Možný problém - prosím o kontrolu

Zpráva

nothera · #1 Příspěvek od **nothera** » 04 kvě 2022 15:38

Dobrý den,

Avast mi plaší každých cca. 20 minut - viz příloha. Zkoušel jsem projet antivirem a nic. Zkoušel jsem adwcleaner, který mi našel nějaký problém s rozšířením v Chromu, ten jsem dal opravit, rozšíření jsem odstranil, ale problém přetrvává. Mohl by se mi někdo prosím mrknout na logy?

: Snímek obrazovky 2022-05-04 162319.png (9.57 KiB) Zobrazeno 879 x

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by llega (administrator) on DESKTOP-7301JJD (04-05-2022 16:27:24)
Running from C:\Users\llega\OneDrive\Plocha
Loaded Profiles: llega
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1645 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <4>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7661\Agent.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) C:\Program Files (x86)\StarCraft II\Versions\Base87702\SC2_x64.exe
(C:\Program Files (x86)\StarCraft II\Versions\Base87702\SC2_x64.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment Inc.) C:\Program Files (x86)\StarCraft II\Support\BlizzardBrowser\BlizzardBrowser.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <63>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [208152 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [352712 2020-05-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942744 2018-12-17] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [14823760 2021-12-07] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company) [File not signed]
HKLM-x32\...\Run: [Razer Blackwidow Driver] => C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe [887712 2012-05-09] (Razer USA Ltd -> Razer USA Ltd)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [HPUsageTracking] => "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\" (No File)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2021-10-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [Google Update] => C:\Users\llega\AppData\Local\Google\Update\1.3.36.132\GoogleUpdateCore.exe [227512 2022-04-22] (Google LLC -> Google LLC)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [Discord] => C:\Users\llega\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2021-12-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32711056 2020-12-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" (No File)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13997144 2022-04-27] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [GoogleChromeAutoLaunch_0B88279EB3CCE42CCCF3230D4BE8FD2C] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2596240 2022-04-13] (Google LLC -> Google LLC)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\MountPoints2: {82f0b350-37c4-11ec-bf4d-d050992786c1} - "G:\HiSuiteDownLoader.exe" 
HKLM\...\Windows x64\Print Processors\hpcpp093: C:\Windows\System32\spool\prtprocs\x64\hpcpp093.DLL [300032 2009-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Fax Port: C:\WINDOWS\system32\hppfaxprintermon5.dll [22016 2009-09-22] (Hewlett-Packard Company) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\100.0.15871.130\Installer\chrmstp.exe [2022-04-22] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-11-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1CBCFD24-B3B0-4F3B-82E5-1F40E894253A} - System32\Tasks\G2MUpdateTask-S-1-5-21-4205546469-3882697476-2674355249-1001 => C:\Users\llega\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {251A8C37-BC47-491E-9B43-90D213F4276F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {383A83E7-37B0-481E-BAC6-5851F3B3F451} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2712096 2022-04-15] (Piriform Software Ltd -> Piriform Software)
Task: {3B3EFF11-29C5-4AB2-B1F0-A58E543DC6F5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {40F4BA57-1E76-44A5-9810-E92DD1074BC4} - System32\Tasks\GoogleUpdateTaskMachineUA{D214D605-B6C9-495F-874C-F0D74D16935E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {4479D23F-B9BF-4D0B-BE48-9BB5105FD829} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4992792 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
Task: {45E9D4AA-8A7B-4E6E-98C1-37B605B13053} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4DAF0921-A35B-4BA7-AF78-279C5F9C0C1C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {56E75619-C04D-4EDA-822B-1965450BF139} - System32\Tasks\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {7B567AFE-7190-41A0-86F0-7B3994A4F375} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001Core{86DC6E0D-AAB4-4478-B9F3-4AE4B7B7B949} => C:\Users\llega\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {7CB90FD7-A534-4853-98D6-519108EA5476} - System32\Tasks\G2MUploadTask-S-1-5-21-4205546469-3882697476-2674355249-1001 => C:\Users\llega\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7E86663F-B1B5-402D-927C-FFA16211F39F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8904D081-9F8E-4350-8992-0872A2903E53} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-07-01] (Piriform Software Ltd -> Piriform Software)
Task: {8DE4767B-FDB3-49D3-B3CB-3DB07525FC45} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2712096 2022-04-15] (Piriform Software Ltd -> Piriform Software)
Task: {9E34A8E5-B92D-4631-9097-7C0E6BC3EAC2} - System32\Tasks\CCleanerSkipUAC - llega => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A54FB3BC-2D49-429A-B58A-E122C2C8A8AD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6095C78-9301-4FED-83B4-60485256C830} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7037D29-D268-4D26-9A1C-3555EE479FE5} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B543480F-91BC-458D-9EB7-6A6253B0AD08} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-07-01] (Piriform Software Ltd -> Piriform Software)
Task: {B88E20A3-39B6-40E5-8D85-0D5237C94566} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C8EFC2D7-158D-4BA1-A7E9-C6C34934C230} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CACC0AEA-BA6A-46FC-B112-538C6ED05CF5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D51C58A7-E2DA-4F07-AAE3-BDAB2E15606D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001UA{0134289F-612B-4BD3-8ED9-9E9949D768A5} => C:\Users\llega\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {E254FB18-1F7E-4225-934D-3C6671E295B8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-07] (Avast Software s.r.o. -> Avast Software)
Task: {E9608D8D-F5FB-47D9-BA56-C0D320D64F96} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F48DC82D-BDB6-47DE-9A96-F087AB7505C2} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4205546469-3882697476-2674355249-1001.job => C:\Users\llega\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4205546469-3882697476-2674355249-1001.job => C:\Users\llega\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a8843a4e-afd5-4d35-b49b-c50b45140faa}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{abffea89-77aa-4e5e-89c9-c21a7bcaff9a}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{dd052cba-e7b3-44a3-a7bc-fc1760d59bd6}: [DhcpNameServer] 10.0.0.138

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\llega\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-07]
Edge HomePage: Default -> hxxp://www.centrum.cz/
Edge Extension: (Google Meet Grid View) - C:\Users\llega\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjkegbgpfgpikgkfidhcihhiflbjgfic [2020-06-10]
Edge Extension: (Nimbus snímky obrazovky a záznam videa) - C:\Users\llega\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2022-04-07]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\llega\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-04-07]
Edge Extension: (Adblock for Youtube™) - C:\Users\llega\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nipggfgilmoiofmnkbeabghbcaohmjih [2020-10-14]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-10-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-07-01] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-07-01] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-10-07] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-4205546469-3882697476-2674355249-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\llega\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-30] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 7
CHR Profile: C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default [2022-05-04]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://kfc.cz; hxxps://meet.google.com; hxxps://www.kosik.cz; hxxps://www.superzoo.cz
CHR HomePage: Default -> hxxps://www.youtube.com/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Nimbus Screenshot App) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\aecjogkncpbkjfobfnoaiepipllcadhe [2020-04-02]
CHR Extension: (Google Meet Grid View) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjkegbgpfgpikgkfidhcihhiflbjgfic [2020-05-01]
CHR Extension: (Nimbus snímky obrazovky a záznam videa) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2022-05-01]
CHR Extension: (Color Picker) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\cemonabbpebmicmgjgpefjnnandabbjn [2021-12-16]
CHR Extension: (Adblock na Youtube™) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-04-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-20]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-03]
CHR Extension: (OneLogin for Google Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioalpmibngobedobkmbhgmadaphocjdn [2021-09-19]
CHR Extension: (Aliexpress Search by image) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcacbjiofjgbnaknoojjboeiinempoa [2022-04-24]
CHR Extension: (Grammarly for Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-04-27]
CHR Extension: (Tag Assistant Legacy (by Google)) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2021-09-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-04-26]
CHR Profile: C:\Users\llega\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-04]
CHR Profile: C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-03-27]
CHR Notifications: Profile 2 -> hxxps://meet.google.com
CHR HomePage: Profile 2 -> hxxp://www.google.com
CHR Extension: (Prezentace) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-09]
CHR Extension: (Dokumenty) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-09]
CHR Extension: (Disk Google) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (ColorZilla) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2020-04-09]
CHR Extension: (YouTube) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-09]
CHR Extension: (Nimbus snímky obrazovky a záznam videa) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2021-06-22]
CHR Extension: (Diagnostika připojení Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2020-04-28]
CHR Extension: (Strong Password Generator) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\emehklffcaphknhhfhadkjhpfapcbpco [2020-04-09]
CHR Extension: (Tabulky) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-27]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-27]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2022-02-28]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2020-04-09]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2022-03-27]
CHR Extension: (dataslayer) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ikbablmmjldhamhcldjjigniffkkjgpo [2021-06-08]
CHR Extension: (OneLogin for Google Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ioalpmibngobedobkmbhgmadaphocjdn [2021-06-20]
CHR Extension: (Tag Assistant Legacy (by Google)) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2021-09-24]
CHR Extension: (Turbo Ad Finder) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kjbjojolojmokicddfeaamkodihccdcl [2021-01-21]
CHR Extension: (Momentum) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2022-03-27]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-02-28]
CHR Extension: (UET Tag Helper (by Microsoft Advertising)) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\naijndjklgmffmpembnkfbcjbognokbf [2021-01-28]
CHR Extension: (WASP.inspector: Analytics Solution Profiler) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\niaoghengfohplclhbjnjheodgkejpih [2020-08-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Toggl Track: Productivity & Time Tracker) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oejgccbfbmkkpaidnkphaiaecficdnfn [2022-03-27]
CHR Extension: (Gmail) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Profile: C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-05-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-04]
CHR Profile: C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-02-07]
CHR Notifications: Profile 4 -> hxxps://meet.google.com
CHR Extension: (Prezentace) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-29]
CHR Extension: (Dokumenty) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-29]
CHR Extension: (Disk Google) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-10]
CHR Extension: (YouTube) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-29]
CHR Extension: (Tabulky) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (dataslayer) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ikbablmmjldhamhcldjjigniffkkjgpo [2021-07-07]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-05]
CHR Extension: (Gmail) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-07]
CHR Profile: C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-04-25]
CHR Notifications: Profile 5 -> hxxps://meet.google.com; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-25]
CHR Extension: (Dokumenty) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-25]
CHR Extension: (Disk Google) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-25]
CHR Extension: (Nimbus snímky obrazovky a záznam videa) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2022-04-01]
CHR Extension: (Color Picker) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cemonabbpebmicmgjgpefjnnandabbjn [2021-12-16]
CHR Extension: (Tabulky) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-20]
CHR Extension: (dataslayer) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ikbablmmjldhamhcldjjigniffkkjgpo [2021-09-05]
CHR Extension: (Grammarly for Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-04-21]
CHR Extension: (Tag Assistant for Conversions Beta) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\llpfnmnallbompdmklfkcibfpcfpncdd [2021-09-05]
CHR Extension: (WASP.inspector: Analytics Solution Profiler) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\niaoghengfohplclhbjnjheodgkejpih [2021-09-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-25]
CHR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-03-28]
CHR Extension: (Gmail) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-25]
CHR Profile: C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-01-21]
CHR Notifications: Profile 6 -> hxxps://meet.google.com
CHR Extension: (Prezentace) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-22]
CHR Extension: (Dokumenty) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-22]
CHR Extension: (Disk Google) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-22]
CHR Extension: (YouTube) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-22]
CHR Extension: (Tabulky) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-22]
CHR Extension: (Gmail) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-22]
CHR Profile: C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7 [2022-05-04]
CHR Notifications: Profile 7 -> hxxps://www.reddit.com
CHR Extension: (Turbo Ad Finder 2.0) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apacadmkljmohmjgefhficgiijnnmelk [2022-02-03]
CHR Extension: (Nimbus snímky obrazovky a záznam videa) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2022-05-04]
CHR Extension: (CSS Selector Capture Pro) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\cpnkcffhllafbdbljkmhebnpbnlhapmd [2021-12-16]
CHR Extension: (Facebook Pixel Helper) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2022-03-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-21]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-04-29]
CHR Extension: (Clockwise: Team Time & Calendar Management) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\hjcneejoopafkkibfbcaeoldpjjiamog [2022-04-08]
CHR Extension: (dataslayer) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ikbablmmjldhamhcldjjigniffkkjgpo [2022-01-07]
CHR Extension: (Grammarly for Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-04-27]
CHR Extension: (WASP.inspector: Analytics Solution Profiler) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\niaoghengfohplclhbjnjheodgkejpih [2022-03-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-16]
CHR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-04-26]
CHR Extension: (ColorPick Eyedropper) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2022-02-01]
CHR Extension: (Clockify Time Tracker) - C:\Users\llega\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pmjeegjhjdlccodhacdgbgfagbpmccpe [2022-04-29]
CHR Profile: C:\Users\llega\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2021-10-07] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8507016 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [563024 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1968976 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563024 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-07-01] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\100.0.15871.130\elevation_service.exe [1972912 2022-04-15] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-07-01] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11758536 2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2283096 2022-04-27] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-26] (GOG Sp. z o.o. -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-27] (HP Inc. -> HP Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-08-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-08-08] (Electronic Arts, Inc. -> Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1629312 2020-10-28] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [31568 2021-12-07] (SteelSeries ApS -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9847520 2020-05-12] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1475B792; C:\WINDOWS\system32\drivers\1475B792.sys [255928 2022-05-03] (Malwarebytes Corporation -> Malwarebytes)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228912 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [378944 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252984 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100408 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42400 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269448 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546296 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83968 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855320 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [556088 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215936 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2020-11-01] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [320904 2022-04-20] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [192952 2022-05-03] (Malwarebytes Corporation -> Malwarebytes)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Windows -> Microsoft Corporation) [File not signed]
R3 RzSynapse; C:\WINDOWS\System32\drivers\RzSynapse.sys [154624 2011-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Razer USA Ltd)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS)
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [48800 2022-02-23] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [3353616 2020-05-12] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-04 16:25 - 2022-05-04 16:27 - 000000000 ____D C:\FRST
2022-05-04 08:38 - 2022-05-04 08:38 - 000129506 _____ C:\Users\llega\Downloads\Conversion Tracking Parent account UI.svg
2022-05-03 21:59 - 2022-05-03 22:02 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1475B792.sys
2022-05-03 21:59 - 2022-05-03 21:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-05-03 21:57 - 2022-05-03 22:02 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2022-05-03 21:57 - 2022-05-03 21:57 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2022-04-29 09:30 - 2022-04-29 09:30 - 000244676 _____ C:\Users\llega\Downloads\Michigan Call Keywords.csv
2022-04-29 09:30 - 2022-04-29 09:30 - 000244432 _____ C:\Users\llega\Downloads\Cleveland Search Keywords.csv
2022-04-26 15:28 - 2022-04-26 15:28 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-26 15:28 - 2022-04-26 15:28 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-25 16:27 - 2022-04-27 20:59 - 000000000 ____D C:\Users\llega\AppData\Roaming\WhatsApp
2022-04-25 16:27 - 2022-04-25 16:27 - 000000000 ____D C:\Users\llega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2022-04-25 16:27 - 2022-04-25 16:27 - 000000000 ____D C:\Users\llega\AppData\Local\WhatsApp
2022-04-25 10:35 - 2022-04-25 10:35 - 000575195 _____ C:\Users\llega\Downloads\NesparovaneProdukty.csv
2022-04-22 21:46 - 2022-05-04 16:27 - 000003656 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001UA{0134289F-612B-4BD3-8ED9-9E9949D768A5}
2022-04-22 21:46 - 2022-05-04 16:27 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001Core{86DC6E0D-AAB4-4478-B9F3-4AE4B7B7B949}
2022-04-16 19:32 - 2022-04-16 19:32 - 000000000 ____D C:\Users\llega\AppData\Local\CD Projekt Red
2022-04-16 19:31 - 2022-04-16 19:31 - 000000000 ____D C:\Users\llega\AppData\Local\REDEngine
2022-04-15 21:02 - 2022-04-15 21:02 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-15 21:02 - 2022-04-15 21:02 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-15 21:02 - 2022-04-15 21:02 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-15 21:02 - 2022-04-15 21:02 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-15 20:53 - 2022-04-15 20:53 - 000000000 ___HD C:\$WinREAgent
2022-04-12 06:19 - 2022-04-12 06:18 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-04-12 06:19 - 2022-04-12 06:18 - 000215936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-04-11 15:29 - 2022-04-11 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2022-04-09 09:28 - 2022-04-09 09:56 - 000000000 ____D C:\Users\llega\AppData\LocalLow\uTorrent
2022-04-08 22:22 - 2022-04-28 14:27 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2022-04-08 22:22 - 2022-04-08 22:22 - 000000000 ____D C:\Users\llega\AppData\Local\GOG.com
2022-04-08 22:22 - 2022-04-08 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2022-04-08 22:18 - 2022-04-11 15:29 - 000000000 ____D C:\ProgramData\GOG.com

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-04 16:27 - 2022-04-03 22:03 - 000002526 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-05-04 16:27 - 2022-03-28 20:04 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - llega
2022-05-04 16:27 - 2022-01-21 20:22 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{D214D605-B6C9-495F-874C-F0D74D16935E}
2022-05-04 16:27 - 2022-01-21 20:22 - 000003254 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179}
2022-05-04 16:27 - 2021-12-13 15:58 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4205546469-3882697476-2674355249-1001
2022-05-04 16:27 - 2021-07-01 21:53 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2022-05-04 16:27 - 2021-07-01 21:53 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2022-05-04 16:27 - 2021-07-01 21:52 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-05-04 16:27 - 2021-07-01 21:52 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2022-05-04 16:27 - 2021-07-01 21:51 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-05-04 16:27 - 2021-06-25 11:18 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-05-04 16:27 - 2021-04-13 10:32 - 000003374 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7235fa69bc62e
2022-05-04 16:27 - 2021-03-28 01:20 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-04 16:27 - 2021-03-28 01:20 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-05-04 16:27 - 2021-03-28 01:20 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-05-04 16:27 - 2021-03-28 01:20 - 000003264 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-4205546469-3882697476-2674355249-1001
2022-05-04 16:27 - 2021-03-28 01:20 - 000003168 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-4205546469-3882697476-2674355249-1001
2022-05-04 16:27 - 2021-03-28 01:20 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4205546469-3882697476-2674355249-1001
2022-05-04 16:27 - 2021-03-28 01:20 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2022-05-04 16:27 - 2021-03-28 01:20 - 000002510 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-05-04 16:27 - 2021-03-28 01:20 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-05-04 16:27 - 2021-03-28 01:20 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-05-04 16:27 - 2021-03-28 01:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-05-04 16:27 - 2020-07-07 13:33 - 000000666 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4205546469-3882697476-2674355249-1001.job
2022-05-04 16:27 - 2020-07-07 13:33 - 000000570 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4205546469-3882697476-2674355249-1001.job
2022-05-04 16:24 - 2020-04-28 14:42 - 000000000 ____D C:\Users\llega\AppData\Local\Battle.net
2022-05-04 16:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-04 15:32 - 2020-04-28 14:50 - 000000000 ____D C:\Program Files (x86)\StarCraft II
2022-05-04 14:33 - 2020-04-02 19:30 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-04 14:04 - 2021-03-28 01:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-04 09:51 - 2021-07-01 21:51 - 000000000 ____D C:\Program Files\CCleaner
2022-05-04 06:36 - 2021-03-28 01:23 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-04 06:36 - 2019-12-07 16:43 - 000716726 _____ C:\WINDOWS\system32\perfh005.dat
2022-05-04 06:36 - 2019-12-07 16:43 - 000144904 _____ C:\WINDOWS\system32\perfc005.dat
2022-05-04 06:36 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-04 06:30 - 2020-04-02 19:26 - 000000000 ____D C:\ProgramData\Avast Software
2022-05-04 06:29 - 2021-03-28 01:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-04 06:29 - 2021-03-28 01:14 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-04 06:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-05-03 23:23 - 2020-04-02 19:22 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-05-03 23:23 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-05-03 17:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-03 17:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-02 15:37 - 2021-12-31 09:25 - 000000000 ____D C:\Users\llega\AppData\Roaming\.minecraft
2022-05-01 15:18 - 2020-04-16 15:48 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-01 15:13 - 2020-06-09 06:20 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-29 22:13 - 2020-10-10 23:02 - 000000000 ____D C:\Users\llega\AppData\Local\PokerStars.CZ
2022-04-29 17:44 - 2020-04-15 08:45 - 000000000 ____D C:\Users\llega\AppData\Roaming\Google
2022-04-29 17:44 - 2020-04-02 21:50 - 000000000 ____D C:\Users\llega\AppData\Local\CrashDumps
2022-04-29 11:55 - 2020-04-28 14:40 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-04-28 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-28 18:13 - 2020-04-02 19:19 - 000000000 ____D C:\Users\llega\AppData\Local\Packages
2022-04-28 14:30 - 2021-05-12 20:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-04-28 14:28 - 2021-03-28 01:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-04-26 06:01 - 2021-05-24 10:02 - 000000000 ____D C:\Program Files (x86)\ScreenToGif
2022-04-25 16:27 - 2020-04-17 06:31 - 000000000 ____D C:\Users\llega\AppData\Local\SquirrelTemp
2022-04-24 18:27 - 2020-04-02 19:37 - 000000000 ____D C:\Program Files (x86)\Steam
2022-04-24 00:07 - 2020-05-15 10:13 - 000000000 ____D C:\Users\llega\AppData\Roaming\discord
2022-04-23 23:15 - 2020-05-15 10:13 - 000000000 ____D C:\Users\llega\AppData\Local\Discord
2022-04-23 12:39 - 2020-07-07 13:33 - 000000000 ____D C:\Users\llega\AppData\Local\GoToMeeting
2022-04-22 23:18 - 2021-10-16 11:56 - 000000000 ____D C:\Users\llega\OneDrive\Documents\My Games
2022-04-22 17:57 - 2021-04-16 20:09 - 000000000 ____D C:\Users\llega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-04-22 14:59 - 2021-07-01 21:53 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-04-22 14:59 - 2021-07-01 21:52 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-04-21 19:45 - 2020-12-31 01:56 - 000000000 ____D C:\Users\llega\AppData\Local\AMD_Common
2022-04-21 17:15 - 2020-04-02 19:24 - 000000000 ____D C:\Users\llega\AppData\Local\D3DSCache
2022-04-21 16:23 - 2021-03-27 19:53 - 000002381 _____ C:\Users\llega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-20 23:13 - 2021-03-27 19:53 - 000000000 ____D C:\Users\llega
2022-04-20 14:19 - 2020-04-02 19:27 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-04-20 07:40 - 2020-04-02 19:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-16 08:09 - 2021-03-28 01:14 - 000532800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-15 22:51 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-15 22:51 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-15 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-15 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-15 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-15 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-15 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-15 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-15 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-15 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-15 21:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-15 20:52 - 2020-04-02 19:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-15 20:49 - 2020-04-02 19:56 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-14 11:45 - 2020-04-13 14:23 - 000000000 ____D C:\Users\llega\AppData\Roaming\vlc
2022-04-13 16:49 - 2022-02-07 22:29 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-12 17:00 - 2021-12-24 20:21 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-12 17:00 - 2021-12-24 20:21 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-12 17:00 - 2021-12-24 20:21 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-12 17:00 - 2021-12-24 20:21 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-12 17:00 - 2021-12-24 20:21 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-12 17:00 - 2021-12-24 20:21 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-12 17:00 - 2021-12-24 20:21 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-12 06:19 - 2021-03-28 01:20 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-04-12 06:19 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-12 06:18 - 2020-10-28 12:57 - 000269448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000855320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000556088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000546296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000252984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000228912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000100408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000083968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-04-12 06:18 - 2020-04-02 19:27 - 000042400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-04-11 22:39 - 2021-05-17 08:53 - 000000000 ____D C:\Users\llega\AppData\LocalLow\Mozilla
2022-04-09 09:56 - 2020-04-13 20:31 - 000000000 ____D C:\Users\llega\AppData\Roaming\uTorrent
2022-04-09 09:53 - 2020-04-13 20:32 - 000000000 ____D C:\Users\llega\AppData\Local\BitTorrentHelper
2022-04-08 22:25 - 2020-08-22 22:01 - 000000000 ____D C:\ProgramData\Epic
2022-04-08 22:03 - 2020-10-10 23:02 - 000000000 ____D C:\Program Files (x86)\PokerStars.CZ
2022-04-07 18:09 - 2020-04-15 09:10 - 000000000 ___RD C:\Users\llega\OneDrive\Documents\Scanned Documents
2022-04-06 05:10 - 2020-12-25 11:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2021-06-25 11:25 - 2021-06-25 11:25 - 000000000 _____ () C:\Users\llega\AppData\Local\oobelibMkey.log
2021-02-13 00:46 - 2021-12-14 23:16 - 000155539 _____ () C:\Users\llega\AppData\Local\PlariumPlay.log
2020-08-25 00:29 - 2020-08-25 00:29 - 000007605 _____ () C:\Users\llega\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by llega (04-05-2022 16:28:53)
Running from C:\Users\llega\OneDrive\Plocha
Microsoft Windows 10 Pro Version 21H2 19044.1645 (X64) (2021-03-27 23:20:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4205546469-3882697476-2674355249-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4205546469-3882697476-2674355249-503 - Limited - Disabled)
Guest (S-1-5-21-4205546469-3882697476-2674355249-501 - Limited - Disabled)
llega (S-1-5-21-4205546469-3882697476-2674355249-1001 - Administrator - Enabled) => C:\Users\llega
WDAGUtilityAccount (S-1-5-21-4205546469-3882697476-2674355249-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{0611B3CC-B5DB-4B93-ACE4-97B8F938E6B7}) (Version: 4.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.0.788.2 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_3) (Version: 14.0.3 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.12.1 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
AudFree Music Converter 2.0.0.340 (HKLM-x32\...\AudFree Music Converter_is1) (Version:  - AudFree Studio.)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.3.6008 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 100.0.15871.130 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Cinch Audio Recorder version 4.0.2 (HKLM-x32\...\{F145F781-A266-4A33-8F34-65561BF29B25}_is1) (Version: 4.0.2 - Cinch Solutions)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.52 - GOG.com)
Discord (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Discord) (Version: 0.0.311 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.55.1 (HKLM-x32\...\FileZilla Client) (Version: 3.55.1 - Tim Kosse)
firstobject XML Editor version 2.4.2 (HKLM-x32\...\firstobject XML Editor_is1) (Version:  - )
Git (HKLM\...\Git_is1) (Version: 2.33.0 - The Git Development Community)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Ads Editor (HKLM-x32\...\{960C56AE-AAE0-11EC-B452-DC4A3E998CF6}) (Version: 14.0.2.0 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\HearthstoneDeckTracker) (Version: 1.14.4 - HearthSim)
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HWiNFO64 Version 6.24 (HKLM\...\HWiNFO64_is1) (Version: 6.24 - Martin Malik - REALiX)
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{C7BC60AB-23E3-4F47-8FBE-283937D010AA}) (Version: 2.1.2106.23002 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Capture (HKLM\...\Capture) (Version: 1.0.553 - Logitech)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.15128.20178 - Microsoft Corporation)
Microsoft Advertising Editor (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\MicrosoftAdvertisingEditor) (Version: 11.29.12068 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.32 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.32 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.59.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
Node.js (HKLM\...\{BBA8BA33-A3FC-47F3-A144-B95FB83B4FB4}) (Version: 14.17.5 - Node.js Foundation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.102.48654 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version:  - PokerStars.cz)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.3.377 - Jan Fiala)
Razer BlackWidow Ultimate (HKLM-x32\...\{E3AC9740-66D4-412F-AE55-DD0428F78175}) (Version: 1.05.00 - Razer USA Ltd.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.29.283 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.0 - Rockstar Games)
Screaming Frog SEO Spider (HKLM\...\Screaming Frog SEO Spider) (Version: 16.4 - Screaming Frog Ltd)
ScreenToGif (HKLM-x32\...\{85D19DA1-199F-4C56-B156-E8AFC3592036}) (Version: 2.30.0 - Nicke Manarin)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 11.2.0 (HKLM\...\SteelSeries GG) (Version: 11.2.0 - SteelSeries ApS)
Streamlabs OBS 0.23.2 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.23.2 - General Workings, Inc.)
Sublime Text (HKLM\...\Sublime Text_is1) (Version:  - Sublime HQ Pty Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
TP-Link Archer T2U Plus Driver (HKLM-x32\...\{D646A985-33A6-4D98-973F-44CC267BD834}) (Version: 2.1.0 - TP-Link)
TunesKit Spotify Converter (HKLM-x32\...\{7E3D1669-A658-40A9-87F2-D82CC52ED1D1}_is1) (Version: 1.7.0.657 - TunesKit, Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\WhatsApp) (Version: 2.2212.8 - WhatsApp)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)
Zoom (HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-06-25] (Adobe Systems Incorporated)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-04] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-27] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.18.3104.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe [2022-04-21] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-16] (Netflix, Inc.)
Photo to GIF - GIF Maker -> C:\Program Files\WindowsApps\39691Videopix.PhototoGIF-GIFMaker_1.1.7.0_x64__dxz7h1qnd1pge [2020-05-31] (Videopix) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0 [2022-04-28] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\llega\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\llega\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\llega\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\llega\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\llega\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\llega\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\llega\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\llega\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-27] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-11-27] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\llega\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcacbjiofjgbnaknoojjboeiinempoa\4.1_0\_locales\aliexpress_search_by_image - Ярлык.lnk -> D:\site\lowcost2.ru\widget\chrome\aliexpress_search_by_image (No File) <==== Cyrillic
ShortcutWithArgument: C:\Users\llega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Connectivity Diagnostics.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 2" --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\llega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - Notes and Lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 2" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\llega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\llega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Nimbus Screenshot App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=aecjogkncpbkjfobfnoaiepipllcadhe
ShortcutWithArgument: C:\Users\llega\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\Tomáš (tomkraus.cz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\llega\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Tomáš (ppcbee.com) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\llega\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Tomáš (WORK WORK WORK) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\llega\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Lucka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2022-04-28 23:01 - 2022-04-28 23:01 - 104871424 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\libcef.dll
2022-04-28 23:01 - 2022-04-28 23:01 - 000112128 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\libegl.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 006227456 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\libglesv2.dll
2020-04-28 14:53 - 2020-04-28 14:53 - 080168448 _____ () [File not signed] C:\Program Files (x86)\StarCraft II\Support\BlizzardBrowser\libcef.dll
2007-11-06 22:16 - 2007-11-06 22:16 - 000217088 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2007-11-06 22:16 - 2007-11-06 22:16 - 000184320 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2007-11-06 22:16 - 2007-11-06 22:16 - 000139264 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2021-11-18 20:35 - 2009-09-22 21:44 - 000022016 ____N (Hewlett-Packard Company) [File not signed] C:\WINDOWS\System32\hppfaxprintermon5.dll
2022-04-28 23:01 - 2022-04-28 23:01 - 000810496 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\chrome_elf.dll
2020-04-28 14:55 - 2020-04-28 14:55 - 000504832 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\StarCraft II\Support\BlizzardBrowser\chrome_elf.dll
2020-04-28 14:53 - 2020-04-28 14:53 - 010893824 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\StarCraft II\Support64\icudt52.dll
2020-04-28 14:56 - 2020-04-28 14:56 - 001760768 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\StarCraft II\Support64\icuin52.dll
2020-04-28 14:56 - 2020-04-28 14:56 - 001327104 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\StarCraft II\Support64\icuuc52.dll
2020-12-05 10:29 - 2021-08-08 13:14 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-12-05 10:29 - 2021-08-08 13:14 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-12-05 10:29 - 2021-08-08 13:14 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-08-08 13:16 - 2021-08-08 13:14 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-08-08 13:16 - 2021-08-08 13:14 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-08-08 13:16 - 2021-08-08 13:14 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-08-08 13:16 - 2021-08-08 13:14 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-08-08 13:16 - 2021-08-08 13:14 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-08-08 13:16 - 2021-08-08 13:14 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-04-28 23:01 - 2022-04-28 23:01 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\audio\qtaudio_windows.dll
2022-04-28 23:01 - 2022-04-28 23:01 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\imageformats\qgif.dll
2022-04-28 23:01 - 2022-04-28 23:01 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\imageformats\qico.dll
2022-04-28 23:01 - 2022-04-28 23:01 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\imageformats\qjpeg.dll
2022-04-28 23:01 - 2022-04-28 23:01 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\imageformats\qmng.dll
2022-04-28 23:01 - 2022-04-28 23:01 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\imageformats\qsvg.dll
2022-04-28 23:01 - 2022-04-28 23:01 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\imageformats\qtiff.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\platforms\qwindows.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5Core.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5Gui.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5Multimedia.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5Network.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5Qml.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5Quick.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5Svg.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5Widgets.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5WinExtras.dll
2022-04-28 23:02 - 2022-04-28 23:02 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13458\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-04-13%2006:32:49&bName=
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\sharepoint.com -> hxxps://agenturakofein-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\nodejs\
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\Control Panel\Desktop\\Wallpaper -> c:\users\llega\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\arrrrwacecx.jpeg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{388E1FF9-4F4C-44B5-9831-C2321E557F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpongeBob SquarePants Battle for Bikini Bottom - Rehydrated\SpongeBob_BFBB_R.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{72FA837C-8C8E-432A-A15C-7E30B94F78F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpongeBob SquarePants Battle for Bikini Bottom - Rehydrated\SpongeBob_BFBB_R.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D229C9CF-54D5-4199-8E93-6A34FC8BC6A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{BDFED90F-0D27-4038-8035-005821CB07F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [UDP Query User{80EBA144-AF82-454F-9884-F2ADB65EA109}C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe => No File
FirewallRules: [TCP Query User{0FE0B723-14DF-4418-958D-C72F56A7D7C2}C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{35DAB11A-1847-4F47-86EA-9A2E98D2E15F}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{D81CE6A1-2EED-4A3F-996C-A98C28D93A3E}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{911642E3-416C-4165-AB53-1CA0E20DAA79}C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe => No File
FirewallRules: [TCP Query User{9F7C7E51-8CBB-43A3-9752-E5B2D71D82EF}C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe => No File
FirewallRules: [{2E5F8054-7E8A-417B-88CE-544CC4721E06}] => (Allow) C:\Users\llega\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{F091A0D4-A068-4D7B-ABF5-2CEEC61BE09D}C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{41AAC7C0-16F8-470C-97E7-87248096EBFE}C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{A540D8D2-5DF6-497E-8696-E0F3A24939A1}] => (Allow) C:\Users\llega\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{516A01F6-C258-4B75-9D52-0670247B7EDA}] => (Allow) C:\Users\llega\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4F139952-3AF3-4260-8947-D2F5FB521FDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paw Patrol On A Roll\PawPatrol.exe () [File not signed]
FirewallRules: [{3A8AE3C1-59D7-4E61-9037-4F796DB14926}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paw Patrol On A Roll\PawPatrol.exe () [File not signed]
FirewallRules: [{D5593F20-C75F-4390-8A78-97AC21410ADC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CF01F5DF-4D61-4CA0-8B11-3F9C677A0E13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9F4A5D99-C94D-4712-8D5D-CA8959D2A9DE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8D621521-7066-44D5-9966-6BB8D187C8B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{F9126612-C702-4681-992A-14FB9C290AAA}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{49E56BC2-8B45-43DE-9012-D14BF070BB13}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{5E3D20DA-72AF-4EE4-9549-D260E39E7848}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAW Patrol Mighty Pups  Save Adventure Bay\pp2.exe () [File not signed]
FirewallRules: [{478EEF5E-D6B7-42CB-956E-E9786ED4CCEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAW Patrol Mighty Pups  Save Adventure Bay\pp2.exe () [File not signed]
FirewallRules: [{A693CE2A-D6F6-47A6-9534-A73C187C7056}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E743E6F4-5B7E-45EE-9FB3-D0695A09C2A1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99A416D4-84C3-4787-80E9-530CFA13B6F1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{19138C96-EC2D-4867-A1F0-06E91E5F8331}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{91C85DDF-C0C9-4E5B-98EF-7DF07238B8B9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C6737863-E49C-4E04-ACE8-1CF9743AB91B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17D18D79-8F6F-4D58-9476-67BB74ABB035}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{44F19338-03C7-4641-A653-0A32A9F45FD5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7175DE09-3652-4168-89FB-0F35980E5BAE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6E03B871-102B-4C23-B56A-B1A962DD5032}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{50CB0F1A-EA8B-4895-A7A2-8F7526209DAD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BE81FBEC-8898-4E26-B075-EC1A3A30920E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6F5DEA94-89B9-4E9A-95C8-845237583242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{1FB01149-75B1-4952-9907-31B64CFDB35E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{46113F5B-D5BA-4CE2-98A5-30982805F1D3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BF3A0539-6C7F-4D60-93DA-EBEE22B6E69E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AF2C9E05-C4A0-4FC2-BCDB-AFE9EEB35FBA}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D0F46FAD-CCA8-4076-A990-83D16F5E86DF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3D34CE94-C6F2-49D2-B76B-7864A743702E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5FF8EEEA-0FEE-43A8-A8C1-1D01C61EC7BF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42EFDFFD-6E72-49EC-97C2-236E43E432B8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40A19B4A-A7BD-481F-A7E0-11BBFAF2D5BE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{59FF30B8-5F54-4BCE-B887-E0ABE1DFAF96}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5FA0C25F-C09C-4B47-B296-46FA7841D426}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mimpi\MIMPI.exe () [File not signed]
FirewallRules: [{7066F98B-B37A-458C-B33E-F8C4A6F27FA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mimpi\MIMPI.exe () [File not signed]
FirewallRules: [{025DF126-4C44-4552-AC67-6C8C01C46699}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{062D3AC0-BB87-4327-8986-3C2CC1416A49}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{5A0F8EB3-7028-4C5D-BDF9-32CE2C2F8BA7}C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{DFC4803B-DA6B-4A69-99CE-DB11DB43E1E7}C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base87702\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{655E9D5A-80D9-4DBA-813A-61E282C42B7D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7D5261EC-8322-4317-9954-C5F9820436B8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{21F13692-B49F-474D-BC44-EDBAEE21D145}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7A932559-1EDD-44B6-84B7-4C09FE1D2872}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{4B8F06A8-81F2-42B1-8F0B-268FC59F3881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\SonicGenerations.exe (Sega Europe Limited -> SEGA)
FirewallRules: [{2942C3AD-FF05-4B2F-8095-202776A13E52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\SonicGenerations.exe (Sega Europe Limited -> SEGA)
FirewallRules: [{3136A76D-45F4-43FF-A3B4-959E01A24CAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\ConfigurationTool.exe (SEGA) [File not signed]
FirewallRules: [{4C9E33C4-821C-4DCF-97CD-824ADFA0743D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\ConfigurationTool.exe (SEGA) [File not signed]
FirewallRules: [{D939778C-A39B-4172-A674-4874ACBCF46D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4FEB5AF1-E55E-46DC-9128-AB9744231885}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE2EE71D-9C5C-42A2-90AB-13FB478CED2B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED0DB019-CFA1-4F72-BDBA-6586F6B1EFEF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56F5792D-AE80-4D6D-A3EC-868B6BB732E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EEA07387-5A1B-4FA5-BA41-AACA7214E8BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{860FA276-CAC2-42ED-88C8-CF7242D6756D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD4A4247-3F33-4B78-A5E8-C71C311D3DCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3E72662A-C708-4134-9F71-A555A464562A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A040CB4A-4636-4E42-AA65-8CB4D17B5B94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8D83A15D-4293-41AD-A0D8-0C1A2335E21D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2B637299-E3E2-41A0-805A-2D2B0B63D380}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E05E170-6F23-42AA-BCAB-9CEE09A8AE34}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.32\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-04-2022 20:55:16 Instalační služba modulů systému Windows
22-04-2022 23:17:01 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
30-04-2022 15:13:56 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/02/2022 06:26:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Záloha (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (05/02/2022 06:25:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (05/02/2022 05:49:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/29/2022 05:44:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Minecraft.exe, verze: 1.0.1.0, časové razítko: 0x623ba8d9
Název chybujícího modulu: libcef.dll, verze: 99.2.14.0, časové razítko: 0x623cd6bd
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002ece021
ID chybujícího procesu: 0x3428
Čas spuštění chybující aplikace: 0x01d85be00444938a
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe\Minecraft.exe
Cesta k chybujícímu modulu: C:\Users\llega\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\game\libcef.dll
ID zprávy: 8c2f52c9-eb39-4218-a7cf-798e98c76b65
Úplný název chybujícího balíčku: Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Minecraft

Error: (04/29/2022 05:43:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Minecraft.exe, verze: 1.0.1.0, časové razítko: 0x623ba8d9
Název chybujícího modulu: libcef.dll, verze: 99.2.14.0, časové razítko: 0x623cd6bd
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002ece021
ID chybujícího procesu: 0x4d68
Čas spuštění chybující aplikace: 0x01d85bdfeb0b504c
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe\Minecraft.exe
Cesta k chybujícímu modulu: C:\Users\llega\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\game\libcef.dll
ID zprávy: 3d38f759-f3fe-42d6-ab33-1fdab1e2cc6a
Úplný název chybujícího balíčku: Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Minecraft

Error: (04/29/2022 05:43:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Minecraft.exe, verze: 1.0.1.0, časové razítko: 0x623ba8d9
Název chybujícího modulu: libcef.dll, verze: 99.2.14.0, časové razítko: 0x623cd6bd
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002ece021
ID chybujícího procesu: 0xe24
Čas spuštění chybující aplikace: 0x01d85bdfd7b2dc9d
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe\Minecraft.exe
Cesta k chybujícímu modulu: C:\Users\llega\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\game\libcef.dll
ID zprávy: 1ccd8f69-8ffb-4c4d-95ba-ee4bb672a6d8
Úplný název chybujícího balíčku: Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Minecraft

Error: (04/29/2022 05:43:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Minecraft.exe, verze: 1.0.1.0, časové razítko: 0x623ba8d9
Název chybujícího modulu: libcef.dll, verze: 99.2.14.0, časové razítko: 0x623cd6bd
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002ece021
ID chybujícího procesu: 0x4c4
Čas spuštění chybující aplikace: 0x01d85bdfce06ecd8
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe\Minecraft.exe
Cesta k chybujícímu modulu: C:\Users\llega\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\game\libcef.dll
ID zprávy: d3f7857f-7a98-499f-ae09-77fbe51b8f67
Úplný název chybujícího balíčku: Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Minecraft

Error: (04/29/2022 05:42:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Minecraft.exe, verze: 1.0.1.0, časové razítko: 0x623ba8d9
Název chybujícího modulu: libcef.dll, verze: 99.2.14.0, časové razítko: 0x623cd6bd
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002ece021
ID chybujícího procesu: 0x20a4
Čas spuštění chybující aplikace: 0x01d85bdfc96e9245
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe\Minecraft.exe
Cesta k chybujícímu modulu: C:\Users\llega\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\game\libcef.dll
ID zprávy: e8316e75-584f-4763-b400-dfdbe957c9a5
Úplný název chybujícího balíčku: Microsoft.4297127D64EC6_1.1.7.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Minecraft


System errors:
=============
Error: (05/04/2022 11:03:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/04/2022 11:03:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (05/04/2022 11:03:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/04/2022 11:03:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (05/04/2022 11:03:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/04/2022 11:03:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/04/2022 11:03:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/04/2022 11:03:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===============
Date: 2022-05-04 14:32:00
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-05-04 06:45:29
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-05-04 06:42:01
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\x86\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2022-05-04 06:31:02
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. P2.10 05/12/2015
Motherboard: ASRock Z97 Extreme4
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 65%
Total physical RAM: 16332.2 MB
Available physical RAM: 5713.53 MB
Total Virtual: 22732.2 MB
Available Virtual: 8381.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.19 GB) (Free:16.8 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Záloha) (Fixed) (Total:1861.73 GB) (Free:1541.34 GB) NTFS

\\?\Volume{1aad87f5-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS
\\?\Volume{2cddcaa0-576d-ed79-78a9-defac8e871d4}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{3c405bbc-0000-0000-0000-e08dd1010000}\ () (Fixed) (Total:0.8 GB) (Free:0.37 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1AAD87F5)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 3C405BBC)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1861.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=817 MB) - (Type=27)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 04 kvě 2022 16:01

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

nothera · #3 Příspěvek od **nothera** » 05 kvě 2022 18:24

Zkusil jsem, ale nic to nenašlo, takže se mi možnost čištění a opravy nenabídla. Máte nějaký další nápad?

#4 Příspěvek od **Rudy** » 05 kvě 2022 19:16

Vyčistíme ručně, i když je to jen hláška Avastu, že něco zablokoval, tzn. nic se nedostalo do PC. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\MountPoints2: {82f0b350-37c4-11ec-bf4d-d050992786c1} - "G:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {40F4BA57-1E76-44A5-9810-E92DD1074BC4} - System32\Tasks\GoogleUpdateTaskMachineUA{D214D605-B6C9-495F-874C-F0D74D16935E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {56E75619-C04D-4EDA-822B-1965450BF139} - System32\Tasks\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {56E75619-C04D-4EDA-822B-1965450BF139} - System32\Tasks\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {7B567AFE-7190-41A0-86F0-7B3994A4F375} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001Core{86DC6E0D-AAB4-4478-B9F3-4AE4B7B7B949} => C:\Users\llega\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {D51C58A7-E2DA-4F07-AAE3-BDAB2E15606D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001UA{0134289F-612B-4BD3-8ED9-9E9949D768A5} => C:\Users\llega\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
FirewallRules: [{99A416D4-84C3-4787-80E9-530CFA13B6F1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{19138C96-EC2D-4867-A1F0-06E91E5F8331}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. Jde jen o zbytečnosti.

nothera · #5 Příspěvek od **nothera** » 06 kvě 2022 20:31

Dobrý den,

hotovo. Posílám výsledný log.

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by llega (06-05-2022 21:28:15) Run:1
Running from C:\Users\llega\OneDrive\Plocha
Loaded Profiles: llega
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\...\MountPoints2: {82f0b350-37c4-11ec-bf4d-d050992786c1} - "G:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {40F4BA57-1E76-44A5-9810-E92DD1074BC4} - System32\Tasks\GoogleUpdateTaskMachineUA{D214D605-B6C9-495F-874C-F0D74D16935E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {56E75619-C04D-4EDA-822B-1965450BF139} - System32\Tasks\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {56E75619-C04D-4EDA-822B-1965450BF139} - System32\Tasks\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {7B567AFE-7190-41A0-86F0-7B3994A4F375} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001Core{86DC6E0D-AAB4-4478-B9F3-4AE4B7B7B949} => C:\Users\llega\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Task: {D51C58A7-E2DA-4F07-AAE3-BDAB2E15606D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001UA{0134289F-612B-4BD3-8ED9-9E9949D768A5} => C:\Users\llega\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-04-15] (Google LLC -> Google LLC)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
FirewallRules: [{99A416D4-84C3-4787-80E9-530CFA13B6F1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{19138C96-EC2D-4867-A1F0-06E91E5F8331}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
HKU\S-1-5-21-4205546469-3882697476-2674355249-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82f0b350-37c4-11ec-bf4d-d050992786c1} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40F4BA57-1E76-44A5-9810-E92DD1074BC4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40F4BA57-1E76-44A5-9810-E92DD1074BC4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{D214D605-B6C9-495F-874C-F0D74D16935E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{D214D605-B6C9-495F-874C-F0D74D16935E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56E75619-C04D-4EDA-822B-1965450BF139}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56E75619-C04D-4EDA-822B-1965450BF139}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56E75619-C04D-4EDA-822B-1965450BF139}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{204C2AE4-0D12-48CD-B743-99F8861B5179}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B567AFE-7190-41A0-86F0-7B3994A4F375}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B567AFE-7190-41A0-86F0-7B3994A4F375}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001Core{86DC6E0D-AAB4-4478-B9F3-4AE4B7B7B949} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001Core{86DC6E0D-AAB4-4478-B9F3-4AE4B7B7B949}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D51C58A7-E2DA-4F07-AAE3-BDAB2E15606D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D51C58A7-E2DA-4F07-AAE3-BDAB2E15606D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001UA{0134289F-612B-4BD3-8ED9-9E9949D768A5} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-4205546469-3882697476-2674355249-1001UA{0134289F-612B-4BD3-8ED9-9E9949D768A5}" => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => removed successfully
HKLM\System\CurrentControlSet\Services\Bonjour Service => removed successfully
Bonjour Service => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99A416D4-84C3-4787-80E9-530CFA13B6F1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{19138C96-EC2D-4867-A1F0-06E91E5F8331}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13835450 B
Java, Flash, Steam htmlcache => 186112167 B
Windows/system/drivers => 12859571 B
Edge => 0 B
Chrome => 832961249 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5092402 B
NetworkService => 5092402 B
llega => 463512641 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:28:32 ====

#6 Příspěvek od **Rudy** » 07 kvě 2022 10:18

Bylo smazáno, log je již OK.

nothera · #7 Příspěvek od **nothera** » 07 kvě 2022 21:40

Díky za všechno. Bohužel problém přetrvává.

#8 Příspěvek od **Rudy** » 08 kvě 2022 10:16

Ještě zkuste vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe , https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

#9 Příspěvek od **Rudy** » 09 kvě 2022 09:43

JRT není malware, běžně ho tu používáme. Po dobu práce s ním Avast vypněte.

VIRY.CZ

Možný problém - prosím o kontrolu

Možný problém - prosím o kontrolu

Re: Možný problém - prosím o kontrolu

Re: Možný problém - prosím o kontrolu

Re: Možný problém - prosím o kontrolu

Re: Možný problém - prosím o kontrolu

Re: Možný problém - prosím o kontrolu

Re: Možný problém - prosím o kontrolu

Re: Možný problém - prosím o kontrolu

Re: Možný problém - prosím o kontrolu