (HKLM-x32\...\{638159C5-38C0-4F10-A218-F2CE4CBCF833}) (Version: 3.3.32.0 - Logitech) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.8.459147 - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 10.10.58 - Logitech)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Teams) (Version: 1.5.00.17656 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0 (x64 cs)) (Version: 122.0 - Mozilla)
Mozilla Firefox 45.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 45.0.1 (x64 cs)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 122.0.0.8783 - Mozilla)
MSVCRT Redists (HKLM\...\{FD01461E-5788-11EB-9E8B-00155D51A912}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{FDB647E1-FA63-11EB-80FB-00155DEA5CED}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Panasonic USB Audio Driver (HKLM\...\{BDD817D3-FEE3-4932-A49B-7B137FBFF474}) (Version: 1.0.0 - Panasonic Corporation)
PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH)
Plex (HKLM-x32\...\Plex) (Version: 1.59.1 - Plex, Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Return to Castle Wolfenstein (HKLM-x32\...\Return to Castle Wolfenstein) (Version: 1.0 - Activision, Inc.)
TATSUJIN for DC-S1_S1R series (HKLM-x32\...\{F1E3FF18-64D9-4130-B4C8-B00560478E7E}) (Version: 1.00.0000 - Panasonic Corporation.)
Telegram Desktop (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.14.9 - Telegram FZ-LLC)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VEGAS Pro 19.0 (HKLM\...\{FB6AD140-FA63-11EB-982B-00155DEA5CED}) (Version: 19.0.341 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-20] ()
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21001.0_x64__8wekyb3d8bbwe [2024-01-20] (Microsoft Corporation) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm [2024-01-26] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4021570292-3320076861-2236006042-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4021570292-3320076861-2236006042-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\red\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22147.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4021570292-3320076861-2236006042-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [File not signed]
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-12-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-12-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-12-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\SysWOW64\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]
HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\SysWOW64\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl

==================== Loaded Modules (Whitelisted) =============

2023-07-03 19:29 - 2023-07-03 19:29 - 002577408 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\ffmpeg.dll
2023-07-03 19:29 - 2023-07-03 19:29 - 000380416 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\libegl.dll
2023-07-03 19:29 - 2023-07-03 19:29 - 006685184 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\libglesv2.dll
2023-07-03 19:29 - 2023-07-03 19:29 - 004691456 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\vk_swiftshader.dll
2023-07-03 19:29 - 2023-07-03 19:29 - 000804864 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\vulkan-1.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-06-28 17:32 - 2019-06-28 17:32 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2024-01-27 03:17 - 2024-01-27 03:18 - 002389504 _____ (Farbar) [File not signed] C:\Users\red\Downloads\eepl.com
2013-08-07 14:24 - 2013-08-07 14:24 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-07 14:24 - 2013-08-07 14:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2024-01-11 03:44 - 2024-01-11 03:44 - 003092992 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\968c58adc84d9c3069596b686689e92a\Newtonsoft.Json.ni.dll
2021-04-07 23:53 - 2021-04-07 23:53 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-16 11:49 - 2019-08-16 11:49 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-05-30 18:23 - 2018-05-30 18:23 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\Control Panel\Desktop\\Wallpaper -> c:\users\red\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\img0.jpg
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is enabled.

Network Binding:
=============
Síťové připojení Bluetooth: General NDIS Protocol Driver -> SCM_NDISPROT (enabled)
Wi-Fi 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled)
Ethernet: General NDIS Protocol Driver -> SCM_NDISPROT (enabled)
Připojení k místní síti: General NDIS Protocol Driver -> SCM_NDISPROT (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: SessionEnv => 3
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Device Detector"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8B4B69D160AA12BA5821F85CAB2F1CEB"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D3F9A346-E22B-452D-9C7C-C7909B652B18}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D637D14E-66FF-4861-8683-F83861580180}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{656A5AAE-9690-41F3-8BB3-A0FAE54EE5A1}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F9EEDE23-D9F3-4ACB-8526-12A54EF7B3AB}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D05BD312-42D7-40AF-8A0A-0F4FE67E797C}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{8922B494-ED9C-4DB0-A840-79CE4DEAD033}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{B564B9B3-A3B3-4BCB-A4DE-CE3DED8AB45E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{82AF924E-8CD3-43A5-89DD-DB05D3335680}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Block) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe () [File not signed]
FirewallRules: [TCP Query User{C5453C22-2B7A-4063-A10A-AEEABB8A41AC}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Block) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe () [File not signed]
FirewallRules: [{86AB537D-3D86-451B-90DA-693A703BF1C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7CE15EA9-4B6E-46A2-8451-E9B9E331CF17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5C83F783-D06F-4523-81F1-FB003DCAD466}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{FA6A2FED-8C64-48FA-A880-F0289D081F54}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{6956AB22-63D1-492E-854C-C5C1F6F979BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F2F54032-0E2C-473A-B4C0-CBD98A0612F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EAED52A0-1531-432B-8F5E-3518F0246F36}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{12DC5BDC-DA5D-4335-841B-1D794FB3F8CC}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{15D6DB3B-8ED6-4534-8861-EBC1FF8879DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{47597B18-B52A-4A19-B51F-3584F917D15F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [TCP Query User{1F537970-4883-4B89-9203-B87686F8F4D1}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{987CEA3B-7EA5-4176-B2E8-BA1BF89F7472}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AAA04367-88B3-4829-A542-8B00819669F5}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C6D8BBD5-140B-466E-969E-52E8D7523DDE}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A71705C7-EE16-412A-AECA-08883BDA26B2}C:\program files\plex\plex\plex.exe] => (Block) C:\program files\plex\plex\plex.exe (Plex, Inc. -> )
FirewallRules: [UDP Query User{9E895220-C99E-4C32-8887-B6EA90FB3AE4}C:\program files\plex\plex\plex.exe] => (Block) C:\program files\plex\plex\plex.exe (Plex, Inc. -> )
FirewallRules: [{0CE4D99C-EDCE-4ED9-964D-922135614E41}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{77C5EB99-C729-4256-AB30-6BB832B923B2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BE1B279-43F5-4190-8C29-4BA689159871}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4B63916-E9EE-4FA4-B544-F71A698EF321}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC4DB832-AAC2-40E2-AD05-FBD553BD2BAD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40DD684B-3496-4FEB-B12C-2B074383E095}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{AE759D8F-5638-4C7C-A2FF-794CB0BF060F}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{3736A839-0A31-4BD5-AB13-0BD038E265EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D3833CBA-BE37-4D9A-A02B-19B1EF2374FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AE802466-9AF6-49BB-AD20-5CDF70455454}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A94162F-BD2F-4385-8D79-6E44D7C30526}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02F87721-ABD8-4F7B-8A99-27F7D153EF69}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5E335BA9-7D1E-4BA3-9854-2ADC9FDF099E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

Name: MediaTek Wi-Fi 6E MT7922 160MHz Wireless LAN Card
Description: MediaTek Wi-Fi 6E MT7922 160MHz Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: MediaTek, Inc.
Service: mtkwlex
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (01/26/2024 07:41:26 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (01/26/2024 07:38:34 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/25/2024 06:48:27 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/25/2024 08:11:28 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/24/2024 08:24:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.3758, časové razítko: 0x873a6ae7
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x6e5981f0
ID chybujícího procesu: 0x41e0
Čas spuštění chybující aplikace: 0x01da4e96664043d6
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4a70705b-018d-4435-b39b-04e26f208fc4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/23/2024 06:24:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1768, časové razítko: 0x5d56d087
Název chybujícího modulu: RadeonSettings.exe, verze: 10.1.2.1768, časové razítko: 0x5d56d087
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000021da50
ID chybujícího procesu: 0x61f0
Čas spuštění chybující aplikace: 0x01da4e1d4a874357
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
ID zprávy: 56b8a84d-38a6-450e-82a6-50f46807da88
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/23/2024 06:00:14 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/22/2024 09:26:06 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

System errors:
=============
Error: (01/26/2024 07:35:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_1cb88cdb byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/25/2024 06:45:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_1bda1aef byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/25/2024 08:12:16 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH3FRZM-Microsoft.VCLibs.140.00.

Error: (01/25/2024 08:11:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH3FRZM-Microsoft.VCLibs.140.00.

Error: (01/25/2024 08:11:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80248007): 9NBLGGH4RV3K-Microsoft.VCLibs.140.00.UWPDesktop.

Error: (01/25/2024 08:11:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80248007): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (01/25/2024 08:08:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_1b44ab76 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/24/2024 08:24:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_1b080b13 byla ukončena s následující chybou:
Zařízení není připraveno.

Windows Defender:
================Event[0]:

Date: 2023-08-27 23:59:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-08-01 15:49:10
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-06-08 10:40:05
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-02-16 13:18:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.383.70.0
Předchozí verze bezpečnostních informací: 1.379.1233.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.20000.2
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80004004
Popis chyby: Operace přerušena

Date: 2023-02-16 13:18:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.383.70.0
Předchozí verze bezpečnostních informací: 1.379.1233.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.20000.2
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80004004
Popis chyby: Operace přerušena

CodeIntegrity:
===============
Date: 2024-01-27 03:12:22
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.18B1 08/19/2013
Motherboard: MSI H77MA-G43 (MS-7756)
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 36%
Total physical RAM: 16332.43 MB
Available physical RAM: 10378.06 MB
Total Virtual: 16332.43 MB
Available Virtual: 8779.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.47 GB) (Free:8.54 GB) (Model: INTEL SSDSC2CW120A3) NTFS
Drive d: (WD RED) (Fixed) (Total:3726.01 GB) (Free:3338.67 GB) (Model: WDC WD40EFPX-68C6CN0) NTFS
Drive e: (WD 5T) (Fixed) (Total:4657.4 GB) (Free:3157.3 GB) (Model: WDC WD50EZRX-00MVLB1) NTFS

\\?\Volume{aa1ad076-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{aa1ad076-0000-0000-0000-30bd1b000000}\ () (Fixed) (Total:0.83 GB) (Free:0.26 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: AA1AD076)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=852 MB) - (Type=27)

==========================================================
Disk: 1 (Protective MBR) (Size: 4657.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 27 led 2024 11:21

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

red · #3 Příspěvek od **red** » 28 led 2024 11:34

Zdravím!

Děkuji, tady to je:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-28-2024
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.3930)
# Scanned: 32108
# Detected: 1

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [1242 octets] - [01/09/2018 09:57:44]
AdwCleaner[C00].txt - [1428 octets] - [01/09/2018 09:57:58]
AdwCleaner[S01].txt - [1372 octets] - [10/09/2018 21:31:02]
AdwCleaner[S02].txt - [1421 octets] - [31/10/2018 19:50:24]
AdwCleaner[S03].txt - [1482 octets] - [31/10/2018 19:50:42]
AdwCleaner[S04].txt - [1543 octets] - [31/10/2018 19:51:56]
AdwCleaner[S05].txt - [1616 octets] - [31/10/2018 20:53:24]
AdwCleaner[C05].txt - [1802 octets] - [31/10/2018 20:53:31]
AdwCleaner[S06].txt - [1738 octets] - [08/12/2018 12:25:01]
AdwCleaner[C06].txt - [1924 octets] - [08/12/2018 12:25:14]
AdwCleaner[S07].txt - [1860 octets] - [08/12/2018 12:42:29]
AdwCleaner[S08].txt - [1921 octets] - [08/12/2018 12:42:42]
AdwCleaner[C08].txt - [2107 octets] - [08/12/2018 12:45:32]
AdwCleaner[S09].txt - [2283 octets] - [22/09/2020 19:32:21]
AdwCleaner[C09].txt - [2435 octets] - [22/09/2020 19:32:35]
AdwCleaner[S10].txt - [2165 octets] - [26/09/2020 13:15:14]
AdwCleaner[C10].txt - [2351 octets] - [26/09/2020 13:15:24]
AdwCleaner[S11].txt - [2443 octets] - [26/09/2020 23:46:48]
AdwCleaner[C11].txt - [2633 octets] - [26/09/2020 23:46:59]
AdwCleaner[S12].txt - [2654 octets] - [28/01/2024 11:30:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S13].txt ##########

#4 Příspěvek od **Rudy** » 28 led 2024 13:44

Smažte (dejte do karantény) detekovaný soubor, restartujte a pak dejte nové logy FRST+Addition.

red · #5 Příspěvek od **red** » 29 led 2024 12:54

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024 01
Ran by red (administrator) on RED (MSI MS-7756) (29-01-2024 12:50:45)
Running from C:\Users\red\Downloads\FRST64.exe
Loaded Profiles: red
Platform: Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneAgent.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(DriverStore\FileRepository\c0361901.inf_amd64_e0351ea22e7ad253\B361909\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0361901.inf_amd64_e0351ea22e7ad253\B361909\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(explorer.exe ->) (Greenshot) [File not signed] C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Logitech Inc -> Logitech) C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe <7>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <17>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0361901.inf_amd64_e0351ea22e7ad253\B361909\atiesrxx.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2311.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2020-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2018-08-27] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1792256 2023-06-23] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-02-10] (Adobe Inc. -> )
HKLM-x32\...\Run: [Logi Tune] => C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe [138838416 2023-07-03] (Logitech Inc -> Logitech)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\red\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [MicrosoftEdgeAutoLaunch_8B4B69D160AA12BA5821F85CAB2F1CEB] => "C:\Program Files (x86)\Microsoft\Edge\Application\121.0.2277.83\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [GoogleChromeAutoLaunch_16ED7BFD1EED139D2EE228272905FC2D] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2693920 2024-01-13] (Google LLC -> Google LLC)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe -os-restarted -osint -url hxxps://identity.myaccount.electroluxgroup.eu/production/OIDC/reset.html?apiKey=3_NR3F4BUwdlmIMgw1ZJ24MxNSELbywUMvw6_zUHJ5I (the data entry has 365 more characters). [671648 2024-01-24] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\MountPoints2: {8c6e99f0-c368-11eb-9d1c-d43d7e9c209f} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\...\Run: [MicrosoftEdgeAutoLaunch_5D8FF3C57F3750D6A930A5DAC7C2A886] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2021-04-07] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.227\Installer\chrmstp.exe [2024-01-23] (Google LLC -> Google LLC)
Startup: C:\Users\red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-02-04]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A4F7BEA-9316-4AA6-989D-A96D1C0B5A78} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {89670105-03C4-44BD-95DF-49302B416971} - System32\Tasks\{4687D069-BA72-421F-93B0-A47858BEA53A} => C:\WINDOWS\system32\pcalua.exe [53760 2023-11-14] (Microsoft Windows -> Microsoft Corporation) -> -a "F:\Instal\ACDSee Pro photo manager 8.1.99 cz\Czech.exe" -d "F:\Instal\ACDSee Pro photo manager 8.1.99 cz"
Task: {CBD1214A-3339-4343-BCC5-7F31615253BD} - System32\Tasks\{E44AD98E-3E3C-49A2-85AF-764F3C88CA27} => C:\WINDOWS\system32\pcalua.exe [53760 2023-11-14] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\InstallShield Installation Information\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}\setup.exe" -c -runfromtemp -l0x0009 -removeonly DriverOnly
Task: {DE0CE407-ADF9-4081-9DEA-0BBD844A12B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {355AA4B4-923F-4F84-9BEB-1BCE2A52772A} - System32\Tasks\AMD Updater => "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN (No File)
Task: {960FD5B8-A08A-4727-A223-84626E8CD0DF} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {729D97D8-A9E5-4E25-A9E1-A95FBD1027F1} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {729D97D8-A9E5-4E25-A9E1-A95FBD1027F1} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {729D97D8-A9E5-4E25-A9E1-A95FBD1027F1} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {E84A5A7B-D4F8-41E9-BCD0-9E838C353C95} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260832 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {6AC6A8D0-C144-431A-B3CF-5ED6C61C439F} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1825360 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {C3B7B599-FBE9-4F97-9506-06C9E07B5819} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8405C9AA-40A7-4A9F-92AF-7F03FF3BBB48} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [37097112 2023-12-15] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {149E8D17-0693-4677-AF75-72729B9D9247} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B7EABC85-77F5-40B7-A0F9-9F021963A3D5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "f0478c76-f886-4f10-ac70-de71b48116ae" --version "6.20.10897" --silent
Task: {1D0D4BB4-1A12-45C6-A01D-BE713506B51C} - System32\Tasks\CCleanerSkipUAC - red => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {57ED0225-7562-4471-922C-E43B92B5DDDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-08] (Google Inc -> Google Inc.)
Task: {691E5BB7-B5D8-4ED4-B3CE-50B52E461CFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-08] (Google Inc -> Google Inc.)
Task: {614DDC4C-9720-4285-9BAA-7604A95C0BC7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBE79270-0DA6-4F5E-BA35-EEF15D3B6535} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEE3D829-9646-40C6-BC72-11B11697B04B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {822BB560-23A3-4E5E-9614-DFACF766348E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {E769A488-6CFF-4C14-A72E-E14E645AE649} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1F98367-513F-43D4-9CF7-4904B08E184B} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671648 2024-01-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F4CE3AAF-5547-4728-A06C-FA835A318C32} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {17C33492-FEAF-4FB5-99C6-DA409FC457F0} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E53CCF52-15EE-4531-9A67-40BBFFCE4923} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {041F7734-6D86-4CCA-A29B-FD4A163473EA} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E86824F3-F897-4092-B479-69F2F5A5F418} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F86CC42-4C32-4F50-9DE7-6912EF079225} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{3d1dc618-8bc2-4c66-b217-bc8a5882ec32}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{658d8550-ff20-4297-9f7d-0b0144964b1c}: [NameServer] 217.77.165.81,217.77.165.211
Tcpip\..\Interfaces\{841e4486-813a-4688-b268-f7418fab6769}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-29]
Edge Extension: (Dokumenty Google offline) - C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-28]
Edge Extension: (Edge relevant text changes) - C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]

FireFox:
========
FF DefaultProfile: 9ax8sbf2.default
FF ProfilePath: C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default [2024-01-29]
FF Homepage: Mozilla\Firefox\Profiles\9ax8sbf2.default -> www.seznam.cz
FF NetworkProxy: Mozilla\Firefox\Profiles\9ax8sbf2.default -> autoconfig_url", "localhost, 127.0.0.1"
FF Extension: (Avira Browser Safety) - C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default\Extensions\abs@avira.com.xpi [2022-05-30]
FF Extension: (Valence) - C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default\Extensions\fxdevtools-adapters@mozilla.org [2017-08-14] [Legacy]
FF Extension: (Password Exporter) - C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-07-09] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\itms.js [2018-08-27]

Chrome:
=======
CHR Profile: C:\Users\red\AppData\Local\Google\Chrome\User Data\Default [2024-01-29]
CHR Extension: (Avira Browser Safety) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-12]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-25]
CHR Extension: (Hangouts Google) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2022-06-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. -> Apple Inc.)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6782232 2024-01-17] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [268600 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [298400 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11280288 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11280288 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-12] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10688256 2023-10-05] (Logitech Inc -> Logitech, Inc.)
R2 LogiTuneUpdaterService; C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe [5804432 2023-07-03] (Logitech Inc -> Logitech, Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [18168576 2023-12-14] (Logitech Inc -> Logitech, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] (NETGEAR -> )

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [190712 2023-03-17] (Avira Operations GmbH -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-05-26] (Avira Operations GmbH -> Avira Operations GmbH)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-02-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-10-05] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-10-05] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-10-05] (Logitech Inc -> Logitech)
R3 MTKBTFilterx64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [347016 2022-06-12] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
S3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1591192 2022-06-12] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2020-08-11] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28784 2023-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
U5 rtp_filesystem_filter; C:\Windows\System32\Drivers\rtp_filesystem_filter.sys [219448 2023-07-12] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_filter; C:\WINDOWS\System32\DRIVERS\rtp_filter.sys [376952 2023-12-20] (Avira Operations GmbH -> Avira Operations GmbH)
U5 rtp_process_monitor; C:\Windows\System32\Drivers\rtp_process_monitor.sys [199992 2023-07-12] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [41984 2023-11-10] (Avira Operations GmbH -> Avira Operations GmbH)
R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [25312 2007-01-19] (NETGEAR -> Windows (R) Codename Longhorn DDK provider)
R2 speedfan; C:\WINDOWS\SysWoW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2023-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2016-02-03] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2023-01-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-31] (Microsoft Windows -> Microsoft Corporation)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-29 12:50 - 2024-01-29 12:51 - 000029683 _____ C:\Users\red\Downloads\FRST.txt
2024-01-29 12:49 - 2024-01-29 12:49 - 002389504 _____ (Farbar) C:\Users\red\Downloads\FRST64.exe
2024-01-28 21:41 - 2024-01-28 21:41 - 000442392 _____ C:\Users\red\Downloads\9E2F88E3.TWITTER_7.0.0.0_neutral_~_wgeqdkkx372wm.AppxBundle
2024-01-28 11:30 - 2024-01-28 11:30 - 008791352 _____ (Malwarebytes) C:\Users\red\Downloads\adwcleaner.exe
2024-01-25 08:19 - 2024-01-25 08:19 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2024-01-25 08:19 - 2024-01-25 08:19 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2024-01-25 08:19 - 2024-01-25 08:19 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2024-01-22 03:10 - 2024-01-22 03:10 - 000000000 ____D C:\Users\eu91\AppData\Local\Backup
2024-01-22 03:02 - 2024-01-22 03:02 - 000000000 ____D C:\Users\eu91\AppData\Local\Avira
2024-01-20 21:17 - 2024-01-20 21:17 - 000002288 _____ C:\Users\eu91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2024-01-20 21:17 - 2024-01-20 21:17 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Mozilla
2024-01-20 21:17 - 2024-01-20 21:17 - 000000000 ____D C:\Users\eu91\AppData\Local\Mozilla
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\Roaming\com.adobe.dunamis
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\LocalLow\Adobe
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\Local\SolidDocuments
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\Local\Adobe
2024-01-20 20:32 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\.ms-ad
2024-01-20 20:26 - 2024-01-20 20:26 - 000000000 ____D C:\Users\eu91\AppData\Local\RadeonSettings
2024-01-20 20:24 - 2024-01-20 20:24 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Word
2024-01-20 20:24 - 2024-01-20 20:24 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Office
2024-01-20 20:24 - 2024-01-20 20:24 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\AddIns
2024-01-20 20:23 - 2024-01-28 12:02 - 000000000 ____D C:\Users\eu91\AppData\Local\PlaceholderTileLogoFolder
2024-01-20 20:23 - 2024-01-20 20:23 - 000000000 ____D C:\Users\eu91\AppData\Local\Comms
2024-01-20 20:22 - 2024-01-29 12:39 - 000000000 ____D C:\Users\eu91\AppData\Roaming\logitune
2024-01-20 20:22 - 2024-01-28 12:02 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Spelling
2024-01-20 20:22 - 2024-01-20 20:22 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1006
2024-01-20 20:22 - 2024-01-20 20:22 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Logishrd
2024-01-20 20:22 - 2024-01-20 20:22 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Greenshot
2024-01-20 20:22 - 2024-01-20 20:22 - 000000000 ____D C:\Users\eu91\AppData\Local\Greenshot
2024-01-20 20:20 - 2024-01-28 21:38 - 000000000 ____D C:\Users\eu91\AppData\Local\LogiOptionsPlus
2024-01-20 20:20 - 2024-01-28 20:38 - 000000000 ___RD C:\Users\eu91\OneDrive
2024-01-20 20:20 - 2024-01-28 12:02 - 000000000 ____D C:\Users\eu91\AppData\Local\Packages
2024-01-20 20:20 - 2024-01-28 12:01 - 000000000 ____D C:\Users\eu91\AppData\Local\D3DSCache
2024-01-20 20:20 - 2024-01-20 21:17 - 000000000 ____D C:\Users\eu91\AppData\Local\ConnectedDevicesPlatform
2024-01-20 20:20 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Adobe
2024-01-20 20:20 - 2024-01-20 20:32 - 000000000 ____D C:\Users\eu91
2024-01-20 20:20 - 2024-01-20 20:26 - 000002336 _____ C:\Users\eu91\Desktop\Google Chrome.lnk
2024-01-20 20:20 - 2024-01-20 20:21 - 000000000 ____D C:\Users\eu91\AppData\Local\AMD
2024-01-20 20:20 - 2024-01-20 20:20 - 000002350 _____ C:\Users\eu91\Desktop\Microsoft Edge.lnk
2024-01-20 20:20 - 2024-01-20 20:20 - 000000020 ___SH C:\Users\eu91\ntuser.ini
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Šablony
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Soubory cookie
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Poslední
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Okolní tiskárny
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Okolní síť
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Nabídka Start
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Dokumenty
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Documents\Obrázky
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Documents\Hudba
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Documents\Filmy
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\Data aplikací
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 _SHDL C:\Users\eu91\AppData\Local\Data aplikací
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___SD C:\Users\eu91\AppData\Roaming\Microsoft\SystemCertificates
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___SD C:\Users\eu91\AppData\Roaming\Microsoft\Protect
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___SD C:\Users\eu91\AppData\Roaming\Microsoft\Crypto
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___SD C:\Users\eu91\AppData\Roaming\Microsoft\Credentials
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ___RD C:\Users\eu91\3D Objects
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Windows
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Vault
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\LocalLow\AMD
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Local\VirtualStore
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Local\Publishers
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Local\Google
2024-01-20 20:20 - 2024-01-20 20:20 - 000000000 ____D C:\Users\eu91\AppData\Local\AviraWebView2Cache
2024-01-20 20:20 - 2021-04-08 01:38 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Microsoft\Network
2024-01-19 19:53 - 2024-01-19 19:53 - 000117294 _____ C:\Users\red\Downloads\IMG_8854.jpeg
2024-01-18 10:48 - 2024-01-18 10:48 - 002239414 _____ C:\Users\red\Downloads\Lynx investujte-chytre-7-tipu.pdf
2024-01-17 19:33 - 2024-01-17 19:33 - 000448272 _____ C:\Users\red\Downloads\print_1475782326.pdf
2024-01-16 20:16 - 2024-01-16 20:16 - 000099078 _____ C:\Users\red\Downloads\IMG_8780.jpeg
2024-01-16 19:50 - 2024-01-16 19:50 - 000065422 _____ C:\Users\red\Downloads\IMG_8543.jpeg
2024-01-16 19:48 - 2024-01-16 19:48 - 000094930 _____ C:\Users\red\Downloads\IMG_8637.jpeg
2024-01-14 11:49 - 2024-01-14 11:49 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-12 20:24 - 2024-01-12 20:24 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-01-12 17:14 - 2024-01-12 17:14 - 001010990 _____ C:\Users\red\Downloads\20231011-caddy (1).pdf
2024-01-12 17:13 - 2024-01-12 17:13 - 000538438 _____ C:\Users\red\Downloads\20231011-caddy-california (1).pdf
2024-01-10 02:14 - 2024-01-10 02:17 - 000000000 ___HD C:\$WinREAgent
2024-01-07 11:53 - 2024-01-07 11:53 - 000185437 _____ C:\Users\red\Downloads\50_sequioa_usneseni_rmc_0371_17_r_2021_z_3.5.2021.pdf
2024-01-06 02:43 - 2024-01-06 02:43 - 000234713 _____ C:\Users\red\Downloads\RZ-na-prani-1-12-2020-30-11-2021.xlsx
2024-01-05 14:16 - 2024-01-05 14:16 - 000162273 _____ C:\Users\red\Downloads\FIO harmonogram pokynů.pdf
2024-01-05 11:05 - 2024-01-05 11:05 - 000062321 _____ C:\Users\red\Downloads\faktura9240096534.pdf
2024-01-02 03:28 - 2024-01-02 03:28 - 004806236 _____ C:\Users\red\Downloads\technickadatacaddy-cz-ok.pdf
2024-01-02 03:27 - 2024-01-02 03:27 - 004806236 _____ C:\Users\red\Downloads\technickadatacaddy-cz-210512.pdf
2024-01-01 11:13 - 2024-01-01 11:13 - 011383608 _____ C:\Users\red\Downloads\Co sleduji 1 2-1.pdf
2024-01-01 10:44 - 2024-01-01 10:44 - 008815747 _____ C:\Users\red\Downloads\Co sleduji II.-1.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-29 12:51 - 2016-10-02 12:13 - 000000000 ____D C:\FRST
2024-01-29 12:50 - 2023-10-04 16:34 - 000000000 ____D C:\Users\red\AppData\Local\LogiOptionsPlus
2024-01-29 12:48 - 2021-04-08 01:38 - 001605812 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-29 12:48 - 2019-12-07 15:41 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2024-01-29 12:48 - 2019-12-07 15:41 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2024-01-29 12:48 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-29 12:44 - 2022-05-31 01:27 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-29 12:44 - 2017-01-08 13:36 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-29 12:42 - 2023-10-05 12:17 - 000000000 ____D C:\Users\red\AppData\Roaming\logitune
2024-01-29 12:42 - 2021-04-08 01:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-29 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-01-29 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-29 12:42 - 2016-03-02 20:24 - 000000000 ___RD C:\Users\red\OneDrive
2024-01-29 12:41 - 2023-02-16 01:40 - 004134624 _____ C:\WINDOWS\system32\rtp.db
2024-01-29 12:41 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-29 12:41 - 2017-09-18 11:02 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-01-29 12:40 - 2022-09-21 11:55 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-01-29 12:39 - 2022-02-28 15:45 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-29 12:39 - 2016-03-19 12:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-01-29 12:39 - 2016-02-19 20:36 - 000000000 ____D C:\Program Files\CCleaner
2024-01-29 12:39 - 2016-02-04 03:19 - 000000000 ____D C:\Users\red\Documents\Soubory aplikace Outlook
2024-01-29 12:39 - 2016-02-02 21:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-29 12:10 - 2019-12-07 15:42 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-01-29 09:37 - 2016-02-04 03:21 - 000000000 ____D C:\Users\red\AppData\Roaming\Microsoft\Excel
2024-01-28 21:43 - 2018-05-29 21:48 - 000000000 ____D C:\Users\red\AppData\Local\D3DSCache
2024-01-28 21:41 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-28 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-28 21:41 - 2018-07-02 19:10 - 000000000 ____D C:\ProgramData\Packages
2024-01-28 21:41 - 2017-12-19 18:59 - 000000000 ____D C:\Users\red\AppData\Local\Packages
2024-01-28 20:38 - 2021-06-02 00:05 - 000000000 ___HD C:\OneDriveTemp
2024-01-28 13:16 - 2023-06-21 19:00 - 000000000 ____D C:\Users\red\AppData\Roaming\Telegram Desktop
2024-01-27 11:04 - 2020-07-24 17:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-27 03:57 - 2022-06-09 07:37 - 000000000 ____D C:\Users\red\Documents\Práce + finance
2024-01-27 03:14 - 2017-10-14 00:09 - 000000000 ____D C:\Users\red\AppData\Local\CrashDumps
2024-01-26 03:56 - 2023-09-21 22:10 - 001436991 _____ C:\Users\red\Downloads\uzavrene fondy11.xlsx
2024-01-25 08:19 - 2021-05-07 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2024-01-25 08:19 - 2021-04-08 01:42 - 000003478 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2024-01-25 08:19 - 2016-02-02 23:21 - 000000000 ____D C:\Program Files (x86)\Avira
2024-01-24 08:26 - 2016-02-02 21:19 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-24 08:24 - 2022-09-21 11:55 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-01-24 08:24 - 2021-04-08 01:42 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-01-23 23:44 - 2020-06-16 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-22 08:52 - 2021-04-08 01:37 - 000000000 ____D C:\Users\red
2024-01-20 21:18 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-01-20 21:17 - 2023-03-23 11:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-01-20 20:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-01-20 20:20 - 2016-02-02 20:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-01-20 19:57 - 2021-04-08 01:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-19 20:06 - 2023-10-26 17:32 - 000000000 ____D C:\Users\red\AppData\Roaming\discord
2024-01-19 19:58 - 2023-10-26 17:32 - 000000000 ____D C:\Users\red\AppData\Local\Discord
2024-01-19 19:55 - 2016-02-04 03:20 - 000000000 ____D C:\Users\red\AppData\Roaming\Microsoft\Word
2024-01-19 03:22 - 2022-10-14 16:48 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-19 03:22 - 2022-10-14 16:48 - 000002021 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-01-19 03:22 - 2021-04-08 01:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-01-17 13:35 - 2016-02-04 03:20 - 000000000 ____D C:\Users\red\AppData\Roaming\Microsoft\Office
2024-01-17 01:44 - 2022-12-14 18:28 - 000003706 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater
2024-01-14 16:27 - 2023-10-26 17:32 - 000002254 _____ C:\Users\red\Desktop\Discord.lnk
2024-01-14 11:48 - 2016-02-04 02:18 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-10 03:42 - 2022-08-12 01:02 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2024-01-10 03:42 - 2021-04-08 01:35 - 000532592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-10 03:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-10 02:41 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-10 02:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-01-10 00:42 - 2016-02-03 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-10 00:39 - 2016-02-03 07:25 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-08 19:13 - 2016-02-03 02:05 - 000000000 ____D C:\Users\red\AppData\LocalLow\Adobe
2024-01-04 14:21 - 2016-02-02 23:31 - 000000000 ____D C:\Users\red\AppData\Roaming\vlc
2024-01-02 01:00 - 2023-09-21 02:15 - 000000000 ____D C:\Program Files\Microsoft OneDrive

==================== Files in the root of some directories ========

2019-02-03 14:12 - 2019-02-03 14:12 - 000000142 _____ () C:\Users\red\AppData\Roaming\.ptbt1
2018-02-14 11:12 - 2021-01-28 14:15 - 000013312 _____ () C:\Users\red\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-08-07 01:04 - 2023-08-07 01:04 - 000000017 _____ () C:\Users\red\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2024 01
Ran by red (29-01-2024 12:52:39)
Running from C:\Users\red\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) (2021-04-08 00:43:02)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4021570292-3320076861-2236006042-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4021570292-3320076861-2236006042-503 - Limited - Disabled)
eu91 (S-1-5-21-4021570292-3320076861-2236006042-1006 - Limited - Enabled) => C:\Users\eu91
Guest (S-1-5-21-4021570292-3320076861-2236006042-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4021570292-3320076861-2236006042-1003 - Limited - Enabled)
red (S-1-5-21-4021570292-3320076861-2236006042-1001 - Administrator - Enabled) => C:\Users\red
WDAGUtilityAccount (S-1-5-21-4021570292-3320076861-2236006042-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {5F40539F-99F0-6C11-B264-299FAD5733AA}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}
FW: Avira Security (Enabled) {71EC0A3F-391C-0E33-A103-0C8A6DF0EBF0}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}
FW: Avira Security (Enabled) {12CE3622-C811-64DE-1773-AA1774F2B8E1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Pro (HKLM-x32\...\{F99F74B4-972B-4B06-B893-6B3B0DB0128B}) (Version: 8.1.99 - ACD Systems Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe)
Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_2_1) (Version: 17.2.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2019.0816.1152.21357 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
ASUS AXE5400 Bluetooth Driver (HKLM-x32\...\{F80392A6-68E0-409A-B8B7-D434B204EC71}) (Version: 1.926.0.197 - ASUS)
ASUS AXE5400 Tri-Band PCIe WiFi Adapter (HKLM-x32\...\{C180DF90-0CDF-40F3-B9C7-0F36973BBEF7}) (Version: 3.3.0.564 - ASUS)
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.43.1.16819 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.98.1 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.27.0.19 - Avira Operations GmbH) Hidden
Balíček ovladače systému Windows - Panasonic Corporation (WUDFRd) Lumix (01/25/2017 1.0.0.1) (HKLM\...\C1796EE2B699AE60ED2EE6EC9E7797A930C410FB) (Version: 01/25/2017 1.0.0.1 - Panasonic Corporation)
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.3 a 6.3_is1) (Version: 1.1 - )
CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform)
Discord (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Discord) (Version: 1.0.9020 - Discord Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2206.2990 - Avira Operations GmbH & Co. KG) Hidden
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.227 - Google LLC)
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
Hugin (HKLM\...\{4D4D36E4-0BFF-4D51-B745-FF2401C501D8}) (Version: 20.18.0 - Hugin developer team)
Infovox Desktop 2.2 (HKLM-x32\...\{52C32940-C538-40CF-8DE9-B91090F49938}) (Version: 2.220.3 - Acapela Group)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
iTunes (HKLM\...\{51E78C79-92F0-48B2-8A9A-3A5C0A7DD3F2}) (Version: 12.6.5.3 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Ledger Live 2.60.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.60.0 - Ledger Live Team)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.60.496306 - Logitech)
Logi Tune (HKLM-x32\...\{ce7953d3-a849-4b66-bf0e-ffd5d2f43765}) (Version: 3.3.32.0 - Logitech)
Logi Tune 3.3.32 (HKLM-x32\...\{638159C5-38C0-4F10-A218-F2CE4CBCF833}) (Version: 3.3.32.0 - Logitech) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.8.459147 - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 10.10.58 - Logitech)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Teams) (Version: 1.5.00.17656 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0 (x64 cs)) (Version: 122.0 - Mozilla)
Mozilla Firefox 45.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 45.0.1 (x64 cs)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 122.0.0.8783 - Mozilla)
MSVCRT Redists (HKLM\...\{FD01461E-5788-11EB-9E8B-00155D51A912}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{FDB647E1-FA63-11EB-80FB-00155DEA5CED}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Panasonic USB Audio Driver (HKLM\...\{BDD817D3-FEE3-4932-A49B-7B137FBFF474}) (Version: 1.0.0 - Panasonic Corporation)
PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH)
Plex (HKLM-x32\...\Plex) (Version: 1.59.1 - Plex, Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Return to Castle Wolfenstein (HKLM-x32\...\Return to Castle Wolfenstein) (Version: 1.0 - Activision, Inc.)
TATSUJIN for DC-S1_S1R series (HKLM-x32\...\{F1E3FF18-64D9-4130-B4C8-B00560478E7E}) (Version: 1.00.0000 - Panasonic Corporation.)
Telegram Desktop (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.14.9 - Telegram FZ-LLC)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VEGAS Pro 19.0 (HKLM\...\{FB6AD140-FA63-11EB-982B-00155DEA5CED}) (Version: 19.0.341 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-20] ()
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21001.0_x64__8wekyb3d8bbwe [2024-01-20] (Microsoft Corporation) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.0.0_x86__wgeqdkkx372wm [2024-01-28] (Twitter Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm [2024-01-28] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4021570292-3320076861-2236006042-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4021570292-3320076861-2236006042-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\red\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22147.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4021570292-3320076861-2236006042-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [File not signed]
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-12-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-12-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-12-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\SysWOW64\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]
HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\SysWOW64\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__jgeocpdicgmkeemopbanhokmhcgcflmi\X.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\121.0.2277.83\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi --app-url=hxxps://twitter.com/?utm_source=homescreen&utm_medium=shortcut --app-launch-source=4
ShortcutWithArgument: C:\Users\red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl

==================== Loaded Modules (Whitelisted) =============

2023-07-03 19:29 - 2023-07-03 19:29 - 002577408 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\ffmpeg.dll
2023-07-03 19:29 - 2023-07-03 19:29 - 000380416 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\libegl.dll
2023-07-03 19:29 - 2023-07-03 19:29 - 006685184 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\libglesv2.dll
2023-07-03 19:29 - 2023-07-03 19:29 - 004691456 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\vk_swiftshader.dll
2023-07-03 19:29 - 2023-07-03 19:29 - 000804864 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\vulkan-1.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-06-28 17:32 - 2019-06-28 17:32 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2013-08-07 14:24 - 2013-08-07 14:24 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-07 14:24 - 2013-08-07 14:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2024-01-11 03:44 - 2024-01-11 03:44 - 003092992 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\968c58adc84d9c3069596b686689e92a\Newtonsoft.Json.ni.dll
2021-04-07 23:53 - 2021-04-07 23:53 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-16 11:49 - 2019-08-16 11:49 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-05-30 18:23 - 2018-05-30 18:23 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\Control Panel\Desktop\\Wallpaper -> c:\users\red\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\img0.jpg
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is enabled.

Network Binding:
=============
Síťové připojení Bluetooth: General NDIS Protocol Driver -> SCM_NDISPROT (enabled)
Wi-Fi 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled)
Ethernet: General NDIS Protocol Driver -> SCM_NDISPROT (enabled)
Připojení k místní síti: General NDIS Protocol Driver -> SCM_NDISPROT (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: SessionEnv => 3
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Device Detector"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8B4B69D160AA12BA5821F85CAB2F1CEB"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D3F9A346-E22B-452D-9C7C-C7909B652B18}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D637D14E-66FF-4861-8683-F83861580180}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{656A5AAE-9690-41F3-8BB3-A0FAE54EE5A1}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F9EEDE23-D9F3-4ACB-8526-12A54EF7B3AB}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D05BD312-42D7-40AF-8A0A-0F4FE67E797C}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{8922B494-ED9C-4DB0-A840-79CE4DEAD033}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{B564B9B3-A3B3-4BCB-A4DE-CE3DED8AB45E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{82AF924E-8CD3-43A5-89DD-DB05D3335680}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Block) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe () [File not signed]
FirewallRules: [TCP Query User{C5453C22-2B7A-4063-A10A-AEEABB8A41AC}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Block) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe () [File not signed]
FirewallRules: [{86AB537D-3D86-451B-90DA-693A703BF1C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7CE15EA9-4B6E-46A2-8451-E9B9E331CF17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5C83F783-D06F-4523-81F1-FB003DCAD466}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{FA6A2FED-8C64-48FA-A880-F0289D081F54}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{6956AB22-63D1-492E-854C-C5C1F6F979BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F2F54032-0E2C-473A-B4C0-CBD98A0612F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EAED52A0-1531-432B-8F5E-3518F0246F36}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{12DC5BDC-DA5D-4335-841B-1D794FB3F8CC}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{15D6DB3B-8ED6-4534-8861-EBC1FF8879DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{47597B18-B52A-4A19-B51F-3584F917D15F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [TCP Query User{1F537970-4883-4B89-9203-B87686F8F4D1}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{987CEA3B-7EA5-4176-B2E8-BA1BF89F7472}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AAA04367-88B3-4829-A542-8B00819669F5}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C6D8BBD5-140B-466E-969E-52E8D7523DDE}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A71705C7-EE16-412A-AECA-08883BDA26B2}C:\program files\plex\plex\plex.exe] => (Block) C:\program files\plex\plex\plex.exe (Plex, Inc. -> )
FirewallRules: [UDP Query User{9E895220-C99E-4C32-8887-B6EA90FB3AE4}C:\program files\plex\plex\plex.exe] => (Block) C:\program files\plex\plex\plex.exe (Plex, Inc. -> )
FirewallRules: [{0CE4D99C-EDCE-4ED9-964D-922135614E41}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{77C5EB99-C729-4256-AB30-6BB832B923B2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BE1B279-43F5-4190-8C29-4BA689159871}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4B63916-E9EE-4FA4-B544-F71A698EF321}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC4DB832-AAC2-40E2-AD05-FBD553BD2BAD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40DD684B-3496-4FEB-B12C-2B074383E095}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{AE759D8F-5638-4C7C-A2FF-794CB0BF060F}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{02F87721-ABD8-4F7B-8A99-27F7D153EF69}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5E335BA9-7D1E-4BA3-9854-2ADC9FDF099E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{335E3E7A-D20D-41C7-A9FE-7CE070572246}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6ECFB076-3E1A-4B97-B493-94C30FC00D41}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B786481C-57A5-4081-A5FA-1B6E90B7703D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9413002C-7A12-49C1-8A66-5B49DB67A281}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{5E748A61-D76D-4757-A6B6-75963D6C4960}C:\program files (x86)\microsoft\edge\application\121.0.2277.83\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\121.0.2277.83\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F39E06F2-7139-4313-A0AC-F4F944AF657F}C:\program files (x86)\microsoft\edge\application\121.0.2277.83\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\121.0.2277.83\msedge.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

Name: MediaTek Wi-Fi 6E MT7922 160MHz Wireless LAN Card
Description: MediaTek Wi-Fi 6E MT7922 160MHz Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: MediaTek, Inc.
Service: mtkwlex
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (01/29/2024 12:44:25 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (01/29/2024 12:41:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (01/29/2024 12:41:48 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/29/2024 11:24:12 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/28/2024 12:01:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 4968, identifikátor PID ProfSvc: 1704.

Error: (01/28/2024 12:01:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 8580, identifikátor PID ProfSvc: 1704.

Error: (01/28/2024 11:24:12 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/27/2024 11:24:12 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

System errors:
=============
Error: (01/29/2024 12:44:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Avira Security Updater neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/29/2024 12:44:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Security Updater bylo dosaženo časového limitu (30000 ms).

Error: (01/29/2024 12:42:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_64562 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/29/2024 12:42:05 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (01/29/2024 12:41:47 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby SecurityHealthService s argumenty Není k dispozici za účelem spuštění serveru:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (01/29/2024 12:41:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Logi Options+ byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (01/29/2024 12:41:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/29/2024 12:41:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Optimizer Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Windows Defender:
================Event[0]:

Date: 2023-08-27 23:59:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-08-01 15:49:10
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-06-08 10:40:05
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-02-16 13:18:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.383.70.0
Předchozí verze bezpečnostních informací: 1.379.1233.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.20000.2
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80004004
Popis chyby: Operace přerušena

Date: 2023-02-16 13:18:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.383.70.0
Předchozí verze bezpečnostních informací: 1.379.1233.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.20000.2
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80004004
Popis chyby: Operace přerušena

CodeIntegrity:
===============
Date: 2024-01-29 12:46:23
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.18B1 08/19/2013
Motherboard: MSI H77MA-G43 (MS-7756)
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 34%
Total physical RAM: 16332.43 MB
Available physical RAM: 10681.1 MB
Total Virtual: 16332.43 MB
Available Virtual: 9031.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.47 GB) (Free:8.16 GB) (Model: INTEL SSDSC2CW120A3) NTFS
Drive d: (WD RED) (Fixed) (Total:3726.01 GB) (Free:3338.67 GB) (Model: WDC WD40EFPX-68C6CN0) NTFS
Drive e: (WD 5T) (Fixed) (Total:4657.4 GB) (Free:3157.3 GB) (Model: WDC WD50EZRX-00MVLB1) NTFS

\\?\Volume{aa1ad076-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{aa1ad076-0000-0000-0000-30bd1b000000}\ () (Fixed) (Total:0.83 GB) (Free:0.26 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: AA1AD076)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=852 MB) - (Type=27)

==========================================================
Disk: 1 (Protective MBR) (Size: 4657.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#6 Příspěvek od **Rudy** » 29 led 2024 13:33

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\MountPoints2: {8c6e99f0-c368-11eb-9d1c-d43d7e9c209f} - "G:\HiSuiteDownLoader.exe"
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION
Task: {1A4F7BEA-9316-4AA6-989D-A96D1C0B5A78} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {57ED0225-7562-4471-922C-E43B92B5DDDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-08] (Google Inc -> Google Inc.)
Task: {691E5BB7-B5D8-4ED4-B3CE-50B52E461CFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-08] (Google Inc -> Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
C:\Users\red\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File

EmptyTemp:
End

Uložte do C:\Users\red\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

red · #7 Příspěvek od **red** » 29 led 2024 15:51

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2024 01
Ran by red (29-01-2024 15:40:57) Run:1
Running from C:\Users\red\Downloads
Loaded Profiles: red & eu91
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\MountPoints2: {8c6e99f0-c368-11eb-9d1c-d43d7e9c209f} - "G:\HiSuiteDownLoader.exe"
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION
Task: {1A4F7BEA-9316-4AA6-989D-A96D1C0B5A78} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {57ED0225-7562-4471-922C-E43B92B5DDDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-08] (Google Inc -> Google Inc.)
Task: {691E5BB7-B5D8-4ED4-B3CE-50B52E461CFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-08] (Google Inc -> Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
C:\Users\red\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c6e99f0-c368-11eb-9d1c-d43d7e9c209f} => removed successfully
C:\Program Files (x86)\Mozilla Firefox\distribution\policies.json => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A4F7BEA-9316-4AA6-989D-A96D1C0B5A78}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A4F7BEA-9316-4AA6-989D-A96D1C0B5A78}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57ED0225-7562-4471-922C-E43B92B5DDDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57ED0225-7562-4471-922C-E43B92B5DDDE}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{691E5BB7-B5D8-4ED4-B3CE-50B52E461CFB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{691E5BB7-B5D8-4ED4-B3CE-50B52E461CFB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => removed successfully
C:\Users\red\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 44902854 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 166158501 B
Windows/system/drivers => 770202222 B
Edge => 0 B
Chrome => 58916974 B
Firefox => 196765098 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6688 B
systemprofile32 => 6688 B
LocalService => 10722 B
NetworkService => 430729122 B
red => 550205306 B
eu91 => 577770860 B

RecycleBin => 3627520 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 15:41:43 ====

#8 Příspěvek od **Rudy** » 29 led 2024 16:04

Smazáno. Nastala nějaká změna?

red · #9 Příspěvek od **red** » 30 led 2024 11:04

Pěkný den,

moc díky za pomoc - dělá to bohužel stále - i když možná v menší intenzitě. Co mám nově, tak mi na seznamu a novinkách často vyskakuje souhlas s cookies a nejde to odkliknout/zamítnout - obrazovka se rozostří a zasekne se to na nějaký čas a nic nemůžu udělat - maximálně si otevrít novou záložku s jinou stránku v prohlížeči.

#10 Příspěvek od **Rudy** » 30 led 2024 12:53

Co se týká toho Seznamu ( a příp. dalších), musíte si uložit nastavení, aby si prohlížeč pamatoval nastatavení cookies. Pak se vám to nebude vracet. Ještě zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

red · #11 Příspěvek od **red** » 31 led 2024 13:02

Pěkný den,

díky. První bod se mi vůbec nedaří. Zastavilo se to tady

--- Firefox Extensions 11:45:35,16

a dál nic. Trvá to už Hodinu a čtvrt a nic se neděje. A na obrazvce mi samovolne, čas od času problikne: Nun Lock on

Druhý bod jsem zatím nezkoušel.

#12 Příspěvek od **Rudy** » 31 led 2024 13:46

Zkuste v nouz režimu. Junkware by měl běžet i v tom normálním. Pokud to nepůjde, vypadalo by to na systémovou chybu.

red · #13 Příspěvek od **red** » 31 led 2024 16:39

Zkušel jsem to i v nouzovém režimu, zasekne se to stejně - viz níže. Junkware prošel v pohodě log níže.
Po spuštění ZOEK se mi pc začal chovat divně - pořád naskakuje hláška s Nun Lock On a taky mi kurzor pořád skáče na konec stránky - je jedno, jestli to je v prohlížeči, excelu nebo i tad při psaní této zprávy - pořád mi to pořád skáče na konec této zpráva za log, který tu už mám vložený.

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by red on 31.01.2024 at 15:06:21,43.
Microsoft Windows 10 Home 10.0.19045 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\red\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 15:06:43,73 =====

--- Create Environment Variables 15:06:44,78
--- Checking Input 15:06:52,31
--- Reset Hosts File 15:06:57,95
--- AU AppData Check 15:06:58,51
--- Remove From Windows Installer 15:07:00,68
--- Empty Folders Check 15:08:29,64
--- Registry HKLM Software Check 15:08:29,64
--- Quick Launch Shortcut Check 15:08:45,58
--- IE Startpage Check 15:08:50,16
--- Program Files DB Check 15:09:10,67
--- C:\Users\Default\AppData DB Check 15:09:49,94
--- C:\Users\Default.migrated\AppData DB Check 15:09:49,94
--- C:\Users\eu91\AppData DB Check 15:09:49,94
--- C:\Users\red\AppData DB Check 15:09:49,94
--- C:\WINDOWS\SysNative\config\systemprofile\AppData DB Check 15:09:49,94
--- C:\WINDOWS\sysWoW64\config\systemprofile\AppData DB Check 15:09:49,94
--- C:\WINDOWS\serviceprofiles\networkservice\AppData DB Check 15:09:49,94
--- C:\WINDOWS\serviceprofiles\Localservice\AppData DB Check 15:09:49,94
--- C:\Users\red DB Check 15:11:57,30
--- C:\PROGRA~3 DB Check 15:12:19,96
--- C:\Users\Default\AppData\Local DB Check 15:12:26,91
--- C:\Users\Default User\AppData\Local DB Check 15:12:26,91
--- C:\Users\Default.migrated\AppData\Local DB Check 15:12:26,91
--- C:\Users\eu91\AppData\Local DB Check 15:12:26,91
--- C:\Users\red\AppData\Local DB Check 15:12:26,91
--- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local DB Check 15:12:26,91
--- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local DB Check 15:12:26,91
--- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local DB Check 15:12:26,91
--- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local DB Check 15:12:26,91
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 15:14:02,46
--- C:\Users\red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 15:14:10,43
--- Tasks DB Check 15:14:15,52
--- C:\Users\eu91\AppData\LocalLow DB Check 15:14:19,07
--- C:\Users\red\AppData\LocalLow DB Check 15:14:19,07
--- C:\WINDOWS\SysNative\config\systemprofile\AppData\LocalLow DB Check 15:14:19,07
--- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 15:14:19,07
--- C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow DB Check 15:14:19,07
--- C:\WINDOWS\serviceprofiles\Localservice\AppData\LocalLow DB Check 15:14:19,07
--- Tasks2 DB Check 15:15:07,14
--- Documents DB Check 15:15:30,67
--- Documents2 DB Check 15:15:38,21
--- C:\Users\eu91\AppData\Roaming\Mozilla\Firefox\Profiles\nxp19ybf.default-release DB Check 15:15:39,69
--- C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default DB Check 15:15:39,69
--- C:\Users\Public\Desktop DB Check 15:15:43,28
--- C:\Users\red\Desktop DB Check 15:15:47,27
--- Services DB Check 15:15:54,22
--- FF prefs.js DB Check 15:16:21,98
--- Emptyclsid 15:17:26,25
--- Del by CLSID 15:17:28,84
--- Delete Services 15:18:32,73
--- Firefox Fix 15:18:34,73
--- Delete files\folders 15:18:36,48
--- Create Backups 15:18:36,56
--- Firefox Extensions 15:18:40,03

#14 Příspěvek od **Rudy** » 31 led 2024 16:56

JRT tu sice nevidím, ale opravdu to vypadá na chybu systému. Z přík řádku spusťte kontrolu systémových souborů příkazem:

sfc /scannow

a odentrujte.
Proběhne sken a příp. oprava systémových souborů. Dejte vědět, jak to dopadlo.

red · #15 Příspěvek od **red** » 31 led 2024 18:11

Proběhlo to - tady je log - otestuji a dám vědět, zatím se to jeví ok. Dole přídávám zapomenutý log z JRT

2024-01-31 16:54:36, Info CBS TI: --- Initializing Trusted Installer ---
2024-01-31 16:54:36, Info CBS TI: Last boot time: 2024-01-31 16:54:13.500
2024-01-31 16:54:36, Info CBS Starting TrustedInstaller initialization.
2024-01-31 16:54:36, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2024-01-31 16:54:36, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2024-01-31 16:54:36, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2024-01-31 16:54:36, Info CBS Ending TrustedInstaller initialization.
2024-01-31 16:54:36, Info CBS Starting the TrustedInstaller main loop.
2024-01-31 16:54:36, Info CBS TrustedInstaller service starts successfully.
2024-01-31 16:54:36, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2024-01-31 16:54:36, Info CBS Startup processing thread terminated normally
2024-01-31 16:54:36, Info CBS TI: Startup Processing completes, release startup processing lock.
2024-01-31 16:54:37, Info CBS Starting TiWorker initialization.
2024-01-31 16:54:37, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2024-01-31 16:54:37, Info CBS Ending TiWorker initialization.
2024-01-31 16:54:37, Info CBS Starting the TiWorker main loop.
2024-01-31 16:54:37, Info CBS TiWorker starts successfully.
2024-01-31 16:54:37, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2024-01-31 16:54:37, Info CBS Universal Time is: 2024-01-31 15:54:37.039
2024-01-31 16:54:37, Info CBS Loaded Servicing Stack v10.0.19041.3745 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\cbscore.dll
2024-01-31 16:54:37, Info CBS Build: 19041.1.amd64fre.vb_release.191206-1406
2024-01-31 16:54:37, Info CSI 00000001@2024/1/31:15:54:37.039 WcpInitialize: wcp.dll version 10.0.19041.3745 (WinBuild.160101.0800)
2024-01-31 16:54:37, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:9
2024-01-31 16:54:37, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:10
2024-01-31 16:54:37, Info CBS NonStart: Set pending store consistency check.
2024-01-31 16:54:37, Info CBS Session: 31085661_3401008183 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2024-01-31 16:56:38, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2024-01-31 16:56:38, Info CBS TiWorker signaled for shutdown, going to exit.
2024-01-31 16:56:38, Info CBS Deleting the contents of directory: \\?\C:\WINDOWS\CbsTemp
2024-01-31 16:56:38, Info CBS Deletion of: \\?\C:\WINDOWS\CbsTemp successful
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2024-01-31 16:56:38, Info CBS Execution Engine Finalize
2024-01-31 16:56:38, Info CBS Execution Engine Finalize
2024-01-31 16:56:38, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2024-01-31 16:56:38, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2024-01-31 16:56:38, Info CBS Ending the TiWorker main loop.
2024-01-31 16:56:38, Info CBS Starting TiWorker finalization.
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2024-01-31 16:56:38, Info CBS CBS Engine already deactivated
2024-01-31 16:56:38, Info CBS CBS Engine already deactivated
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: CoreResourcesUnload
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: SessionManagerFinalize
2024-01-31 16:56:38, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:10
2024-01-31 16:56:38, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:9
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: WcpUnload
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: DrupUnload
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: CfgMgr32Unload
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: DpxUnload
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: SrUnload
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: CbsEsdUnload
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: CbsEventUnregister
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: AppContainerUnload
2024-01-31 16:56:38, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2024-01-31 16:56:38, Info CBS Ending TiWorker finalization.
2024-01-31 16:56:38, Info CBS Ending the TrustedInstaller main loop.
2024-01-31 16:56:38, Info CBS Starting TrustedInstaller finalization.
2024-01-31 16:56:38, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2024-01-31 16:56:38, Info CBS Ending TrustedInstaller finalization.
2024-01-31 17:15:49, Info CBS TI: --- Initializing Trusted Installer ---
2024-01-31 17:15:49, Info CBS TI: Last boot time: 2024-01-31 16:54:13.500
2024-01-31 17:15:49, Info CBS Starting TrustedInstaller initialization.
2024-01-31 17:15:49, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2024-01-31 17:15:49, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2024-01-31 17:15:49, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2024-01-31 17:15:49, Info CBS Ending TrustedInstaller initialization.
2024-01-31 17:15:49, Info CBS Starting the TrustedInstaller main loop.
2024-01-31 17:15:49, Info CBS TrustedInstaller service starts successfully.
2024-01-31 17:15:49, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2024-01-31 17:15:49, Info CBS Startup processing thread terminated normally
2024-01-31 17:15:49, Info CBS TI: Startup Processing completes, release startup processing lock.
2024-01-31 17:15:49, Info CBS WU creates the package, AppID:<<PROCESS>>: taskhostw.exe, UpdateID:{F398026B-5FFE-4881-8F09-7C2562D4EF39}, revision: 203
2024-01-31 17:15:49, Info CBS Read out cached applicability from TiLight for package: Package_for_KB5020683~31bf3856ad364e35~amd64~~19041.2304.1.3, ApplicableState: 112, CurrentState:0
2024-01-31 17:15:49, Info CBS WU creates the package, AppID:<<PROCESS>>: taskhostw.exe, UpdateID:{5116DF44-F05C-4093-AED4-49D5E4A7CF19}, revision: 201
2024-01-31 17:15:49, Info CBS Read out cached applicability from TiLight for package: Package_for_KB5026037~31bf3856ad364e35~amd64~~19041.2845.1.1, ApplicableState: 64, CurrentState:0
2024-01-31 17:15:49, Info CBS WU creates the package, AppID:<<PROCESS>>: taskhostw.exe, UpdateID:{723469C7-9816-41E2-8FB9-EEF9AA895AD4}, revision: 201
2024-01-31 17:15:49, Info CBS Read out cached applicability from TiLight for package: Package_for_KB5025801~31bf3856ad364e35~amd64~~19041.2788.1.2, ApplicableState: 64, CurrentState:0
2024-01-31 17:15:50, Info CBS Starting TiWorker initialization.
2024-01-31 17:15:50, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2024-01-31 17:15:50, Info CBS Ending TiWorker initialization.
2024-01-31 17:15:50, Info CBS Starting the TiWorker main loop.
2024-01-31 17:15:50, Info CBS TiWorker starts successfully.
2024-01-31 17:15:50, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2024-01-31 17:15:50, Info CBS Universal Time is: 2024-01-31 16:15:50.712
2024-01-31 17:15:50, Info CBS Loaded Servicing Stack v10.0.19041.3745 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\cbscore.dll
2024-01-31 17:15:50, Info CBS Build: 19041.1.amd64fre.vb_release.191206-1406
2024-01-31 17:15:50, Info CSI 00000001@2024/1/31:16:15:50.712 WcpInitialize: wcp.dll version 10.0.19041.3745 (WinBuild.160101.0800)
2024-01-31 17:15:50, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:9
2024-01-31 17:15:50, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:10
2024-01-31 17:15:50, Info CBS NonStart: Set pending store consistency check.
2024-01-31 17:15:50, Info CBS Session: 31085664_3252790266 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2024-01-31 17:15:50, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2024-01-31 17:15:50, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2024-01-31 17:15:50, Info CBS Package Format: PSFX
2024-01-31 17:15:50, Info CBS Package Format: PSFX
2024-01-31 17:15:50, Info CBS Package Format: PSFX
2024-01-31 17:15:50, Info CBS Package Format: PSFX
2024-01-31 17:15:50, Info CBS Appl:LCU package and revision compare set to explicit
2024-01-31 17:15:51, Info CBS Package Format: PSFX
2024-01-31 17:15:51, Info CBS Update.mum in package has 'PackageSupportedFeatures = 0x1
2024-01-31 17:15:51, Info CBS Generate playback status for m_fGeneratePlaybackDeltaWhenPackageHasReverseDeltas: 1
2024-01-31 17:15:51, Info CBS Generate playback status for m_fShouldGeneratePlaybackDeltas: 0
2024-01-31 17:15:51, Info CBS KIR Feature_PlaybackDeltaGeneration is disabled
2024-01-31 17:15:51, Info CBS Package Format: PSFX
2024-01-31 17:15:51, Info CBS Update.mum in package has 'PackageSupportedFeatures = 0x1
2024-01-31 17:15:54, Info CBS Session: 31085664_3294340258 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2024-01-31 17:15:54, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2024-01-31 17:15:54, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2024-01-31 17:15:55, Info CBS Package Format: PSFX
2024-01-31 17:15:55, Info CBS Package Format: PSFX
2024-01-31 17:15:55, Info CBS Package Format: PSFX
2024-01-31 17:15:55, Info CBS Package Format: PSFX
2024-01-31 17:15:55, Info CBS Appl:LCU package and revision compare set to explicit
2024-01-31 17:15:55, Info CBS Package Format: PSFX
2024-01-31 17:15:55, Info CBS Update.mum in package has 'PackageSupportedFeatures = 0x1
2024-01-31 17:15:55, Info CBS Generate playback status for m_fGeneratePlaybackDeltaWhenPackageHasReverseDeltas: 1
2024-01-31 17:15:55, Info CBS Generate playback status for m_fShouldGeneratePlaybackDeltas: 0
2024-01-31 17:15:55, Info CBS KIR Feature_PlaybackDeltaGeneration is disabled
2024-01-31 17:15:55, Info CBS Package Format: PSFX
2024-01-31 17:15:55, Info CBS Update.mum in package has 'PackageSupportedFeatures = 0x1
2024-01-31 17:15:55, Info CBS Session: 31085664_3302443103 initialized by client DISM Package Manager Provider, external staging directory: (null), external registry directory: (null)
2024-01-31 17:15:55, Info CBS Skipping package [Microsoft-OneCore-ApplicationModel-Sync-Desktop-FOD-Package~31bf3856ad364e35~amd64~~10.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:55, Info CBS Skipping package [Microsoft-OneCore-DirectX-Database-FOD-Package~31bf3856ad364e35~amd64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-Client-LanguagePack-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.19041.3803] since it has a release-type [Language Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-Client-LanguagePack-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.19041.3930] since it has a release-type [Language Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-CoreEdition~31bf3856ad364e35~amd64~~10.0.19041.3803] since it has a release-type [Product] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-CoreEdition~31bf3856ad364e35~amd64~~10.0.19041.3930] since it has a release-type [Product] that makes it not superseded
2024-01-31 17:15:56, Info CBS Read out cached package applicability for package: Microsoft-Windows-FodMetadata-Package~31bf3856ad364e35~amd64~~10.0.19041.1, ApplicableState: 112, CurrentState:112
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-Hello-Face-Package~31bf3856ad364e35~amd64~~10.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~11.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-LanguageFeatures-Basic-cs-cz-Package~31bf3856ad364e35~amd64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-LanguageFeatures-Handwriting-cs-cz-Package~31bf3856ad364e35~amd64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-LanguageFeatures-OCR-cs-cz-Package~31bf3856ad364e35~amd64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-LanguageFeatures-TextToSpeech-cs-cz-Package~31bf3856ad364e35~amd64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~~10.0.19041.3803] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~~10.0.19041.3930] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-MSPaint-FoD-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.19041.3758] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-MSPaint-FoD-Package~31bf3856ad364e35~amd64~~10.0.19041.3758] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-MSPaint-FoD-Package~31bf3856ad364e35~wow64~cs-CZ~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-MSPaint-FoD-Package~31bf3856ad364e35~wow64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-Notepad-FoD-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.19041.488] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-Notepad-FoD-Package~31bf3856ad364e35~amd64~~10.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-Notepad-FoD-Package~31bf3856ad364e35~wow64~cs-CZ~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-Notepad-FoD-Package~31bf3856ad364e35~wow64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-PowerShell-ISE-FOD-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-PowerShell-ISE-FOD-Package~31bf3856ad364e35~amd64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-PowerShell-ISE-FOD-Package~31bf3856ad364e35~wow64~cs-CZ~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-PowerShell-ISE-FOD-Package~31bf3856ad364e35~wow64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-Printing-WFS-FoD-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:56, Info CBS Skipping package [Microsoft-Windows-Printing-WFS-FoD-Package~31bf3856ad364e35~amd64~~10.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-ProfessionalEdition~31bf3856ad364e35~amd64~~10.0.19041.3803] since it has a release-type [Product] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-ProfessionalEdition~31bf3856ad364e35~amd64~~10.0.19041.3930] since it has a release-type [Product] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-QuickAssist-Package~31bf3856ad364e35~amd64~~10.0.19041.3758] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-StepsRecorder-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-StepsRecorder-Package~31bf3856ad364e35~amd64~~10.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-StepsRecorder-Package~31bf3856ad364e35~wow64~cs-CZ~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-StepsRecorder-Package~31bf3856ad364e35~wow64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-TabletPCMath-Package~31bf3856ad364e35~amd64~~10.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-UserExperience-Desktop-Package~31bf3856ad364e35~amd64~~10.0.19041.3758] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-WordPad-FoD-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-WordPad-FoD-Package~31bf3856ad364e35~amd64~~10.0.19041.3758] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-WordPad-FoD-Package~31bf3856ad364e35~amd64~~10.0.19041.3930] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-WordPad-FoD-Package~31bf3856ad364e35~wow64~cs-CZ~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-WordPad-FoD-Package~31bf3856ad364e35~wow64~~10.0.19041.1] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [Microsoft-Windows-Xps-Xps-Viewer-Opt-Package~31bf3856ad364e35~amd64~~10.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Skipping package [OpenSSH-Client-Package~31bf3856ad364e35~amd64~~10.0.19041.3636] since it has a release-type [OnDemand Pack] that makes it not superseded
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_DotNetRollup_481~31bf3856ad364e35~amd64~~10.0.9206.1, ApplicableState: 80, CurrentState:80
2024-01-31 17:15:57, Info CBS [Package_for_DotNetRollup_481~31bf3856ad364e35~amd64~~10.0.9206.1] is a top-level package and is deeply superseded
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_DotNetRollup_481~31bf3856ad364e35~amd64~~10.0.9214.4, ApplicableState: 112, CurrentState:112
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_DotNetRollup~31bf3856ad364e35~amd64~~10.0.4682.1, ApplicableState: 112, CurrentState:112
2024-01-31 17:15:57, Info CBS Package Format: PSFX
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_KB4562830~31bf3856ad364e35~amd64~~10.0.1.3, ApplicableState: 112, CurrentState:112
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_KB4580325~31bf3856ad364e35~amd64~~10.0.1.0, ApplicableState: 64, CurrentState:112
2024-01-31 17:15:57, Info CBS Package Format: PSFX
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_KB5003791~31bf3856ad364e35~amd64~~19041.1237.1.3, ApplicableState: 112, CurrentState:112
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_KB5011048~31bf3856ad364e35~amd64~~10.0.9195.7, ApplicableState: 112, CurrentState:112
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_KB5011052~31bf3856ad364e35~amd64~~10.0.1.8028, ApplicableState: 112, CurrentState:112
2024-01-31 17:15:57, Info CBS Package Format: PSFX
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_KB5012170~31bf3856ad364e35~amd64~~19041.1880.1.1, ApplicableState: 64, CurrentState:112
2024-01-31 17:15:57, Info CBS Package Format: PSFX
2024-01-31 17:15:57, Info CBS Read out cached package applicability for package: Package_for_KB5015684~31bf3856ad364e35~amd64~~19041.1799.1.2, ApplicableState: 112, CurrentState:112
2024-01-31 17:15:58, Info CBS Appl:LCU package and revision compare set to explicit
2024-01-31 17:15:58, Info CBS Package Format: PSFX
2024-01-31 17:15:58, Info CBS Update.mum in package has 'PackageSupportedFeatures = 0x1
2024-01-31 17:15:58, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2024-01-31 17:15:58, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2024-01-31 17:15:58, Info CBS Generate playback status for m_fGeneratePlaybackDeltaWhenPackageHasReverseDeltas: 1
2024-01-31 17:15:58, Info CBS Generate playback status for m_fShouldGeneratePlaybackDeltas: 0
2024-01-31 17:15:58, Info CBS KIR Feature_PlaybackDeltaGeneration is disabled
2024-01-31 17:15:58, Info CBS Read out cached package applicability for package: Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3803.1.3, ApplicableState: 80, CurrentState:80
2024-01-31 17:15:58, Info CBS [Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3803.1.3] is a top-level package and is deeply superseded
2024-01-31 17:15:59, Info CBS Appl:LCU package and revision compare set to explicit
2024-01-31 17:15:59, Info CBS Package Format: PSFX
2024-01-31 17:15:59, Info CBS Update.mum in package has 'PackageSupportedFeatures = 0x1
2024-01-31 17:15:59, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2024-01-31 17:15:59, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2024-01-31 17:16:00, Info CBS Generate playback status for m_fGeneratePlaybackDeltaWhenPackageHasReverseDeltas: 1
2024-01-31 17:16:00, Info CBS Generate playback status for m_fShouldGeneratePlaybackDeltas: 0
2024-01-31 17:16:00, Info CBS KIR Feature_PlaybackDeltaGeneration is disabled
2024-01-31 17:16:00, Info CBS Read out cached package applicability for package: Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3930.1.7, ApplicableState: 112, CurrentState:112
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_1704~31bf3856ad364e35~amd64~~19041.1704.1.4] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_1737~31bf3856ad364e35~amd64~~19041.1737.1.2] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_1790~31bf3856ad364e35~amd64~~19041.1790.1.1] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_1852~31bf3856ad364e35~amd64~~19041.1852.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_1940~31bf3856ad364e35~amd64~~19041.1940.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_2180~31bf3856ad364e35~amd64~~19041.2180.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_2300~31bf3856ad364e35~amd64~~19041.2300.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_2664~31bf3856ad364e35~amd64~~19041.2664.1.4] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_2780~31bf3856ad364e35~amd64~~19041.2780.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_2905~31bf3856ad364e35~amd64~~19041.2905.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_3025~31bf3856ad364e35~amd64~~19041.3025.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_3205~31bf3856ad364e35~amd64~~19041.3205.1.1] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_3266~31bf3856ad364e35~amd64~~19041.3266.1.2] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_3385~31bf3856ad364e35~amd64~~19041.3385.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_3562~31bf3856ad364e35~amd64~~19041.3562.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_3684~31bf3856ad364e35~amd64~~19041.3684.1.2] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack_3745~31bf3856ad364e35~amd64~~19041.3745.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack~31bf3856ad364e35~amd64~~19041.1022.1.1] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack~31bf3856ad364e35~amd64~~19041.1081.1.2] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack~31bf3856ad364e35~amd64~~19041.860.1.0] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack~31bf3856ad364e35~amd64~~19041.925.1.1] since it is permanent
2024-01-31 17:16:00, Info CBS Skipping package [Package_for_ServicingStack~31bf3856ad364e35~amd64~~19041.985.1.1] since it is permanent
2024-01-31 17:16:00, Info CBS Package Format: PSFX
2024-01-31 17:16:00, Info CBS Update.mum in package has 'PackageSupportedFeatures = 0x1
2024-01-31 17:16:00, Info CBS Read out cached package applicability for package: Package_for_WinREServicing~31bf3856ad364e35~amd64~~19041.3920.1.0, ApplicableState: 112, CurrentState:112
2024-01-31 17:16:00, Info CBS Appl:LCU package and revision compare set to explicit
2024-01-31 17:16:00, Info CBS Package Format: PSFX
2024-01-31 17:16:00, Info CBS Update.mum in package has 'PackageSupportedFeatures = 0x1
2024-01-31 17:16:00, Info CBS Generate playback status for m_fGeneratePlaybackDeltaWhenPackageHasReverseDeltas: 1
2024-01-31 17:16:00, Info CBS Generate playback status for m_fShouldGeneratePlaybackDeltas: 0
2024-01-31 17:16:00, Info CBS KIR Feature_PlaybackDeltaGeneration is disabled
2024-01-31 17:18:04, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2024-01-31 17:18:04, Info CBS TiWorker signaled for shutdown, going to exit.
2024-01-31 17:18:04, Info CBS Deleting the contents of directory: \\?\C:\WINDOWS\CbsTemp
2024-01-31 17:18:04, Info CBS Deletion of: \\?\C:\WINDOWS\CbsTemp successful
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2024-01-31 17:18:04, Info CBS Execution Engine Finalize
2024-01-31 17:18:04, Info CBS Execution Engine Finalize
2024-01-31 17:18:04, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2024-01-31 17:18:04, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2024-01-31 17:18:04, Info CBS Ending the TiWorker main loop.
2024-01-31 17:18:04, Info CBS Starting TiWorker finalization.
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2024-01-31 17:18:04, Info CBS CBS Engine already deactivated
2024-01-31 17:18:04, Info CBS CBS Engine already deactivated
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: CoreResourcesUnload
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: SessionManagerFinalize
2024-01-31 17:18:04, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:10
2024-01-31 17:18:04, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:9
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: WcpUnload
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: DrupUnload
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: CfgMgr32Unload
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: DpxUnload
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: SrUnload
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: CbsEsdUnload
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: CbsEventUnregister
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: AppContainerUnload
2024-01-31 17:18:04, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2024-01-31 17:18:04, Info CBS Ending TiWorker finalization.
2024-01-31 17:18:04, Info CBS Ending the TrustedInstaller main loop.
2024-01-31 17:18:04, Info CBS Starting TrustedInstaller finalization.
2024-01-31 17:18:04, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2024-01-31 17:18:04, Info CBS Ending TrustedInstaller finalization.
2024-01-31 17:25:49, Info CBS TI: --- Initializing Trusted Installer ---
2024-01-31 17:25:49, Info CBS TI: Last boot time: 2024-01-31 16:54:13.500
2024-01-31 17:25:49, Info CBS Starting TrustedInstaller initialization.
2024-01-31 17:25:49, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2024-01-31 17:25:49, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2024-01-31 17:25:49, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2024-01-31 17:25:49, Info CBS Ending TrustedInstaller initialization.
2024-01-31 17:25:49, Info CBS Starting the TrustedInstaller main loop.
2024-01-31 17:25:49, Info CBS TrustedInstaller service starts successfully.
2024-01-31 17:25:49, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2024-01-31 17:25:49, Info CBS Startup processing thread terminated normally
2024-01-31 17:25:49, Info CBS TI: Startup Processing completes, release startup processing lock.
2024-01-31 17:25:49, Info CBS WU creates the package, AppID:<<PROCESS>>: taskhostw.exe, UpdateID:{F398026B-5FFE-4881-8F09-7C2562D4EF39}, revision: 203
2024-01-31 17:25:49, Info CBS Read out cached applicability from TiLight for package: Package_for_KB5020683~31bf3856ad364e35~amd64~~19041.2304.1.3, ApplicableState: 112, CurrentState:0
2024-01-31 17:25:49, Info CBS WU creates the package, AppID:<<PROCESS>>: taskhostw.exe, UpdateID:{5116DF44-F05C-4093-AED4-49D5E4A7CF19}, revision: 201
2024-01-31 17:25:49, Info CBS Read out cached applicability from TiLight for package: Package_for_KB5026037~31bf3856ad364e35~amd64~~19041.2845.1.1, ApplicableState: 64, CurrentState:0
2024-01-31 17:25:49, Info CBS WU creates the package, AppID:<<PROCESS>>: taskhostw.exe, UpdateID:{723469C7-9816-41E2-8FB9-EEF9AA895AD4}, revision: 201
2024-01-31 17:25:49, Info CBS Read out cached applicability from TiLight for package: Package_for_KB5025801~31bf3856ad364e35~amd64~~19041.2788.1.2, ApplicableState: 64, CurrentState:0
2024-01-31 17:27:50, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2024-01-31 17:27:50, Info CBS Ending the TrustedInstaller main loop.
2024-01-31 17:27:50, Info CBS Starting TrustedInstaller finalization.
2024-01-31 17:27:50, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2024-01-31 17:27:50, Info CBS Ending TrustedInstaller finalization.
2024-01-31 17:50:05, Info CBS TI: --- Initializing Trusted Installer ---
2024-01-31 17:50:05, Info CBS TI: Last boot time: 2024-01-31 16:54:13.500
2024-01-31 17:50:05, Info CBS Starting TrustedInstaller initialization.
2024-01-31 17:50:05, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2024-01-31 17:50:05, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2024-01-31 17:50:05, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2024-01-31 17:50:05, Info CBS Ending TrustedInstaller initialization.
2024-01-31 17:50:05, Info CBS Starting the TrustedInstaller main loop.
2024-01-31 17:50:05, Info CBS TrustedInstaller service starts successfully.
2024-01-31 17:50:05, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2024-01-31 17:50:05, Info CBS Startup processing thread terminated normally
2024-01-31 17:50:05, Info CBS TI: Startup Processing completes, release startup processing lock.
2024-01-31 17:50:06, Info CBS Starting TiWorker initialization.
2024-01-31 17:50:06, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2024-01-31 17:50:06, Info CBS Ending TiWorker initialization.
2024-01-31 17:50:06, Info CBS Starting the TiWorker main loop.
2024-01-31 17:50:06, Info CBS TiWorker starts successfully.
2024-01-31 17:50:06, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2024-01-31 17:50:06, Info CBS TiWorker: Client requests SFP repair object.
2024-01-31 17:50:06, Info CBS Universal Time is: 2024-01-31 16:50:06.683
2024-01-31 17:50:06, Info CBS Loaded Servicing Stack v10.0.19041.3745 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\cbscore.dll
2024-01-31 17:50:06, Info CBS Build: 19041.1.amd64fre.vb_release.191206-1406
2024-01-31 17:50:06, Info CSI 00000001@2024/1/31:16:50:06.683 WcpInitialize: wcp.dll version 10.0.19041.3745 (WinBuild.160101.0800)
2024-01-31 17:50:06, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:9
2024-01-31 17:50:06, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:10
2024-01-31 17:50:06, Info CBS NonStart: Set pending store consistency check.
2024-01-31 17:50:06, Info CSI 00000002@2024/1/31:16:50:06.698 WcpInitialize: wcp.dll version 10.0.19041.3745 (WinBuild.160101.0800)
2024-01-31 17:50:06, Info CSI 00000003 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0x320bfd8e0
2024-01-31 17:50:06, Info CSI 00000004 Poqexec successfully registered in [l:12 ml:13]'SetupExecute'
2024-01-31 17:50:06, Info CSI 00000005 CSI Store 1220114729808 initialized
2024-01-31 17:50:09, Info CSI 00000006 [SR] Verifying 100 components
2024-01-31 17:50:09, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:09, Info CSI 00000008 [SR] Verify complete
2024-01-31 17:50:09, Info CSI 00000009 [SR] Verifying 100 components
2024-01-31 17:50:09, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:09, Info CSI 0000000b [SR] Verify complete
2024-01-31 17:50:09, Info CSI 0000000c [SR] Verifying 100 components
2024-01-31 17:50:09, Info CSI 0000000d [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:10, Info CSI 0000000e [SR] Verify complete
2024-01-31 17:50:10, Info CSI 0000000f [SR] Verifying 100 components
2024-01-31 17:50:10, Info CSI 00000010 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:10, Info CSI 00000011 [SR] Verify complete
2024-01-31 17:50:10, Info CSI 00000012 [SR] Verifying 100 components
2024-01-31 17:50:10, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:10, Info CSI 00000014 [SR] Verify complete
2024-01-31 17:50:11, Info CSI 00000015 [SR] Verifying 100 components
2024-01-31 17:50:11, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:11, Info CSI 00000017 [SR] Verify complete
2024-01-31 17:50:11, Info CSI 00000018 [SR] Verifying 100 components
2024-01-31 17:50:11, Info CSI 00000019 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:11, Info CSI 0000001a [SR] Verify complete
2024-01-31 17:50:11, Info CSI 0000001b [SR] Verifying 100 components
2024-01-31 17:50:11, Info CSI 0000001c [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:12, Info CSI 0000001d [SR] Verify complete
2024-01-31 17:50:12, Info CSI 0000001e [SR] Verifying 100 components
2024-01-31 17:50:12, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:12, Info CSI 00000020 [SR] Verify complete
2024-01-31 17:50:12, Info CSI 00000021 [SR] Verifying 100 components
2024-01-31 17:50:12, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:12, Info CSI 00000023 [SR] Verify complete
2024-01-31 17:50:12, Info CSI 00000024 [SR] Verifying 100 components
2024-01-31 17:50:12, Info CSI 00000025 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:13, Info CSI 00000026 [SR] Verify complete
2024-01-31 17:50:13, Info CSI 00000027 [SR] Verifying 100 components
2024-01-31 17:50:13, Info CSI 00000028 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:14, Info CSI 00000029 [SR] Verify complete
2024-01-31 17:50:14, Info CSI 0000002a [SR] Verifying 100 components
2024-01-31 17:50:14, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:15, Info CSI 0000002c [SR] Verify complete
2024-01-31 17:50:15, Info CSI 0000002d [SR] Verifying 100 components
2024-01-31 17:50:15, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:16, Info CSI 0000002f [SR] Verify complete
2024-01-31 17:50:16, Info CSI 00000030 [SR] Verifying 100 components
2024-01-31 17:50:16, Info CSI 00000031 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:17, Info CSI 00000032 [SR] Verify complete
2024-01-31 17:50:18, Info CSI 00000033 [SR] Verifying 100 components
2024-01-31 17:50:18, Info CSI 00000034 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:21, Info CSI 00000035 [SR] Verify complete
2024-01-31 17:50:21, Info CSI 00000036 [SR] Verifying 100 components
2024-01-31 17:50:21, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:26, Info CSI 00000038 [SR] Verify complete
2024-01-31 17:50:27, Info CSI 00000039 [SR] Verifying 100 components
2024-01-31 17:50:27, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:28, Info CSI 0000003b [SR] Verify complete
2024-01-31 17:50:28, Info CSI 0000003c [SR] Verifying 100 components
2024-01-31 17:50:28, Info CSI 0000003d [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:28, Info CSI 0000003e [SR] Verify complete
2024-01-31 17:50:28, Info CSI 0000003f [SR] Verifying 100 components
2024-01-31 17:50:28, Info CSI 00000040 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:28, Info CSI 00000041 [SR] Verify complete
2024-01-31 17:50:29, Info CSI 00000042 [SR] Verifying 100 components
2024-01-31 17:50:29, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:29, Info CSI 00000044 [SR] Verify complete
2024-01-31 17:50:29, Info CSI 00000045 [SR] Verifying 100 components
2024-01-31 17:50:29, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:30, Info CSI 00000047 CSIPERF - FilePI Queue 210ms
2024-01-31 17:50:31, Info CSI 00000048 [SR] Verify complete
2024-01-31 17:50:31, Info CSI 00000049 [SR] Verifying 100 components
2024-01-31 17:50:31, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:31, Info CSI 0000004b [SR] Verify complete
2024-01-31 17:50:31, Info CSI 0000004c [SR] Verifying 100 components
2024-01-31 17:50:31, Info CSI 0000004d [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:32, Info CSI 0000004e [SR] Verify complete
2024-01-31 17:50:32, Info CSI 0000004f [SR] Verifying 100 components
2024-01-31 17:50:32, Info CSI 00000050 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:33, Info CSI 00000051 [SR] Verify complete
2024-01-31 17:50:33, Info CSI 00000052 [SR] Verifying 100 components
2024-01-31 17:50:33, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:35, Info CSI 00000054 [SR] Verify complete
2024-01-31 17:50:35, Info CSI 00000055 [SR] Verifying 100 components
2024-01-31 17:50:35, Info CSI 00000056 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:36, Info CSI 00000057 [SR] Verify complete
2024-01-31 17:50:36, Info CSI 00000058 [SR] Verifying 100 components
2024-01-31 17:50:36, Info CSI 00000059 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:37, Info CSI 0000005a [SR] Verify complete
2024-01-31 17:50:37, Info CSI 0000005b [SR] Verifying 100 components
2024-01-31 17:50:37, Info CSI 0000005c [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:38, Info CSI 0000005d [SR] Verify complete
2024-01-31 17:50:38, Info CSI 0000005e [SR] Verifying 100 components
2024-01-31 17:50:38, Info CSI 0000005f [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:39, Info CSI 00000060 [SR] Verify complete
2024-01-31 17:50:39, Info CSI 00000061 [SR] Verifying 100 components
2024-01-31 17:50:39, Info CSI 00000062 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:41, Info CSI 00000063 CSIPERF - FilePI Queue 127ms
2024-01-31 17:50:41, Info CSI 00000064 [SR] Verify complete
2024-01-31 17:50:42, Info CSI 00000065 [SR] Verifying 100 components
2024-01-31 17:50:42, Info CSI 00000066 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:42, Info CSI 00000067 [SR] Verify complete
2024-01-31 17:50:42, Info CSI 00000068 [SR] Verifying 100 components
2024-01-31 17:50:42, Info CSI 00000069 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:44, Info CSI 0000006a [SR] Verify complete
2024-01-31 17:50:44, Info CSI 0000006b [SR] Verifying 100 components
2024-01-31 17:50:44, Info CSI 0000006c [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:45, Info CSI 0000006d [SR] Verify complete
2024-01-31 17:50:45, Info CSI 0000006e [SR] Verifying 100 components
2024-01-31 17:50:45, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:46, Info CSI 00000070 CSIPERF - FilePI Queue 148ms
2024-01-31 17:50:46, Info CSI 00000071 [SR] Verify complete
2024-01-31 17:50:47, Info CSI 00000072 [SR] Verifying 100 components
2024-01-31 17:50:47, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:48, Info CSI 00000074 [SR] Verify complete
2024-01-31 17:50:48, Info CSI 00000075 [SR] Verifying 100 components
2024-01-31 17:50:48, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:49, Info CSI 00000077 [SR] Verify complete
2024-01-31 17:50:49, Info CSI 00000078 [SR] Verifying 100 components
2024-01-31 17:50:49, Info CSI 00000079 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:49, Info CSI 0000007a [SR] Verify complete
2024-01-31 17:50:50, Info CSI 0000007b [SR] Verifying 100 components
2024-01-31 17:50:50, Info CSI 0000007c [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:50, Info CSI 0000007d [SR] Verify complete
2024-01-31 17:50:50, Info CSI 0000007e [SR] Verifying 100 components
2024-01-31 17:50:50, Info CSI 0000007f [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:51, Info CSI 00000080 [SR] Verify complete
2024-01-31 17:50:51, Info CSI 00000081 [SR] Verifying 100 components
2024-01-31 17:50:51, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:52, Info CSI 00000083 [SR] Verify complete
2024-01-31 17:50:52, Info CSI 00000084 [SR] Verifying 100 components
2024-01-31 17:50:52, Info CSI 00000085 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:54, Info CSI 00000086 [SR] Verify complete
2024-01-31 17:50:54, Info CSI 00000087 [SR] Verifying 100 components
2024-01-31 17:50:54, Info CSI 00000088 [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:56, Info CSI 00000089 [SR] Verify complete
2024-01-31 17:50:56, Info CSI 0000008a [SR] Verifying 100 components
2024-01-31 17:50:56, Info CSI 0000008b [SR] Beginning Verify and Repair transaction
2024-01-31 17:50:57, Info CSI 0000008c CSIPERF - FilePI Queue 177ms
2024-01-31 17:50:58, Info CSI 0000008d [SR] Verify complete
2024-01-31 17:50:58, Info CSI 0000008e [SR] Verifying 100 components
2024-01-31 17:50:58, Info CSI 0000008f [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:00, Info CSI 00000090 [SR] Verify complete
2024-01-31 17:51:00, Info CSI 00000091 [SR] Verifying 100 components
2024-01-31 17:51:00, Info CSI 00000092 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:02, Info CSI 00000093 Warning: Overlap: Directory \??\C:\WINDOWS\System32\drivers\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:51:02, Info CSI 00000094 Warning: Overlap: Directory \??\C:\WINDOWS\System32\wbem\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:51:02, Info CSI 00000095 Warning: Overlap: Directory \??\C:\WINDOWS\help\mui\0409\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:51:02, Info CSI 00000096 [SR] Verify complete
2024-01-31 17:51:02, Info CSI 00000097 [SR] Verifying 100 components
2024-01-31 17:51:02, Info CSI 00000098 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:05, Info CSI 00000099 [SR] Verify complete
2024-01-31 17:51:05, Info CSI 0000009a [SR] Verifying 100 components
2024-01-31 17:51:05, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:07, Info CSI 0000009c CSIPERF - FilePI Queue 168ms
2024-01-31 17:51:07, Info CSI 0000009d [SR] Verify complete
2024-01-31 17:51:07, Info CSI 0000009e [SR] Verifying 100 components
2024-01-31 17:51:07, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:08, Info CSI 000000a0 [SR] Verify complete
2024-01-31 17:51:08, Info CSI 000000a1 [SR] Verifying 100 components
2024-01-31 17:51:08, Info CSI 000000a2 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:11, Info CSI 000000a3 CSIPERF - FilePI Queue 269ms
2024-01-31 17:51:11, Info CSI 000000a4 CSIPERF - FilePI Queue 140ms
2024-01-31 17:51:11, Info CSI 000000a5 [SR] Verify complete
2024-01-31 17:51:11, Info CSI 000000a6 [SR] Verifying 100 components
2024-01-31 17:51:11, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:12, Info CSI 000000a8 [SR] Verify complete
2024-01-31 17:51:12, Info CSI 000000a9 [SR] Verifying 100 components
2024-01-31 17:51:12, Info CSI 000000aa [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:13, Info CSI 000000ab [SR] Verify complete
2024-01-31 17:51:13, Info CSI 000000ac [SR] Verifying 100 components
2024-01-31 17:51:13, Info CSI 000000ad [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:14, Info CSI 000000ae [SR] Verify complete
2024-01-31 17:51:14, Info CSI 000000af [SR] Verifying 100 components
2024-01-31 17:51:14, Info CSI 000000b0 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:16, Info CSI 000000b1 CSIPERF - FilePI Queue 117ms
2024-01-31 17:51:16, Info CSI 000000b2 [SR] Verify complete
2024-01-31 17:51:16, Info CSI 000000b3 [SR] Verifying 100 components
2024-01-31 17:51:16, Info CSI 000000b4 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:17, Info CSI 000000b5 CSIPERF - FilePI Queue 156ms
2024-01-31 17:51:18, Info CSI 000000b6 [SR] Verify complete
2024-01-31 17:51:18, Info CSI 000000b7 [SR] Verifying 100 components
2024-01-31 17:51:18, Info CSI 000000b8 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:19, Info CSI 000000b9 [SR] Verify complete
2024-01-31 17:51:19, Info CSI 000000ba [SR] Verifying 100 components
2024-01-31 17:51:19, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:20, Info CSI 000000bc [SR] Verify complete
2024-01-31 17:51:20, Info CSI 000000bd [SR] Verifying 100 components
2024-01-31 17:51:20, Info CSI 000000be [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:21, Info CSI 000000bf [SR] Verify complete
2024-01-31 17:51:21, Info CSI 000000c0 [SR] Verifying 100 components
2024-01-31 17:51:21, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:21, Info CSI 000000c2 [SR] Verify complete
2024-01-31 17:51:22, Info CSI 000000c3 [SR] Verifying 100 components
2024-01-31 17:51:22, Info CSI 000000c4 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:24, Info CSI 000000c5 CSIPERF - FilePI Queue 158ms
2024-01-31 17:51:24, Info CSI 000000c6 [SR] Verify complete
2024-01-31 17:51:24, Info CSI 000000c7 [SR] Verifying 100 components
2024-01-31 17:51:24, Info CSI 000000c8 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:25, Info CSI 000000c9 CSIPERF - FilePI Queue 101ms
2024-01-31 17:51:25, Info CSI 000000ca [SR] Verify complete
2024-01-31 17:51:25, Info CSI 000000cb [SR] Verifying 100 components
2024-01-31 17:51:25, Info CSI 000000cc [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:27, Info CSI 000000cd CSIPERF - FilePI Queue 194ms
2024-01-31 17:51:27, Info CSI 000000ce [SR] Verify complete
2024-01-31 17:51:27, Info CSI 000000cf [SR] Verifying 100 components
2024-01-31 17:51:27, Info CSI 000000d0 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:28, Info CSI 000000d1 [SR] Verify complete
2024-01-31 17:51:28, Info CSI 000000d2 [SR] Verifying 100 components
2024-01-31 17:51:28, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:29, Info CSI 000000d4 [SR] Verify complete
2024-01-31 17:51:29, Info CSI 000000d5 [SR] Verifying 100 components
2024-01-31 17:51:29, Info CSI 000000d6 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:30, Info CSI 000000d7 [SR] Verify complete
2024-01-31 17:51:31, Info CSI 000000d8 [SR] Verifying 100 components
2024-01-31 17:51:31, Info CSI 000000d9 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:32, Info CSI 000000da [SR] Verify complete
2024-01-31 17:51:32, Info CSI 000000db [SR] Verifying 100 components
2024-01-31 17:51:32, Info CSI 000000dc [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:33, Info CSI 000000dd [SR] Verify complete
2024-01-31 17:51:33, Info CSI 000000de [SR] Verifying 100 components
2024-01-31 17:51:33, Info CSI 000000df [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:34, Info CSI 000000e0 [SR] Verify complete
2024-01-31 17:51:34, Info CSI 000000e1 [SR] Verifying 100 components
2024-01-31 17:51:34, Info CSI 000000e2 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:35, Info CSI 000000e3 CSIPERF - FilePI Queue 136ms
2024-01-31 17:51:35, Info CSI 000000e4 [SR] Verify complete
2024-01-31 17:51:35, Info CSI 000000e5 [SR] Verifying 100 components
2024-01-31 17:51:35, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:36, Info CSI 000000e7 [SR] Verify complete
2024-01-31 17:51:36, Info CSI 000000e8 [SR] Verifying 100 components
2024-01-31 17:51:36, Info CSI 000000e9 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:37, Info CSI 000000ea [SR] Verify complete
2024-01-31 17:51:37, Info CSI 000000eb [SR] Verifying 100 components
2024-01-31 17:51:37, Info CSI 000000ec [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:39, Info CSI 000000ed [SR] Verify complete
2024-01-31 17:51:39, Info CSI 000000ee [SR] Verifying 100 components
2024-01-31 17:51:39, Info CSI 000000ef [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:39, Info CSI 000000f0 [SR] Verify complete
2024-01-31 17:51:39, Info CSI 000000f1 [SR] Verifying 100 components
2024-01-31 17:51:39, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:40, Info CSI 000000f3 [SR] Verify complete
2024-01-31 17:51:40, Info CSI 000000f4 [SR] Verifying 100 components
2024-01-31 17:51:40, Info CSI 000000f5 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:41, Info CSI 000000f6 [SR] Verify complete
2024-01-31 17:51:41, Info CSI 000000f7 [SR] Verifying 100 components
2024-01-31 17:51:41, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:42, Info CSI 000000f9 [SR] Verify complete
2024-01-31 17:51:42, Info CSI 000000fa [SR] Verifying 100 components
2024-01-31 17:51:42, Info CSI 000000fb [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:44, Info CSI 000000fc [SR] Verify complete
2024-01-31 17:51:44, Info CSI 000000fd [SR] Verifying 100 components
2024-01-31 17:51:44, Info CSI 000000fe [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:46, Info CSI 000000ff [SR] Verify complete
2024-01-31 17:51:46, Info CSI 00000100 [SR] Verifying 100 components
2024-01-31 17:51:46, Info CSI 00000101 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:47, Info CSI 00000102 [SR] Verify complete
2024-01-31 17:51:47, Info CSI 00000103 [SR] Verifying 100 components
2024-01-31 17:51:47, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:49, Info CSI 00000105 [SR] Verify complete
2024-01-31 17:51:49, Info CSI 00000106 [SR] Verifying 100 components
2024-01-31 17:51:49, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:51, Info CSI 00000108 [SR] Verify complete
2024-01-31 17:51:51, Info CSI 00000109 [SR] Verifying 100 components
2024-01-31 17:51:51, Info CSI 0000010a [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:53, Info CSI 0000010b [SR] Verify complete
2024-01-31 17:51:53, Info CSI 0000010c [SR] Verifying 100 components
2024-01-31 17:51:53, Info CSI 0000010d [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:55, Info CSI 0000010e Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:51:55, Info CSI 0000010f Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:51:55, Info CSI 00000110 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:51:55, Info CSI 00000111 CSIPERF - FilePI Queue 106ms
2024-01-31 17:51:55, Info CSI 00000112 [SR] Verify complete
2024-01-31 17:51:55, Info CSI 00000113 [SR] Verifying 100 components
2024-01-31 17:51:55, Info CSI 00000114 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:57, Info CSI 00000115 [SR] Verify complete
2024-01-31 17:51:57, Info CSI 00000116 [SR] Verifying 100 components
2024-01-31 17:51:57, Info CSI 00000117 [SR] Beginning Verify and Repair transaction
2024-01-31 17:51:59, Info CSI 00000118 [SR] Verify complete
2024-01-31 17:51:59, Info CSI 00000119 [SR] Verifying 100 components
2024-01-31 17:51:59, Info CSI 0000011a [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:00, Info CSI 0000011b CSIPERF - FilePI Queue 105ms
2024-01-31 17:52:00, Info CSI 0000011c [SR] Verify complete
2024-01-31 17:52:00, Info CSI 0000011d [SR] Verifying 100 components
2024-01-31 17:52:00, Info CSI 0000011e [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:02, Info CSI 0000011f [SR] Verify complete
2024-01-31 17:52:02, Info CSI 00000120 [SR] Verifying 100 components
2024-01-31 17:52:02, Info CSI 00000121 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:03, Info CSI 00000122 [SR] Verify complete
2024-01-31 17:52:04, Info CSI 00000123 [SR] Verifying 100 components
2024-01-31 17:52:04, Info CSI 00000124 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:05, Info CSI 00000125 [SR] Verify complete
2024-01-31 17:52:05, Info CSI 00000126 [SR] Verifying 100 components
2024-01-31 17:52:05, Info CSI 00000127 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:07, Info CSI 00000128 [SR] Verify complete
2024-01-31 17:52:07, Info CSI 00000129 [SR] Verifying 100 components
2024-01-31 17:52:07, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:09, Info CSI 0000012b CSIPERF - FilePI Queue 215ms
2024-01-31 17:52:09, Info CSI 0000012c [SR] Verify complete
2024-01-31 17:52:10, Info CSI 0000012d [SR] Verifying 100 components
2024-01-31 17:52:10, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:11, Info CSI 0000012f [SR] Verify complete
2024-01-31 17:52:11, Info CSI 00000130 [SR] Verifying 100 components
2024-01-31 17:52:11, Info CSI 00000131 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:12, Info CSI 00000132 [SR] Verify complete
2024-01-31 17:52:12, Info CSI 00000133 [SR] Verifying 100 components
2024-01-31 17:52:12, Info CSI 00000134 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:13, Info CSI 00000135 [SR] Verify complete
2024-01-31 17:52:13, Info CSI 00000136 [SR] Verifying 100 components
2024-01-31 17:52:13, Info CSI 00000137 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:14, Info CSI 00000138 CSIPERF - FilePI Queue 150ms
2024-01-31 17:52:14, Info CSI 00000139 [SR] Verify complete
2024-01-31 17:52:15, Info CSI 0000013a [SR] Verifying 100 components
2024-01-31 17:52:15, Info CSI 0000013b [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:16, Info CSI 0000013c [SR] Verify complete
2024-01-31 17:52:16, Info CSI 0000013d [SR] Verifying 100 components
2024-01-31 17:52:16, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:17, Info CSI 0000013f [SR] Verify complete
2024-01-31 17:52:17, Info CSI 00000140 [SR] Verifying 100 components
2024-01-31 17:52:17, Info CSI 00000141 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:18, Info CSI 00000142 [SR] Verify complete
2024-01-31 17:52:18, Info CSI 00000143 [SR] Verifying 100 components
2024-01-31 17:52:18, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:19, Info CSI 00000145 [SR] Verify complete
2024-01-31 17:52:20, Info CSI 00000146 [SR] Verifying 100 components
2024-01-31 17:52:20, Info CSI 00000147 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:20, Info CSI 00000148 [SR] Verify complete
2024-01-31 17:52:20, Info CSI 00000149 [SR] Verifying 100 components
2024-01-31 17:52:20, Info CSI 0000014a [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:21, Info CSI 0000014b [SR] Verify complete
2024-01-31 17:52:21, Info CSI 0000014c [SR] Verifying 100 components
2024-01-31 17:52:21, Info CSI 0000014d [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:22, Info CSI 0000014e [SR] Verify complete
2024-01-31 17:52:22, Info CSI 0000014f [SR] Verifying 100 components
2024-01-31 17:52:22, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:23, Info CSI 00000151 CSIPERF - FilePI Queue 168ms
2024-01-31 17:52:23, Info CSI 00000152 [SR] Verify complete
2024-01-31 17:52:23, Info CSI 00000153 [SR] Verifying 100 components
2024-01-31 17:52:23, Info CSI 00000154 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:24, Info CSI 00000155 [SR] Verify complete
2024-01-31 17:52:24, Info CSI 00000156 [SR] Verifying 100 components
2024-01-31 17:52:24, Info CSI 00000157 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:25, Info CSI 00000158 [SR] Verify complete
2024-01-31 17:52:25, Info CSI 00000159 [SR] Verifying 100 components
2024-01-31 17:52:25, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:26, Info CSI 0000015b [SR] Verify complete
2024-01-31 17:52:26, Info CSI 0000015c [SR] Verifying 100 components
2024-01-31 17:52:26, Info CSI 0000015d [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:27, Info CSI 0000015e [SR] Verify complete
2024-01-31 17:52:27, Info CSI 0000015f [SR] Verifying 100 components
2024-01-31 17:52:27, Info CSI 00000160 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:28, Info CSI 00000161 [SR] Verify complete
2024-01-31 17:52:28, Info CSI 00000162 [SR] Verifying 100 components
2024-01-31 17:52:28, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:29, Info CSI 00000164 [SR] Verify complete
2024-01-31 17:52:29, Info CSI 00000165 [SR] Verifying 100 components
2024-01-31 17:52:29, Info CSI 00000166 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:30, Info CSI 00000167 [SR] Verify complete
2024-01-31 17:52:30, Info CSI 00000168 [SR] Verifying 100 components
2024-01-31 17:52:30, Info CSI 00000169 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:32, Info CSI 0000016a CSIPERF - FilePI Queue 419ms
2024-01-31 17:52:32, Info CSI 0000016b [SR] Verify complete
2024-01-31 17:52:32, Info CSI 0000016c [SR] Verifying 100 components
2024-01-31 17:52:32, Info CSI 0000016d [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:33, Info CSI 0000016e [SR] Verify complete
2024-01-31 17:52:33, Info CSI 0000016f [SR] Verifying 100 components
2024-01-31 17:52:33, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:34, Info CSI 00000171 [SR] Verify complete
2024-01-31 17:52:34, Info CSI 00000172 [SR] Verifying 100 components
2024-01-31 17:52:34, Info CSI 00000173 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:35, Info CSI 00000174 [SR] Verify complete
2024-01-31 17:52:35, Info CSI 00000175 [SR] Verifying 100 components
2024-01-31 17:52:35, Info CSI 00000176 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:36, Info CSI 00000177 CSIPERF - FilePI Queue 150ms
2024-01-31 17:52:36, Info CSI 00000178 [SR] Verify complete
2024-01-31 17:52:36, Info CSI 00000179 [SR] Verifying 100 components
2024-01-31 17:52:36, Info CSI 0000017a [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:37, Info CSI 0000017b [SR] Verify complete
2024-01-31 17:52:37, Info CSI 0000017c [SR] Verifying 100 components
2024-01-31 17:52:37, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:38, Info CSI 0000017e [SR] Verify complete
2024-01-31 17:52:38, Info CSI 0000017f [SR] Verifying 100 components
2024-01-31 17:52:38, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:39, Info CSI 00000181 [SR] Verify complete
2024-01-31 17:52:39, Info CSI 00000182 [SR] Verifying 100 components
2024-01-31 17:52:39, Info CSI 00000183 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:40, Info CSI 00000184 [SR] Verify complete
2024-01-31 17:52:40, Info CSI 00000185 [SR] Verifying 100 components
2024-01-31 17:52:40, Info CSI 00000186 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:41, Info CSI 00000187 [SR] Verify complete
2024-01-31 17:52:41, Info CSI 00000188 [SR] Verifying 100 components
2024-01-31 17:52:41, Info CSI 00000189 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:42, Info CSI 0000018a [SR] Verify complete
2024-01-31 17:52:42, Info CSI 0000018b [SR] Verifying 100 components
2024-01-31 17:52:42, Info CSI 0000018c [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:43, Info CSI 0000018d [SR] Verify complete
2024-01-31 17:52:43, Info CSI 0000018e [SR] Verifying 100 components
2024-01-31 17:52:43, Info CSI 0000018f [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:43, Info CSI 00000190 Warning: Overlap: Directory \??\C:\WINDOWS\SysWOW64\drivers\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:52:43, Info CSI 00000191 Warning: Overlap: Directory \??\C:\WINDOWS\SysWOW64\wbem\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:52:43, Info CSI 00000192 Warning: Overlap: Directory \??\C:\WINDOWS\help\mui\0409\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:52:44, Info CSI 00000193 [SR] Verify complete
2024-01-31 17:52:44, Info CSI 00000194 [SR] Verifying 100 components
2024-01-31 17:52:44, Info CSI 00000195 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:44, Info CSI 00000196 [SR] Verify complete
2024-01-31 17:52:45, Info CSI 00000197 [SR] Verifying 100 components
2024-01-31 17:52:45, Info CSI 00000198 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:45, Info CSI 00000199 [SR] Verify complete
2024-01-31 17:52:45, Info CSI 0000019a [SR] Verifying 100 components
2024-01-31 17:52:45, Info CSI 0000019b [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:46, Info CSI 0000019c [SR] Verify complete
2024-01-31 17:52:46, Info CSI 0000019d [SR] Verifying 100 components
2024-01-31 17:52:46, Info CSI 0000019e [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:47, Info CSI 0000019f [SR] Verify complete
2024-01-31 17:52:47, Info CSI 000001a0 [SR] Verifying 100 components
2024-01-31 17:52:47, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:49, Info CSI 000001a2 CSIPERF - FilePI Queue 114ms
2024-01-31 17:52:49, Info CSI 000001a3 [SR] Verify complete
2024-01-31 17:52:49, Info CSI 000001a4 [SR] Verifying 100 components
2024-01-31 17:52:49, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:50, Info CSI 000001a6 [SR] Verify complete
2024-01-31 17:52:50, Info CSI 000001a7 [SR] Verifying 100 components
2024-01-31 17:52:50, Info CSI 000001a8 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:52, Info CSI 000001a9 [SR] Verify complete
2024-01-31 17:52:52, Info CSI 000001aa [SR] Verifying 100 components
2024-01-31 17:52:52, Info CSI 000001ab [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:54, Info CSI 000001ac [SR] Verify complete
2024-01-31 17:52:54, Info CSI 000001ad [SR] Verifying 100 components
2024-01-31 17:52:54, Info CSI 000001ae [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:55, Info CSI 000001af [SR] Verify complete
2024-01-31 17:52:55, Info CSI 000001b0 [SR] Verifying 100 components
2024-01-31 17:52:55, Info CSI 000001b1 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:57, Info CSI 000001b2 [SR] Repairing file \??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\\OneDrive.lnk from store
2024-01-31 17:52:57, Info CSI 000001b3 CSIPERF - FilePI Queue 143ms
2024-01-31 17:52:57, Info CSI 000001b4 [SR] Verify complete
2024-01-31 17:52:57, Info CSI 000001b5 [SR] Verifying 100 components
2024-01-31 17:52:57, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
2024-01-31 17:52:59, Info CSI 000001b7 [SR] Verify complete
2024-01-31 17:52:59, Info CSI 000001b8 [SR] Verifying 100 components
2024-01-31 17:52:59, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:00, Info CSI 000001ba [SR] Verify complete
2024-01-31 17:53:00, Info CSI 000001bb [SR] Verifying 100 components
2024-01-31 17:53:00, Info CSI 000001bc [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:01, Info CSI 000001bd [SR] Verify complete
2024-01-31 17:53:01, Info CSI 000001be [SR] Verifying 100 components
2024-01-31 17:53:01, Info CSI 000001bf [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:03, Info CSI 000001c0 [SR] Verify complete
2024-01-31 17:53:03, Info CSI 000001c1 [SR] Verifying 100 components
2024-01-31 17:53:03, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:04, Info CSI 000001c3 [SR] Verify complete
2024-01-31 17:53:04, Info CSI 000001c4 [SR] Verifying 100 components
2024-01-31 17:53:04, Info CSI 000001c5 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:06, Info CSI 000001c6 Warning: Overlap: Directory \??\C:\Program Files (x86)\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:53:06, Info CSI 000001c7 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:53:06, Info CSI 000001c8 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:53:06, Info CSI 000001c9 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.3930, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2024-01-31 17:53:06, Info CSI 000001ca [SR] Verify complete
2024-01-31 17:53:06, Info CSI 000001cb [SR] Verifying 100 components
2024-01-31 17:53:06, Info CSI 000001cc [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:08, Info CSI 000001cd [SR] Verify complete
2024-01-31 17:53:08, Info CSI 000001ce [SR] Verifying 100 components
2024-01-31 17:53:08, Info CSI 000001cf [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:09, Info CSI 000001d0 [SR] Verify complete
2024-01-31 17:53:09, Info CSI 000001d1 [SR] Verifying 100 components
2024-01-31 17:53:09, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:11, Info CSI 000001d3 [SR] Verify complete
2024-01-31 17:53:11, Info CSI 000001d4 [SR] Verifying 100 components
2024-01-31 17:53:11, Info CSI 000001d5 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:13, Info CSI 000001d6 [SR] Verify complete
2024-01-31 17:53:13, Info CSI 000001d7 [SR] Verifying 100 components
2024-01-31 17:53:13, Info CSI 000001d8 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:14, Info CSI 000001d9 CSIPERF - FilePI Queue 146ms
2024-01-31 17:53:15, Info CSI 000001da [SR] Verify complete
2024-01-31 17:53:15, Info CSI 000001db [SR] Verifying 100 components
2024-01-31 17:53:15, Info CSI 000001dc [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:16, Info CSI 000001dd [SR] Verify complete
2024-01-31 17:53:16, Info CSI 000001de [SR] Verifying 100 components
2024-01-31 17:53:16, Info CSI 000001df [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:17, Info CSI 000001e0 [SR] Verify complete
2024-01-31 17:53:17, Info CSI 000001e1 [SR] Verifying 100 components
2024-01-31 17:53:17, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:19, Info CSI 000001e3 [SR] Verify complete
2024-01-31 17:53:19, Info CSI 000001e4 [SR] Verifying 100 components
2024-01-31 17:53:19, Info CSI 000001e5 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:20, Info CSI 000001e6 [SR] Verify complete
2024-01-31 17:53:20, Info CSI 000001e7 [SR] Verifying 100 components
2024-01-31 17:53:20, Info CSI 000001e8 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:21, Info CSI 000001e9 [SR] Verify complete
2024-01-31 17:53:21, Info CSI 000001ea [SR] Verifying 100 components
2024-01-31 17:53:21, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:22, Info CSI 000001ec [SR] Verify complete
2024-01-31 17:53:22, Info CSI 000001ed [SR] Verifying 100 components
2024-01-31 17:53:22, Info CSI 000001ee [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:25, Info CSI 000001ef [SR] Verify complete
2024-01-31 17:53:25, Info CSI 000001f0 [SR] Verifying 100 components
2024-01-31 17:53:25, Info CSI 000001f1 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:26, Info CSI 000001f2 [SR] Verify complete
2024-01-31 17:53:26, Info CSI 000001f3 [SR] Verifying 100 components
2024-01-31 17:53:26, Info CSI 000001f4 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:26, Info CSI 000001f5 [SR] Verify complete
2024-01-31 17:53:26, Info CSI 000001f6 [SR] Verifying 100 components
2024-01-31 17:53:26, Info CSI 000001f7 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:27, Info CSI 000001f8 CSIPERF - FilePI Queue 149ms
2024-01-31 17:53:28, Info CSI 000001f9 [SR] Verify complete
2024-01-31 17:53:28, Info CSI 000001fa [SR] Verifying 100 components
2024-01-31 17:53:28, Info CSI 000001fb [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:28, Info CSI 000001fc [SR] Verify complete
2024-01-31 17:53:28, Info CSI 000001fd [SR] Verifying 19 components
2024-01-31 17:53:28, Info CSI 000001fe [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:29, Info CSI 000001ff [SR] Verify complete
2024-01-31 17:53:29, Info CSI 00000200 [SR] Repairing 1 components
2024-01-31 17:53:29, Info CSI 00000201 [SR] Beginning Verify and Repair transaction
2024-01-31 17:53:29, Info CSI 00000202 [SR] Repairing file \??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\\OneDrive.lnk from store
2024-01-31 17:53:29, Info CSI 00000203 CSIPERF - FilePI Queue 148ms
2024-01-31 17:53:29, Info CSI 00000204 [SR] Repair complete
2024-01-31 17:53:29, Info CSI 00000205 [SR] Committing transaction
2024-01-31 17:53:29, Info CSI 00000206 Creating NT transaction (seq 1)
2024-01-31 17:53:29, Info CSI 00000207 Created NT transaction (seq 1) result 0x00000000, handle @0x10a8
2024-01-31 17:53:29, Info CSI 00000208 Transaction UoW: {faefcf6e-c050-11ee-9daa-e8fb1cd3d138} for BeginTransaction
2024-01-31 17:53:29, Info CSI 00000209@2024/1/31:16:53:29.374 Beginning NT transaction commit...
2024-01-31 17:53:29, Info CSI 0000020a Transaction UoW: {faefcf6e-c050-11ee-9daa-e8fb1cd3d138} for CommitTransaction
2024-01-31 17:53:29, Info CSI 0000020b@2024/1/31:16:53:29.374 CSI perf trace:
CSIPERF:TXCOMMIT;1135
2024-01-31 17:53:29, Info CSI 0000020c [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
2024-01-31 17:55:30, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2024-01-31 17:55:30, Info CBS TiWorker signaled for shutdown, going to exit.
2024-01-31 17:55:30, Info CBS Deleting the contents of directory: \\?\C:\WINDOWS\CbsTemp
2024-01-31 17:55:30, Info CBS Deletion of: \\?\C:\WINDOWS\CbsTemp successful
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2024-01-31 17:55:30, Info CBS Execution Engine Finalize
2024-01-31 17:55:30, Info CBS Execution Engine Finalize
2024-01-31 17:55:30, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2024-01-31 17:55:30, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2024-01-31 17:55:30, Info CBS Ending the TiWorker main loop.
2024-01-31 17:55:30, Info CBS Starting TiWorker finalization.
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2024-01-31 17:55:30, Info CBS CBS Engine already deactivated
2024-01-31 17:55:30, Info CBS CBS Engine already deactivated
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: CoreResourcesUnload
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: SessionManagerFinalize
2024-01-31 17:55:30, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:10
2024-01-31 17:55:30, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:9
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: WcpUnload
2024-01-31 17:55:30, Info CSI 0000020d Direct SIL provider: Number of files opened: 196708.
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: DrupUnload
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: CfgMgr32Unload
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: DpxUnload
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: SrUnload
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: CbsEsdUnload
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: CbsEventUnregister
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: AppContainerUnload
2024-01-31 17:55:30, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2024-01-31 17:55:30, Info CBS Ending TiWorker finalization.
2024-01-31 17:55:30, Info CBS Ending the TrustedInstaller main loop.
2024-01-31 17:55:30, Info CBS Starting TrustedInstaller finalization.
2024-01-31 17:55:30, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2024-01-31 17:55:30, Info CBS Ending TrustedInstaller finalization.

A chybějící log z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by red (Administrator) on 31.01.2024 at 15:02:27,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 3

Successfully deleted: C:\Program Files (x86)\mozilla firefox\defaults\pref\itms.js (File)
Successfully deleted: C:\Users\red\AppData\Local\pdfforge (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify (Task)

Registry: 3

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_16ED7BFD1EED139D2EE228272905FC2D (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.01.2024 at 15:04:09,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VIRY.CZ

Kontrola logu - problikávání bílé obrazovky

Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky

Re: Kontrola logu - problikávání bílé obrazovky