Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2025
Ran by randa (administrator) on RANDAAL-PC (ASUS All Series) (20-07-2025 11:11:02)
Running from C:\Users\randa\Downloads\FRST64.exe
Loaded Profiles: randa
Platform: Microsoft Windows 10 Pro Version 22H2 19045.6093 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\M-Audio\M-Track 2X2\AudioDevMon.exe ->) (inMusic Brands Inc -> M-Audio) C:\Program Files (x86)\M-Audio\M-Track 2X2\DeviceControlServer.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Google\Drive File Stream\111.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\111.0.2.0\crashpad_handler.exe
(C:\Program Files\Logitech Gaming Software\LCore.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(C:\Program Files\Logitech Gaming Software\LCore.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Google LLC -> Google LLC.) C:\Program Files\Google\Drive File Stream\111.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (CANON INC. -> CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (inMusic Brands Inc -> M-Audio) C:\Program Files (x86)\M-Audio\M-Track 2X2\AudioDevMon.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\3DPrintService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_fcb8b2221bca6b43\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2502.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2528.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9524616 2025-07-08] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\111.0.2.0\GoogleDriveFS.exe [66819680 2025-07-16] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\111.0.2.0\GoogleDriveFS.exe [66819680 2025-07-16] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4698720 2025-06-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\111.0.2.0\GoogleDriveFS.exe [66819680 2025-07-16] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\Run: [MicrosoftEdgeAutoLaunch_EB0077317E7956613A74AB66B73002B4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4113480 2025-07-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\Run: [GoogleChromeAutoLaunch_8238FF58822C7379CAC264E5B1E8E8C6] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3196512 2025-07-07] (Google LLC -> Google LLC)
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\MountPoints2: {a168c371-b8e3-11ec-92b3-40e23013bea2} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\111.0.2.0\GoogleDriveFS.exe [66819680 2025-07-16] (Google LLC -> Google LLC.)
HKLM\...\Print\Monitors\3D Port: C:\Windows\system32\3dmon.dll [1279672 2018-09-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [152064 2012-09-26] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon WSD Language Monitor: C:\Windows\system32\cnnx0_flm.dll [1367040 2012-10-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1006080 2012-08-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [47896 2021-09-23] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.158\Installer\chrmstp.exe [2025-07-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {FC209194-D00E-4A3B-9439-E9E99B610AE2} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --sapCode=PPRO --productVersion=23.5 --productPlatform=win64 --appletID=AppsPanel_BL --appletVersion=1.0 --appMode=Uninstall (No File)
Task: {1BC65C69-1465-45C7-BBC6-BB75756B79F8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {2F24FAA9-6CD5-42E4-9190-A83BC68FFB85} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "d7e59b50-8786-482f-a975-e70089d440c4" --version "6.37.0.11523" --silent
Task: {0AE9665A-7746-4E52-8B4D-06FD9D9DD109} - System32\Tasks\CCleanerSkipUAC - randa => C:\Program Files\CCleaner\CCleaner.exe [39562464 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {45CA344A-F753-41F4-9DDA-4BC8FB2D7765} - System32\Tasks\DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.129{8254B611-EEE7-4F58-98DE-A4F1824813B2} => C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {306ED143-CDDC-44A5-8B8B-B1D17BA4953A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7272.0{F2C6D8F2-C68D-403E-B15C-08E8E9DEE6AE} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7272.0\updater.exe [6836832 2025-07-01] (Google LLC -> Google LLC)
Task: {D3534BAF-B76A-4447-971D-D1F31D718EA3} - System32\Tasks\Launch Adobe CCXProcess => "C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" (No File)
Task: {D801CB8D-DB7F-4E0B-B2AB-15C7007E7E3E} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-4290985883-377899916-2755398409-1001 => C:\Users\randa\AppData\Local\Programs\Messenger\MessengerHelper.exe [2192632 2024-09-17] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {513C53A1-C9AF-4996-B688-F673C498ED83} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [10453864 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCA31474-5210-49EE-B6A2-63B4B1E2BB40} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583832 2025-07-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D1CDAB4-637A-4677-A12D-B6D9266D2AC6} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\opushutil.exe [61304 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA49FEED-AA19-425F-9CA4-9C08792CA137} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583832 2025-07-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {8833CFCE-C3C3-4FDA-B702-BC125C059FDE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D6E85DE-9D56-4958-A45A-0DAB19FB5FB9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {53B19BB2-39FE-4FC8-BC88-F1F81FE4A610} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {295324D1-0758-49E8-9470-462584EF8B35} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {357AF9B8-9927-4D1C-B4B6-BC6DCDEB482A} - System32\Tasks\Microsoft\Windows\Clip\ClipESUConsumer => C:\Windows\system32\ClipESUConsumer.exe [283008 2025-07-09] (Microsoft Windows -> Microsoft Corporation)
Task: {37536D6C-7761-43FE-A93D-3C3005778CD7} - System32\Tasks\Microsoft\Windows\Clip\ClipEsuConsumerProcessPreOrder => C:\Windows\system32\ClipESUConsumer.exe [283008 2025-07-09] (Microsoft Windows -> Microsoft Corporation)
Task: {4744311F-9728-4D41-804F-59BD2DFE2CD5} - System32\Tasks\Microsoft\Windows\Clip\ClipEsuConsumerProcessRefund => C:\Windows\system32\ClipESUConsumer.exe [283008 2025-07-09] (Microsoft Windows -> Microsoft Corporation)
Task: {079B7EB2-4AC1-46C1-B15C-C085654F9540} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-07-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A830F4BF-14FB-41D5-9326-42C7F4CBECAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-07-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {899CC6C4-3800-4471-A554-7086C206766F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-07-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B024D14-EF7D-4834-B4B9-9C02E1340064} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-07-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C25F260D-4107-433E-8034-836627164425} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3275808 2025-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDE69216-7CA4-474C-B21B-72DD86B96B63} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4290985883-377899916-2755398409-1001 => C:\Users\randa\AppData\Local\Microsoft\OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF8E8085-A2F1-4812-9B4A-9B49AF3816BC} - System32\Tasks\Ubisoft\Ubisoft Connect Background Update => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe [17375928 2025-07-07] (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.2.1 172.20.1.1
Tcpip\..\Interfaces\{ba85c2dc-2f38-4bd1-826d-4f6a68461406}: [DhcpNameServer] 10.0.2.1 172.20.1.1
Tcpip\..\Interfaces\{fa24461c-32b3-4f92-8b68-c1afaf4c11ea}: [DhcpNameServer] 10.0.2.1 172.20.1.1
Edge:
=======
Edge Profile: C:\Users\randa\AppData\Local\Microsoft\Edge\User Data\Default [2025-07-20]
Edge Extension: (Google Docs Offline) - C:\Users\randa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-07]
Edge Extension: (Edge relevant text changes) - C:\Users\randa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-07-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\randa\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-07-19]
CHR Profile: C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-07-19]
CHR StartupUrls: Profile 1 -> "hxxps://docs.google.com/spreadsheets/d/1CyauS8WTm06e11vPmaT0zYRJF_oA-eRIM0GxD7EOmMk/edit#gid=1505247308&range=A113","hxxps://sitehandler-edd.ericsson.net/sh3/page?&cookie=5MHWJqXqUATSleMltRAaY1LBU7Ezt2SpIs_6iGaH9E8","hxxps://docs.google.com/spreadsheets/d/1VdEYqQPD20jIdjJiuM40Oqvf13h46dY-nAyB7wwgMd8/edit#gid=741168265","hxxps://docs.google.com/spreadsheets/d/1mtOR7Ai3WW0I1LMNyARI6Y9PhgoHestH1BVaoR7ZxVI/edit#gid=1332182744","hxxps://docs.google.com/spreadsheets/d/1V7hLdsTsymuLU6VR1ie8gDXYsM4wR77h1usSvU_8ZoI/edit#gid=1581613219"
CHR Extension: (uBlock Origin) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-05-21]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-07-06]
CHR Extension: (Google Docs Offline) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-06]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-28]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2025-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Profile: C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-07-20]
CHR Notifications: Profile 2 -> hxxps://calendar.google.com; hxxps://web.whatsapp.com; hxxps://www.netflix.com
CHR StartupUrls: Profile 2 -> "hxxp://www.google.com"
CHR DefaultSearchURL: Profile 2 -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> duckduckgo.com
CHR DefaultNewTabURL: Profile 2 -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Profile 2 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (CS2 Case Opening Stats) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\clcgadagmheefcopmehicmjhimgbifph [2025-06-11]
CHR Extension: (uBlock Origin Lite) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ddkjiahejlhfcafbddmgiahcphecmpfh [2025-07-17]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-07-17]
CHR Extension: (Google Docs Offline) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-17]
CHR Extension: (Převod měn) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2025-02-12]
CHR Extension: (Google Hangouts) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-08-26]
CHR Extension: (mydlink services plugin) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2021-04-02]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2025-07-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-02]
CHR Profile: C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 3 [2025-07-19]
CHR StartupUrls: Profile 3 -> "hxxps://calendar.google.com/calendar/u/0/r/week"
CHR DefaultSearchURL: Profile 3 -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> duckduckgo.com
CHR DefaultNewTabURL: Profile 3 -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Profile 3 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (uBlock Origin) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-07-17]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-07-17]
CHR Extension: (Google Docs Offline) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-17]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\randa\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-04]
CHR Profile: C:\Users\randa\AppData\Local\Google\Chrome\User Data\System Profile [2025-07-19]
CHR HKU\S-1-5-21-4290985883-377899916-2755398409-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4290985883-377899916-2755398409-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 3DPrintService; C:\Windows\system32\3DPrintService.exe [186552 2018-09-11] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944040 2025-07-19] (Adobe Inc. -> Adobe Inc.)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3383952 2025-07-07] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-09-17] (BattlEye Innovations e.K. -> )
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4940760 2012-09-04] (CANON INC. -> CANON INC.)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13045088 2025-07-10] (Microsoft Corporation -> Microsoft Corporation)
R2 DbxSvc; C:\Windows\System32\DbxSvc.exe [58984 2025-04-29] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\228.4.5567\DropboxElevationService.exe [1659280 2025-07-08] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterInternalService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19002976 2025-03-11] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2023-07-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-03-31] (Epic Games Inc. -> Epic Games, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-07-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MTrack2X2AudioDevMon; C:\Program Files (x86)\M-Audio\M-Track 2X2\AudioDevMon.exe [319488 2021-03-11] (inMusic Brands Inc -> M-Audio)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_fcb8b2221bca6b43\Display.NvContainer\NVDisplay.Container.exe [1275016 2025-04-28] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2024-11-28] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [7499752 2024-11-16] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [917440 2025-06-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5964328 2023-05-20] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-07-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-07-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12184416 2023-05-20] (KRAFTON, Inc. -> KRAFTON, Inc)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [148992 2024-05-15] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [File not signed]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2022-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [330112 2025-07-06] (Microsoft Windows -> Microsoft Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
S3 MS3DPrintUSB; C:\Windows\system32\DRIVERS\MS3DPrintUSB.sys [27032 2018-09-11] (WDKTestCert khtran,131008294178295471 -> )
R3 MTRACK2X2; C:\Windows\System32\drivers\MAudioMTrack2X2.sys [246792 2021-03-11] (Microsoft Windows Hardware Compatibility Publisher -> M-Audio)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20032 2025-07-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [612768 2025-07-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2025-07-06] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [1447240 2023-05-20] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S4 CorsairVBusDriver; \SystemRoot\System32\drivers\CorsairVBusDriver.sys [X]
S4 CorsairVHidDriver; \SystemRoot\System32\drivers\CorsairVHidDriver.sys [X]
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X] <==== ATTENTION
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-07-20 11:07 - 2025-07-20 11:08 - 000065451 _____ C:\Users\randa\Downloads\Addition.txt
2025-07-20 11:06 - 2025-07-20 11:11 - 000030471 _____ C:\Users\randa\Downloads\FRST.txt
2025-07-20 11:04 - 2025-07-20 11:11 - 000000000 ____D C:\FRST
2025-07-20 11:01 - 2025-07-20 11:01 - 002409472 _____ (Farbar) C:\Users\randa\Downloads\FRST64.exe
2025-07-20 09:17 - 2025-07-20 09:17 - 000003562 _____ C:\Windows\system32\Tasks\Launch Adobe CCXProcess
2025-07-20 08:46 - 2025-07-20 08:46 - 001640384 _____ (Adobe Inc) C:\Users\randa\Downloads\Reader_en_install.exe
2025-07-19 10:43 - 2025-07-19 10:43 - 000000000 ____D C:\Users\randa\Documents\Heroes of the Storm
2025-07-19 10:20 - 2025-07-19 10:20 - 000003270 _____ C:\Windows\system32\Tasks\Adobe Uninstaller
2025-07-10 17:42 - 2025-07-10 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-07-09 18:34 - 2025-07-09 18:34 - 000023172 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-07-09 18:33 - 2025-07-09 18:33 - 000023172 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2025-07-07 11:34 - 2025-07-07 11:34 - 000000000 ____D C:\Users\randa\Documents\FeedbackHub
2025-07-07 08:57 - 2025-07-07 08:57 - 000000000 ____D C:\Windows\system32\Tasks\Ubisoft
2025-07-07 08:43 - 2023-09-07 10:12 - 007020016 _____ (Geek Uninstaller) C:\Users\randa\Desktop\geek.exe
2025-07-06 22:24 - 2025-07-16 15:08 - 000000090 _____ C:\logUploaderSettings_temp.ini
2025-07-06 22:24 - 2025-07-16 15:08 - 000000090 _____ C:\logUploaderSettings.ini
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-07-20 11:09 - 2022-09-21 02:27 - 000003384 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2025-07-20 11:09 - 2022-09-21 02:27 - 000000670 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2025-07-20 11:09 - 2022-07-20 07:07 - 000000000 ____D C:\Program Files\CCleaner
2025-07-20 11:02 - 2020-10-30 07:15 - 000000000 ____D C:\Program Files (x86)\Steam
2025-07-20 10:52 - 2020-11-13 15:17 - 000000000 ____D C:\Users\randa\AppData\Local\Adobe
2025-07-20 10:48 - 2020-09-27 16:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-07-20 10:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-20 10:47 - 2020-10-28 16:46 - 000000000 ___SD C:\Users\randa\AppData\Roaming\Microsoft\Credentials
2025-07-20 08:57 - 2022-06-21 21:22 - 000000000 ____D C:\Users\randa\AppData\Local\Ubisoft Game Launcher
2025-07-20 08:57 - 2020-10-28 20:40 - 000000000 ____D C:\Users\randa\AppData\Roaming\Corsair
2025-07-20 08:57 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-07-20 08:52 - 2021-12-24 11:32 - 000000000 ____D C:\Windows\SystemTemp
2025-07-20 08:52 - 2020-10-31 06:03 - 000000000 ____D C:\Users\randa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-07-20 08:52 - 2020-10-28 16:48 - 000000000 ____D C:\Users\randa\AppData\Local\Packages
2025-07-20 08:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-07-20 08:51 - 2020-10-28 16:48 - 000841126 _____ C:\Windows\system32\PerfStringBackup.INI
2025-07-20 08:46 - 2020-10-28 20:51 - 000000000 ____D C:\Users\randa\AppData\Roaming\Dropbox
2025-07-20 08:46 - 2020-10-28 20:40 - 000000000 ____D C:\Users\randa\AppData\Local\Dropbox
2025-07-20 08:46 - 2020-10-28 16:54 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-07-20 08:45 - 2024-12-21 22:51 - 000000000 ____D C:\Users\Public\Logi
2025-07-20 08:45 - 2020-10-28 17:02 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-20 08:45 - 2020-09-27 16:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-07-20 08:45 - 2020-09-27 16:33 - 000008192 ___SH C:\DumpStack.log.tmp
2025-07-20 08:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2025-07-19 22:20 - 2020-10-28 21:01 - 000000000 ____D C:\Users\randa\AppData\Local\Battle.net
2025-07-19 17:13 - 2020-11-07 20:58 - 000000000 ____D C:\Users\randa\AppData\Local\D3DSCache
2025-07-19 11:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-19 10:45 - 2022-01-16 17:08 - 000000000 ____D C:\Users\randa\AppData\Roaming\vlc
2025-07-19 10:42 - 2020-10-28 20:55 - 000000000 ____D C:\Users\randa\AppData\Local\Blizzard Entertainment
2025-07-19 10:40 - 2025-01-03 19:22 - 000000000 ____D C:\Users\randa\AppData\Local\M-Audio
2025-07-19 10:40 - 2024-12-21 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2025-07-19 10:40 - 2024-12-21 13:16 - 000000000 ____D C:\Program Files (x86)\M-Audio
2025-07-19 10:40 - 2020-10-28 20:57 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-07-19 10:38 - 2021-01-06 10:03 - 000000000 ____D C:\Users\randa\AppData\Roaming\Geek Uninstaller
2025-07-19 10:37 - 2022-09-10 14:04 - 000000000 ____D C:\Users\randa\AppData\Roaming\com.adobe.dunamis
2025-07-19 10:37 - 2021-11-26 08:53 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-07-19 10:33 - 2020-11-13 15:18 - 000000000 ____D C:\ProgramData\Adobe
2025-07-19 10:29 - 2022-01-19 16:09 - 000000000 ____D C:\Users\Public\Documents\Adobe
2025-07-19 10:26 - 2022-01-19 16:13 - 000000000 ____D C:\Users\randa\Documents\Adobe
2025-07-19 10:18 - 2025-03-19 08:07 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-07-19 10:18 - 2022-07-25 19:23 - 000000000 ____D C:\Windows\Minidump
2025-07-19 10:18 - 2020-10-31 11:02 - 000000000 ____D C:\Users\randa\AppData\Local\CrashDumps
2025-07-19 10:04 - 2020-10-28 16:46 - 000000000 ____D C:\Users\randa
2025-07-19 09:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2025-07-18 06:55 - 2020-09-27 16:36 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-07-17 18:31 - 2020-11-13 15:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-07-17 18:28 - 2021-02-22 19:23 - 000000000 ____D C:\Users\randa\AppData\LocalLow\Temp
2025-07-16 19:55 - 2021-10-05 06:52 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-07-16 15:08 - 2025-02-06 01:15 - 000003570 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-4290985883-377899916-2755398409-1001
2025-07-16 15:08 - 2024-11-13 09:14 - 000002419 _____ C:\Users\randa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-07-16 15:08 - 2021-12-11 07:43 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4290985883-377899916-2755398409-1001
2025-07-16 15:08 - 2020-10-28 16:50 - 000003368 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4290985883-377899916-2755398409-1001
2025-07-10 18:36 - 2025-03-14 17:51 - 000403832 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_8.dll
2025-07-10 18:36 - 2022-10-20 18:19 - 000121208 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2025-07-10 18:36 - 2022-10-20 18:19 - 000076176 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2025-07-10 18:36 - 2021-11-25 14:09 - 002918776 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2025-07-10 18:36 - 2021-11-25 14:09 - 000817552 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2025-07-10 18:36 - 2021-11-25 14:09 - 000272760 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2025-07-10 18:36 - 2021-11-25 14:09 - 000244088 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2025-07-10 18:36 - 2021-11-25 14:09 - 000166264 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2025-07-10 17:42 - 2020-10-28 20:40 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-07-10 17:40 - 2020-09-27 16:38 - 000000000 ____D C:\ProgramData\Packages
2025-07-09 23:58 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-07-09 23:57 - 2020-09-27 16:33 - 000442544 _____ C:\Windows\system32\FNTCACHE.DAT
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2025-07-09 23:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-07-09 23:56 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2025-07-09 18:36 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2025-07-09 18:33 - 2020-09-27 16:36 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-07-07 10:07 - 2022-02-21 16:27 - 000000000 ____D C:\ProgramData\Battle.net_components
2025-07-07 09:59 - 2020-10-28 17:01 - 000000000 ____D C:\ProgramData\Package Cache
2025-07-07 09:58 - 2020-10-28 16:54 - 000000000 ____D C:\Program Files\Google
2025-07-07 09:01 - 2022-06-22 11:31 - 000000000 ____D C:\Users\randa\AppData\Roaming\EasyAntiCheat
2025-07-07 08:36 - 2022-07-20 07:07 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2025-07-06 14:32 - 2020-09-27 16:34 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-07-06 14:29 - 2022-02-16 13:57 - 000000000 ____D C:\Program Files\RUXIM
==================== Files in the root of some directories ========
2022-04-10 09:02 - 2023-03-27 13:26 - 000000128 _____ () C:\Users\randa\AppData\Roaming\winscp.rnd
2020-12-05 13:37 - 2022-06-30 20:04 - 000007605 _____ () C:\Users\randa\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2025
Ran by randa (20-07-2025 11:12:03)
Running from C:\Users\randa\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.6093 (X64) (2020-10-28 14:42:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4290985883-377899916-2755398409-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4290985883-377899916-2755398409-503 - Limited - Disabled)
Guest (S-1-5-21-4290985883-377899916-2755398409-501 - Limited - Enabled)
randa (S-1-5-21-4290985883-377899916-2755398409-1001 - Administrator - Enabled) => C:\Users\randa
WDAGUtilityAccount (S-1-5-21-4290985883-377899916-2755398409-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.34.223.5 - Broadcom Corporation)
Canon MF8200C Series (HKLM\...\{C2938963-3BB0-41cd-9769-E28814C59075}) (Version: 4.2.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 6.37 - Piriform)
Dexed version 0.9.8 (HKLM\...\Dexed_is1) (Version: 0.9.8 - Digital Suburban)
Discord (HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 228.4.5567 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.411.0.5924 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{2da5c03a-a437-48b6-85b8-7fafff95de5e}) (Version: 13.411.0.5924 - Electronic Arts)
Easy Woodworking Design Version 2.08 (HKLM-x32\...\EWDesign_ID_is1) (Version: 2.08 - )
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla 3.62.2 (HKLM-x32\...\FileZilla Client) (Version: 3.62.2 - Tim Kosse)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 138.0.7204.158 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 111.0.2.0 - Google LLC)
iCarsoft_MSDIAG_PCClientKits (HKLM-x32\...\{C108F6F0-9B39-4BD7-8FF8-54EB0452A81F}) (Version: 3.25.000 - iCarsoft)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{54EC951C-4197-4AA4-803B-101F127BBB38}) (Version: 11.0.6.1194 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{335F9123-9306-4DB0-AF07-9C636317EE9D}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Java(TM) SE Development Kit 16.0.2 (64-bit) (HKLM\...\{84539E3B-68B6-54F1-9CA3-EA920673C714}) (Version: 16.0.2.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
M-Audio M-Track 2X2 1.0.13 (HKLM\...\{1EEB026E-64E8-40B0-B2A6-DBB57281FDF0}) (Version: 1.0.13 - M-Audio)
Messenger (HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 215.6.643112060 - Facebook, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 138.0.3351.95 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 138.0.3351.95 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.18925.20168 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\OneDriveSetup.exe) (Version: 25.115.0615.0002 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - )
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
NVIDIA App 11.0.3.232 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.3.232 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.10920.35420203 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10920.35420203 - NVIDIA Corporation)
NVIDIA Graphics Driver 576.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 576.28 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18925.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Pivot Animator version 4.2.8 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.2.8 - Motus Software Ltd)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.97.2200 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.7.8 - Rockstar Games)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spitfire Audio version 3.3.10 (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.3.10 - Spitfire Audio Holdings Ltd)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAL-NoiseMaker (AAX 64bit) (HKLM\...\{9A187519-AA1A-4BAD-A6E7-E6B559E9A087}) (Version: 1.3.7 - TAL Software GmbH)
TAL-NoiseMaker (VST3 64bit) (HKLM\...\{D220E255-AEB3-485F-9FDE-6C1FE37D5D04}) (Version: 1.0.0 - TAL Software GmbH)
Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.1.3 - Electronic Arts, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 114.1 - Ubisoft)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WinRAR 6.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.0 - win.rar GmbH)
WinSCP 5.19.6 (HKLM-x32\...\winscp3_is1) (Version: 5.19.6 - Martin Prikryl)
Chrome apps:
============
Prezentace (HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\bdcd642073d5afaeb0c8eeae4df38364) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\019b192ec53a5449cd5ea891332a3d87) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\d76cd2ea53d3b896c3d65a7b4e2c7576) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-21] (Adobe Systems Incorporated)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-07-10] (Dropbox Inc.)
Local Artificial Intelligence Manager -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\AI [2025-07-06] ()
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.1.0.0_x64__8xx8rvfyw5nnt [2025-03-12] (Meta)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_2.2.2.0_x64__8wekyb3d8bbwe [2025-02-18] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-31] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-11] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2025-07-17] ()
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-06-13] (Microsoft Corporation)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.682.535.0_x64__55nm5eh3cm0pr [2025-07-19] (Roblox Corporation)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.18.194.0_x64__43tkc6nmykmb6 [2024-02-18] (Ookla)
Spotify - Music and Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0 [2025-07-17] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2528.4.0_x64__cv1g1gvanyjgm [2025-07-19] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4290985883-377899916-2755398409-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => Z:\Dropbox [2025-07-19 09:57]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-07-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-07-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-07-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-07-19] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\111.0.2.0\drivefsext.dll [2025-07-16] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_fcb8b2221bca6b43\nvshext.dll [2025-04-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-07-19] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\randa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\randa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\mydlink services plugin.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=ldibdoepbjbkkcbgndfljnphngpglhbb
ShortcutWithArgument: C:\Users\randa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Handyman - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\randa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Marek (Marek Dinare) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\randa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Randaal - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
==================== Loaded Modules (Whitelisted) =============
2018-10-05 10:13 - 2018-10-05 10:13 - 000144896 _____ () [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll
2018-10-05 10:13 - 2018-10-05 10:13 - 000077824 _____ () [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll
2021-03-24 08:12 - 2012-09-26 15:02 - 000152064 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNCENPM6.dll
2020-11-13 15:36 - 2020-11-13 15:36 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-11-13 15:36 - 2020-11-13 15:36 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2025-05-06 15:56 - 2025-05-06 15:56 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2025-03-01 08:19 - 2025-05-06 15:56 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2018-10-05 10:13 - 2018-10-05 10:13 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\LIBCURL.dll
2018-10-05 10:13 - 2018-10-05 10:13 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\LIBEAY32.dll
2018-10-05 10:13 - 2018-10-05 10:13 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LAClient\SSLEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\randa\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\randa\Desktop\Screenshot 2021-05-29 21.15.31.png:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\randa\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-07-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2025-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 10.0.2.1 - 172.20.1.1
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Broadcom 802.11ac Network Adapter -> bcmwl63a.sys
Ethernet: Intel(R) Ethernet Connection (2) I218-V -> e1d68x64.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\randa\Dropbox\2025-05-08 20.04.59.png
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\StartupApproved\Run: => "FACEIT"
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_EB0077317E7956613A74AB66B73002B4"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{890C9D94-8A5F-476B-A6C7-10C90746111A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{AD748180-EE6C-4BCB-88DF-76FBFAFBDD99}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{C6C98552-AE64-4BC9-B84E-B8CD6BE29975}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F62F822C-337B-4409-87FF-34C9FD796A7F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D63853AB-3E4A-47C4-8C0C-237C1E3A139C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{116EA1F4-F2B8-4C0C-A4BF-E15EC3D44AC4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8BEB25F8-15D4-4FF4-9424-5CAB9032E490}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{77D04562-1653-4708-B62F-50E34F26A658}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{88358E57-1B2B-482B-A45D-5273D3C7CBF1}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{4D35FCF9-22A7-489C-9CD5-D8B79A6317A5}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{866880F5-3707-4868-B725-3FD152D91D91}] => (Allow) C:\Program Files\Canon\DIAS\CnxDIAS.exe (CANON INC. -> CANON INC.)
FirewallRules: [TCP Query User{004ACA28-B04D-46E1-BFA6-DBBF68F381E1}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{87FD5188-6084-4D9F-B003-B8DB7FDEB96F}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{032896C6-69B4-4A91-8AC6-D49DAA47503F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{C2BFAF4F-E2C0-4EEF-BFF6-74C4715D9E5F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{E3ECBCB3-06EA-4961-98AC-738F480264EB}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{A44068E6-C493-4C68-81A4-E1FFC6E69795}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{4A2562F8-B8E9-4D16-8A41-4FD7339D2226}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{0B7259C6-DB4D-47F5-A0FE-1AEAA392FC1F}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{3F3B562A-15B8-4AA0-A70E-BC4D2640AF54}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{07A43592-A101-4EA6-8343-93BB03CA6B3C}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{81439966-9228-4B8C-9E7F-F4EE4B1B3F13}] => (Allow) Z:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{D9756A04-FEC7-42D2-BA67-00FE50E29106}] => (Allow) Z:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{1D02FA82-A607-422F-A30B-5D813226CC71}] => (Allow) Z:\SteamLibrary\steamapps\common\OpenTTD\openttd.exe (OpenTTD Distribution Ltd -> OpenTTD Development Team)
FirewallRules: [{63E0FCB3-0534-4B26-A07F-24782480B16C}] => (Allow) Z:\SteamLibrary\steamapps\common\OpenTTD\openttd.exe (OpenTTD Distribution Ltd -> OpenTTD Development Team)
FirewallRules: [{D24AB850-B933-4753-9A7E-DE9520DF2D8F}] => (Allow) Z:\SteamLibrary\steamapps\common\Goose Goose Duck\Goose Goose Duck.exe (Gaggle Studios, Inc. -> )
FirewallRules: [{231B4B07-77EC-438B-B31C-7868E6FA0A98}] => (Allow) Z:\SteamLibrary\steamapps\common\Goose Goose Duck\Goose Goose Duck.exe (Gaggle Studios, Inc. -> )
FirewallRules: [{A4C0904B-1AEE-4B04-BAF9-9398D7C87385}] => (Allow) Z:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{AC22CCA6-7822-4382-9F8F-7EE336787703}] => (Allow) Z:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{6007E421-C126-487F-900C-D919AE78AAE2}] => (Allow) Z:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties, LLC -> Epic Games, Inc.)
FirewallRules: [{897F4324-9028-49FE-AD2F-93556A5B01D5}] => (Allow) Z:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties, LLC -> Epic Games, Inc.)
FirewallRules: [{77F5729C-C077-4EC8-AB99-780DB5419C0B}] => (Allow) Z:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{4AFB0A49-CF52-432A-BC0F-CF301C0B59E8}] => (Allow) Z:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1F90FF61-5A8D-4594-B80B-57EF576404E0}] => (Allow) Z:\SteamLibrary\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{DBC34613-A434-43FE-A3CA-D89E0BE7B06A}] => (Allow) Z:\SteamLibrary\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [TCP Query User{A2F89E0F-0349-4C01-B748-DDA65DB84721}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2EA20742-B3E8-4D24-9607-B834789EE642}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{72C25F11-0BEE-42B0-A9F1-8EF9708DEA0E}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{1B37DDF7-87EE-4457-99A8-230D3E532B17}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{B3873F84-565A-4AFE-AFB7-434BC095CE06}] => (Allow) Z:\SteamLibrary\steamapps\common\Goose Goose Duck\GGDLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{0781C0E6-07E6-4115-B03F-16DFAE340E31}] => (Allow) Z:\SteamLibrary\steamapps\common\Goose Goose Duck\GGDLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6EFF3BF2-14A8-45D5-BA31-223A19E00032}Z:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) Z:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{7A12A6EC-E42F-446B-AB98-0A066F29F6A3}Z:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) Z:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{EEE57AC9-58A7-448C-AC35-AFE5ED50F356}] => (Allow) Z:\SteamLibrary\steamapps\common\TheImpossibleGame\ImpossibleGame.exe () [File not signed]
FirewallRules: [{F0119131-4BCA-465D-8794-B03AC8256F8A}] => (Allow) Z:\SteamLibrary\steamapps\common\TheImpossibleGame\ImpossibleGame.exe () [File not signed]
FirewallRules: [{BFA8CF92-4475-4F68-8303-5FBAE16E8193}] => (Allow) Z:\SteamLibrary\steamapps\common\Super Meat Boy\SuperMeatBoy.exe () [File not signed]
FirewallRules: [{1C924526-CAC9-4B46-AFA5-924D5DD0C448}] => (Allow) Z:\SteamLibrary\steamapps\common\Super Meat Boy\SuperMeatBoy.exe () [File not signed]
FirewallRules: [{6FA020B3-98BA-46EF-A8EE-A1457D7DD4A9}] => (Allow) Z:\Games\EA\Titanfall2\Titanfall2.exe (Respawn Entertainment, LLC -> Respawn Entertainment)
FirewallRules: [{712585C7-51FA-4234-B02B-F09D34435998}] => (Allow) Z:\Games\EA\Titanfall2\Titanfall2.exe (Respawn Entertainment, LLC -> Respawn Entertainment)
FirewallRules: [{45F7E54A-CD5E-4C4A-B493-C29BF3620DE5}] => (Allow) Z:\Games\EA\Titanfall2\Titanfall2_trial.exe (Respawn Entertainment, LLC -> Respawn Entertainment)
FirewallRules: [{8FB0A577-B044-4D8B-980B-75EC32232FBC}] => (Allow) Z:\Games\EA\Titanfall2\Titanfall2_trial.exe (Respawn Entertainment, LLC -> Respawn Entertainment)
FirewallRules: [{FEFD1CCF-0140-4EEA-9E36-2EE789C9C0BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C364B9B8-0DAE-48A0-916D-0879ECE44801}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FFA6E191-D359-4E9C-8F3E-A4EB8D0E34F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{755DE515-F907-435E-AB62-199C32A056D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4F867647-FCB3-4795-A10D-B60BE2344CD9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{94C66149-0AC1-403E-81C3-6B21B2616C6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AFE2ACE3-9A1A-4D7F-9C6C-A1EEB193FC84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DCFF6DD2-6744-4BEF-A5DF-3ED62B99805A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5D93306E-62D1-4E48-8606-D954F55F7C2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{49A012FF-42E6-4A6A-9D13-88F592D5C956}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{32E9656C-D37F-4F17-9837-F557252E61D5}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [UDP Query User{A2239B51-6AA5-4424-B987-1FDD0E93A294}C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) C:\users\randa\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [{94CB56FE-9427-46BF-BDD2-7D44435818F9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B7245BD2-C43A-45FF-9703-554F257DD433}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{10625028-406F-4034-8C5E-E51798504B2B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{18D6D929-8C10-4F5A-BC6A-4958BB80F761}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{6562025F-F73F-46A5-9D1A-F9F0225DF04E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{65171508-0584-435A-BF04-3193DDE92797}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{FE9C5A51-FAA2-4176-B43D-E0467A78AE4E}] => (Allow) Z:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{EBB13530-CA74-40EC-9332-3DA596DFD472}] => (Allow) Z:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{F3244952-7D24-4407-9657-E8166CF1B504}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{44C9F57A-AE2E-48B0-AC05-0136EE2C4FB2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{65ED9F7C-A9BA-4F2C-956B-E5C2D838E335}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A327AB32-2CC1-4905-9F9A-8458CE97AE59}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{406347D5-4DE3-433D-AB4D-393600C5E612}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7C19A229-DA2D-4011-841A-5626A0BACA59}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{448F637C-34E4-4F15-ACDD-ACF923AACECE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5F457A37-F4DF-4C4E-BBB6-0AD6F945A3CE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2CA0DCA9-B6DF-4A02-9449-434E385FBB62}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F9891CEC-9481-4EA8-A1E9-1700AED14371}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7942399C-2399-4CC1-9E00-BF5D321193A2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{D9838617-E0AC-421C-A958-40F857D62D01}G:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe] => (Allow) G:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{1E63B740-8A47-4BF5-A665-C2F39936894D}G:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe] => (Allow) G:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{5E019B90-F139-4CC1-9908-884F38C26E91}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1C013CF-A21F-4F02-824A-0996EB368B18}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85A2A7B5-EFB4-4C7B-AAF2-798542D846BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AEFA15F7-C559-416A-A72F-CF6237BE6B44}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{EC6C3E2B-3075-4D9B-821D-0D7232448FB1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{BDE002FB-FAFD-405F-9C91-A21CE83D981B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D8869B70-8423-4F1D-ADFB-59B78FDF38A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC4AE54B-C246-4943-9D75-2319B7742BA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BAFCAB7E-6E26-4BFA-8043-7875B5C908BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{98C393D8-1FFA-4741-A2E8-1AF9ECDC3DE6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F01BE379-10BC-4A94-B429-3C59C9CEC4DF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E892C4A-7FD6-4CEF-82C5-BA7BF3FCA21C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7C8D6B02-B455-471A-9145-1AE536BF55BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D36602AE-6171-4A94-96CA-546295B5DC36}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFA5E572-F517-4FD3-8D7C-D902DAB266BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.268.528.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2362F8EB-968C-4582-994B-7A749D25A1F7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
19-07-2025 10:17:03 Removed Code 49 Preset Editor 1.0.7
19-07-2025 10:39:51 Removed M-Audio CODE49 Firmware Updater 1.0.2.3
20-07-2025 09:00:18 ##IDS_ERROR_1717##
20-07-2025 09:10:58 Removed Windows PC Health Check
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/17/2025 06:25:35 PM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) The handle is invalid.
Error: (07/17/2025 06:51:42 AM) (Source: DbxSvc) (EventID: 310) (User: )
Description: Failed to get ANSI path for file: C:\Windows\Minidump\a7a4a727-db18-41ef-9d0e-69a07b8f4eaa.dmp
Error: (07/17/2025 06:51:42 AM) (Source: DbxSvc) (EventID: 305) (User: )
Description: Failed to open file: C:\Windows\Minidump\a7a4a727-db18-41ef-9d0e-69a07b8f4eaa.dmp, error: (2) The system cannot find the file specified.
Error: (07/16/2025 02:53:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.6033 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 55bc
Start Time: 01dbf1bfea5a6234
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Report Id: 56287e4a-295f-4eea-9d0d-cbf5504145c2
Faulting package full name: Microsoft.Windows.Search_1.14.18.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: ShellFeedsUI
Hang type: Quiesce
Error: (07/10/2025 06:34:40 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: RANDAAL-PC)
Description: Application or service 'Microsoft Office SDX Helper' could not be shut down.
Error: (07/10/2025 05:42:36 PM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) The handle is invalid.
Error: (07/09/2025 11:56:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..
Error: (07/09/2025 11:56:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
System errors:
=============
Error: (07/20/2025 08:47:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Služba Aktualizace Google (gupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/20/2025 08:47:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Služba Aktualizace Google (gupdate) service to connect.
Error: (07/20/2025 08:45:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The GameInput Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (07/20/2025 08:45:20 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The GameInput Service service terminated with the following error:
The compound file GameInput Service was produced with a newer version of storage.
Error: (07/20/2025 08:44:48 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT AUTHORITY)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
Error: (07/20/2025 08:45:18 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:33:43 PM on 7/19/2025 was unexpected.
Error: (07/20/2025 08:44:42 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (07/19/2025 06:15:32 PM) (Source: Schannel) (EventID: 4113) (User: RANDAAL-PC)
Description: The certificate received from the remote server has either expired or is not yet valid. The TLS connection request has failed. The attached data contains the server certificate.
Windows Defender:
================
Date: 2025-07-19 15:13:44
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days
Date: 2025-07-16 20:59:26
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days
Date: 2025-07-11 16:32:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days
Date: 2025-07-09 18:29:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: RPC connection rundown
Date: 2025-06-13 19:07:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days
CodeIntegrity:
===============
Date: 2025-06-11 21:31:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\225.4.4896\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2025-05-23 12:20:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\224.4.4811\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2025-05-13 22:21:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\223.4.4909\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-23 21:09:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\222.4.5042\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-11 07:49:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\221.4.5365\vulkan-1.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 3501 12/02/2016
Motherboard: ASUSTeK COMPUTER INC. RAMPAGE V EXTREME
Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 25%
Total physical RAM: 32680.34 MB
Available physical RAM: 24215.27 MB
Total Virtual: 37544.34 MB
Available Virtual: 27659.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.03 GB) (Free:71.38 GB) (Model: INTEL SSDSC2BW240A4) NTFS
Drive f: () (Removable) (Total:14.68 GB) (Free:13.25 GB) FAT32
Drive g: (Games) (Fixed) (Total:238.46 GB) (Free:163.85 GB) (Model: Crucial_CT256MX100SSD1) NTFS
Drive h: () (Fixed) (Total:111.77 GB) (Free:111.68 GB) (Model: KINGSTON SH103S3120G) NTFS
Drive z: (Randaal Data) (Fixed) (Total:3726.01 GB) (Free:1769.04 GB) (Model: WDC WD40EFAX-68JH4N1) NTFS
\\?\Volume{34f5dcd3-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{34f5dcd3-0000-0000-0000-40c537000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{06dd910e-6535-11f0-938b-40e23013bea2}\ (randaal.cz@gmail.com - Google...) (Fixed) (Total:15 GB) (Free:7.65 GB) FAT32
\\?\Volume{06dd911c-6535-11f0-938b-40e23013bea2}\ (randaalspolecny@gmail.com - G...) (Fixed) (Total:15 GB) (Free:15 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 34F5DCD3)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=498 MB) - (Type=27)
==========================================================
Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: AA8C9820)
Partition: GPT.
==========================================================
Disk: 3 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 14.7 GB) (Disk ID: FF9AE592)
Partition 1: (Active) - (Size=14.7 GB) - (Type=FAT32)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu - zpomalenejsi PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o kontrolu - zpomalenejsi PC
Ahoj,
pouzi fixlist.txt s obsahom:
Start
CloseProcesses:
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\MountPoints2: {a168c371-b8e3-11ec-92b3-40e23013bea2} - "F:\HiSuiteDownLoader.exe"
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
S4 CorsairVBusDriver; \SystemRoot\System32\drivers\CorsairVBusDriver.sys [X]
S4 CorsairVHidDriver; \SystemRoot\System32\drivers\CorsairVHidDriver.sys [X]
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X] <==== ATTENTION
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]
AlternateDataStreams: C:\Users\randa\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\randa\Desktop\Screenshot 2021-05-29 21.15.31.png:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\randa\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
EmptyTemp:
End
pouzi fixlist.txt s obsahom:
Start
CloseProcesses:
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
HKU\S-1-5-21-4290985883-377899916-2755398409-1001\...\MountPoints2: {a168c371-b8e3-11ec-92b3-40e23013bea2} - "F:\HiSuiteDownLoader.exe"
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
S4 CorsairVBusDriver; \SystemRoot\System32\drivers\CorsairVBusDriver.sys [X]
S4 CorsairVHidDriver; \SystemRoot\System32\drivers\CorsairVHidDriver.sys [X]
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X] <==== ATTENTION
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]
AlternateDataStreams: C:\Users\randa\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\randa\Desktop\Screenshot 2021-05-29 21.15.31.png:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\randa\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
EmptyTemp:
End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosim o kontrolu - zpomalenejsi PC
Super 
Mozes este preventivne s prikazoveho riadku spusteneho ako spravca zadat:
sfc /scannow
…a to bude vsetko
Mozes este preventivne s prikazoveho riadku spusteneho ako spravca zadat:
sfc /scannow
…a to bude vsetko
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosim o kontrolu - zpomalenejsi PC
Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.
Je k necemu to zkopirovat sem nebo je hlavni to, ze to proste bylo opravene?
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.
Je k necemu to zkopirovat sem nebo je hlavni to, ze to proste bylo opravene?
Re: Prosim o kontrolu - zpomalenejsi PC
B je spravne - nic nemusis kopirovat 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosim o kontrolu - zpomalenejsi PC
dekuji moc za pomoc 
ten cmd prikaz ma smysl prubezne spustit?
ten cmd prikaz ma smysl prubezne spustit?
Re: Prosim o kontrolu - zpomalenejsi PC
Rado sa stalo 
sfc mozes obcasne spustit - postaci 1-2x rocne
sfc mozes obcasne spustit - postaci 1-2x rocne
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?