Pomalé PC

[Rudy]

Ještě je možná defragmentace disku.

[Petura]

Zkusím po vánocích, zatím teda děkuji.

[Rudy]

OK. Nemáte zač'

[Petura]

Zdravím, jsem tu zpět tentokrát s notebookem přítelkyně....je brutálně poamaly, prosím o pročištění, díky.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Ran by HP (administrator) on NTB-4CZ1360F65 (Hewlett-Packard HP ProBook 6560b) (25-12-2021 19:57:54)
Running from C:\Users\HP\Downloads
Loaded Profiles: HP
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1415 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ABLE SUN HOLDINGS LTD -> Able Sun Holdings Ltd.) C:\Program Files (x86)\MP3Studio YouTube Downloader\MP3StudioDownloader.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{350146D0-6666-403C-BDA4-E392D2BF0436}\EDGEMITMP_0F83A.tmp\setup.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{350146D0-6666-403C-BDA4-E392D2BF0436}\MicrosoftEdge_X64_96.0.1054.62_96.0.1054.57.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" (No File)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-24] (IDT, Inc.) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-08-08] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HarmonyUserStartup] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [34520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [CsrHCRPServer] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [330960 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [CsrSyncMLServer] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [202448 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM-x32\...\Run: [CsrAudioguiCtrl] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [480464 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [vksts] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\vksts.exe [24256 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [TrayApplication] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [499408 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKU\S-1-5-21-2953877804-1382628211-309411190-1007\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2953877804-1382628211-309411190-1007\...\Run: [MP3Studio YouTube Downloader] => C:\Program Files (x86)\MP3Studio YouTube Downloader\MP3StudioDownloader.exe [1659280 2020-11-13] (ABLE SUN HOLDINGS LTD -> Able Sun Holdings Ltd.)
HKU\S-1-5-21-2953877804-1382628211-309411190-1007\...\MountPoints2: {1eb43851-f9a1-11ea-a952-441ea1cfc221} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2953877804-1382628211-309411190-1007\...\MountPoints2: {7884f96b-3780-11ec-a978-441ea1cfc221} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\WINDOWS\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {32AC9781-C1B9-46E0-BA1F-02771321FDC2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {4B704B2D-F4B1-4376-B12C-2186FD6E4580} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953877804-1382628211-309411190-1007 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4074344 2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {66EBB1D9-F412-4F0D-A4B3-86C6B4706612} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-03-24] (Google Inc -> Google Inc.)
Task: {8C3D8087-C813-47A5-B850-3612A6EDCAEE} - System32\Tasks\kpm_tray.exe => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe [622168 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {AB20C8AE-A81F-41C8-AB8B-C4066180AF5B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {B25D4D15-76D8-4FF9-B03D-9AFC09E255A3} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4074344 2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCE21BDD-4738-42DB-A024-913BC222208E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {BD4256AD-FBEF-4DD4-B0F8-20480E677427} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {CF1BB2E4-88BB-4A0D-BCAF-4C05152AD824} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {F8DAF4B3-AFCE-4539-BAB2-1990E8A18C92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-03-24] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1d39078c-8789-4fa0-8004-b3d0ffdc184b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{22621a1b-83ce-45d5-a88b-f053ee1386b7}: [DhcpNameServer] 192.168.123.1 1.1.1.1 8.8.8.8

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-25]
Edge Extension: (Ochrana Kaspersky) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-12-25]
Edge HKU\S-1-5-21-2953877804-1382628211-309411190-1007\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: y9w1qtmk.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\y9w1qtmk.default [2020-05-17]
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\uvfazf5d.default-release [2021-12-25]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-05-17] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-05-17] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2021-10-13]
CHR Extension: (Prezentace) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-15]
CHR Extension: (Ochrana Kaspersky) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-10-05]
CHR Extension: (Dokumenty) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-15]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-15]
CHR Extension: (Tabulky) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe [184768 2021-06-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncHelper.exe [3280760 2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-09-17] (Huawei Technologies Co., Ltd. -> )
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [357272 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\OneDriveUpdaterService.exe [3737976 2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 johci; C:\WINDOWS\System32\drivers\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [689976 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLHK; C:\WINDOWS\System32\drivers\klhk.sys [1507648 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2021-12-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-06-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [276064 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [314040 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [113976 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [225648 2021-12-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [543744 2012-10-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
S3 ohci1394; \SystemRoot\System32\drivers\ohci1394.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-25 19:57 - 2021-12-25 20:04 - 000025331 _____ C:\Users\HP\Downloads\FRST.txt
2021-12-25 19:54 - 2021-12-25 20:02 - 000000000 ____D C:\FRST
2021-12-25 19:52 - 2021-12-25 19:53 - 002311168 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2021-12-25 19:50 - 2021-12-25 19:50 - 002019328 _____ (Farbar) C:\Users\HP\Downloads\FRST.exe
2021-12-16 21:15 - 2021-12-25 19:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-16 00:51 - 2021-12-16 00:51 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-15 13:12 - 2021-12-15 13:12 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-15 13:11 - 2021-12-15 13:11 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-15 13:08 - 2021-12-15 13:08 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-15 13:08 - 2021-12-15 13:08 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-15 11:56 - 2021-12-15 11:56 - 000000000 ___HD C:\$WinREAgent
2021-12-11 22:33 - 2021-12-11 22:33 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2953877804-1382628211-309411190-1007
2021-12-02 20:31 - 2021-12-02 20:54 - 000000000 ____D C:\WINDOWS\Minidump
2021-12-02 20:31 - 2021-12-02 20:52 - 001390356 _____ C:\WINDOWS\Minidump\120221-72484-01.dmp
2021-12-02 20:31 - 2021-12-02 20:31 - 847342469 _____ C:\WINDOWS\MEMORY.DMP
2021-11-25 11:06 - 2021-11-25 11:06 - 000314040 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-11-25 11:05 - 2021-12-01 19:30 - 000225648 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-11-25 11:05 - 2021-11-25 11:05 - 000276064 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-11-25 11:05 - 2021-11-25 11:05 - 000113976 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-25 20:02 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-25 20:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-25 20:00 - 2020-06-09 00:47 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-25 20:00 - 2020-06-09 00:47 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-25 20:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-25 19:47 - 2020-05-17 08:44 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-25 19:46 - 2021-10-17 13:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-25 19:46 - 2020-05-17 08:44 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-25 19:46 - 2020-05-17 08:44 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla
2021-12-25 19:37 - 2021-03-08 02:32 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-25 19:37 - 2020-03-24 12:11 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-25 19:37 - 2019-12-07 15:43 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-25 19:37 - 2019-12-07 15:43 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-25 19:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-25 19:33 - 2021-03-08 02:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-16 21:08 - 2020-06-26 01:06 - 000000000 ____D C:\Users\HP\AppData\Roaming\MP3Studio
2021-12-16 01:07 - 2020-06-26 01:06 - 000000000 ____D C:\Users\HP\Documents\YouTubeDownloads
2021-12-16 01:05 - 2020-05-17 08:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-16 01:05 - 2020-05-13 16:17 - 000000000 ___RD C:\Users\HP\OneDrive
2021-12-16 00:57 - 2021-03-08 02:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-16 00:57 - 2021-03-08 02:13 - 000477048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-16 00:56 - 2021-06-21 22:50 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-12-16 00:56 - 2021-03-08 02:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-16 00:55 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-16 00:52 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-16 00:49 - 2021-03-08 02:19 - 000000000 ____D C:\Users\HP
2021-12-15 22:24 - 2020-03-24 12:12 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-15 22:24 - 2020-03-24 12:12 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-15 14:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 11:02 - 2020-02-24 22:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-15 10:47 - 2020-02-24 22:59 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-11 00:46 - 2021-04-26 02:32 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d713ba56ce53a5
2021-12-11 00:46 - 2021-03-08 02:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-09 00:29 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-06 21:18 - 2021-03-08 02:49 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-12-06 21:18 - 2020-06-26 23:12 - 000002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-01 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2021
Ran by HP (25-12-2021 20:12:28)
Running from C:\Users\HP\Downloads
Microsoft Windows 10 Pro Version 20H2 19042.1415 (X64) (2021-03-08 01:50:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2953877804-1382628211-309411190-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2953877804-1382628211-309411190-503 - Limited - Disabled)
Guest (S-1-5-21-2953877804-1382628211-309411190-501 - Limited - Disabled)
HP (S-1-5-21-2953877804-1382628211-309411190-1007 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-2953877804-1382628211-309411190-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Název společnosti:)
CSR Harmony Wireless Software Stack (HKLM-x32\...\{C746BF8D-B0A9-46A7-BF98-F6331514DE2D}) (Version: 2.1.63.0 - Název společnosti:)
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
Fotor 3.4.1 (HKLM-x32\...\Fotor) (Version: 3.4.1 - Everimaging Co., Ltd.)
Google Chrome (HKLM\...\{51BAF2DB-F22D-3A9D-947C-F78F0BF6ECFA}) (Version: 96.0.4664.110 - Google LLC)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
Heritio verze 2.13 (HKLM\...\Heritio_is1) (Version: 2.13 - Martin Veskrna)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.570 - Huawei Technologies Co., Ltd.)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}) (Version: 3.0.3.9925 - Hewlett-Packard Company)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Kaspersky Free (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27024 (HKLM-x32\...\{5fb2083a-f3cc-4b78-93ff-bd9788b5de01}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 95.0.2 (x64 cs)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0.1 - Mozilla)
MP3Studio YouTube Downloader (HKLM-x32\...\{09BB97CF-33A9-488C-B07B-312D084F9001}) (Version: 1.5.11.0 - MP3Studio/) Hidden
MP3Studio YouTube Downloader (HKLM-x32\...\{fa274a80-4b1c-4f1f-adb3-bb8c5f45273b}) (Version: 1.5.11.0 - MP3Studio)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Zoom (HKU\S-1-5-21-2953877804-1382628211-309411190-1007\...\ZoomUMX) (Version: 5.4.2 (58740.1105) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Photoshop Express: Editor obrazů, úpravy, filtry, efekty, okraje -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.5.381.0_x64__ynb6jyjzte8ga [2021-11-02] (Adobe Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.12.41.0_x86__kgqvnymyfvs32 [2021-12-01] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.71.3.0_x86__kgqvnymyfvs32 [2021-12-15] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-11] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.59.43372.0_x64__8wekyb3d8bbwe [2021-12-15] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-01-04] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0 [2021-12-11] (Spotify AB) [Startup Task]
Ultimate Photo Blender / Mixer -> C:\Program Files\WindowsApps\35450PhotoCoolApps.UltimatePhotoBlenderMixer_1.2.0.0_x64__61cxy7b35vdsg [2021-04-17] (Photo Cool Apps)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\shellex.dll [2021-04-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\shellex.dll [2021-04-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\shellex.dll [2021-04-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\shellex.dll [2021-04-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\HP\Favorites\Fotor for desktop.lnk -> hxxp://www.fotor.com/windows/review.htm

==================== Loaded Modules (Whitelisted) =============

2020-05-13 16:19 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2953877804-1382628211-309411190-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2953877804-1382628211-309411190-1007 -> No Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2953877804-1382628211-309411190-1007\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\Desktop\Tapety\800031715.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{6977044F-A262-4252-A680-01E9D7C104DA}C:\users\hp\appdata\roaming\zoom\bin\zoom.exe] => (Block) C:\users\hp\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{9BE10AF1-DAE1-4A2C-A90D-60675983A8FC}C:\users\hp\appdata\roaming\zoom\bin\zoom.exe] => (Block) C:\users\hp\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8626CC80-7A6F-4732-9B33-B745B2ED0AFD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{E70C718D-D8BD-4D94-9396-C5A5824D5834}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{99F68418-DECC-4997-9C9B-E3F839A0638C}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8ABA76FF-05C0-4697-9A8D-32F055EA72C5}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9E52DC3E-317C-47AE-BDB1-84B35BAE6B28}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{64E24626-9CE6-4DD0-B96A-C467E9329D2A}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{95B77093-ED14-411B-B560-DFFAAA028ED7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{326D9404-211F-456B-9C75-9B16678891C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{89171BF5-BCAA-41B7-A8B6-BF4CC3429DEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{99AE5EA9-5634-429B-BE94-E96E3D402615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5DF2BEF-CBB7-4A97-A6BB-0184B012AA05}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{12C95F65-5A96-42A5-8907-4CC8114971E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BD0B135D-3D7B-419E-96B7-E18018AAC4AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBEA362C-A6C9-4B49-89F2-1E9C894EC418}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{32AE246B-9A42-460A-94A6-44CEC3A53A15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A5E0F029-DA76-4696-BD0D-28A4398BF0DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CEE82279-9A83-4FE1-A109-24E8C5DC6587}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DEB08C5-1E11-4518-A463-C8E9E4AD36A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{692529A5-8B91-4EF1-A4A4-0DAA1BB283EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F744BD26-733F-4B39-BB7E-336C03F02EC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A624255B-F6E2-4FD2-94BB-0E8838493CE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

06-12-2021 04:34:56 Naplánovaný kontrolní bod
15-12-2021 04:35:03 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: JMicron OHCI Compliant IEEE 1394 Host Controller
Description: JMicron OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: JMicron Technology Corp.
Service: ohci1394
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/14/2021 09:02:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HP_TOOLS (E:), protože: Tato operace není v tomto systému souborů podporována. (0x89000020)

Error: (12/14/2021 09:02:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/14/2021 08:32:01 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na System Reserved, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/11/2021 09:10:05 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (12/11/2021 09:10:05 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/09/2021 12:24:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1148

Čas spuštění: 01d7e7b3b3fbd591

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

ID hlášení: fbc3b845-50e8-4edb-bbc1-4f49b65fba39

Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (12/07/2021 09:15:32 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HP_TOOLS (E:), protože: Tato operace není v tomto systému souborů podporována. (0x89000020)

Error: (12/07/2021 09:15:31 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (12/25/2021 07:49:37 PM) (Source: DCOM) (EventID: 10010) (User: NTB-4CZ1360F65)
Description: Server {610A06E0-D579-4E30-8AE5-72880327740B} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2021 07:49:36 PM) (Source: DCOM) (EventID: 10010) (User: NTB-4CZ1360F65)
Description: Server {BFF6845D-E49A-4A99-9609-418ED36F1C54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2021 07:46:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.

Error: (12/25/2021 07:37:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {BFF6845D-E49A-4A99-9609-418ED36F1C54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2021 07:37:14 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {BFF6845D-E49A-4A99-9609-418ED36F1C54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2021 07:35:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {BFF6845D-E49A-4A99-9609-418ED36F1C54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2021 07:33:20 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {BFF6845D-E49A-4A99-9609-418ED36F1C54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/16/2021 01:06:19 AM) (Source: DCOM) (EventID: 10010) (User: NTB-4CZ1360F65)
Description: Server {610A06E0-D579-4E30-8AE5-72880327740B} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-05-15 00:44:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EB0ABB78-89F6-4DA3-8620-7B0415BE9608}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-05-15 00:32:18
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.707.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2021-05-15 00:32:18
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.707.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2021-05-15 00:32:18
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.707.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2021-12-25 19:39:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-12-25 19:35:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Hewlett-Packard 68SCE Ver. F.67 02/13/2018
Motherboard: Hewlett-Packard 1619
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 79%
Total physical RAM: 4030.36 MB
Available physical RAM: 830.82 MB
Total Virtual: 9150.36 MB
Available Virtual: 4944.23 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:225.06 GB) (Free:65.05 GB) NTFS
Drive d: (FRIENDS_S1_D1) (CDROM) (Total:4.74 GB) (Free:0 GB) UDF
Drive e: (HP_TOOLS) (Fixed) (Total:4.99 GB) (Free:2.12 GB) FAT32

\\?\Volume{3b3af9ad-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{3b3af9ad-0000-0000-0000-e0a339000000}\ (Recovery) (Fixed) (Total:2.32 GB) (Free:1.49 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 3B3AF9AD)
Partition 1: (Active) - (Size=499 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=225.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=5 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=2.3 GB) - (Type=27)

==================== End of Addition.txt =======================

[Rudy]

Tak do třetice. Spusťte opět ADWCleaner.

[Petura]

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-25-2021
# Duration: 00:00:36
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1405 octets] - [25/12/2021 21:01:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" (No File)
HKU\S-1-5-21-2953877804-1382628211-309411190-1007\...\MountPoints2: {1eb43851-f9a1-11ea-a952-441ea1cfc221} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2953877804-1382628211-309411190-1007\...\MountPoints2: {7884f96b-3780-11ec-a978-441ea1cfc221} - "F:\HiSuiteDownLoader.exe"
Task: {66EBB1D9-F412-4F0D-A4B3-86C6B4706612} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-03-24] (Google Inc -> Google Inc.)
Task: {F8DAF4B3-AFCE-4539-BAB2-1990E8A18C92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-03-24] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-05-17] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-05-17] <==== ATTENTION
Toolbar: HKU\S-1-5-21-2953877804-1382628211-309411190-1007 -> No Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - No File

EmptyTemp:
End

Uložte do C:\Users\HP\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Petura]

Zdravím, tak notebook u přítelkyně zatím nic, ale poprosím o kontrolu PC u sestřenky, jako vždy hodně poamlý počítač, posílám logy...díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Adam S (administrator) on KATKA-PC (ATComputers OPTIMUS) (07-01-2022 18:13:12)
Running from C:\Users\Adam S\Desktop
Loaded Profiles: Katka & UpdatusUser & Adam S
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <4>
(Discord Inc. -> Discord Inc.) C:\Users\Adam S\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\54.0.2.0\crashpad_handler.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Pub\PubPlatform.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Seznam.cz, a.s. -> ) C:\Users\Adam S\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\Adam S\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Spotify AB -> Spotify Ltd) C:\Users\Adam S\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Tencent Technology(Shenzhen) Company Limited -> ) D:\program files\txgameassistant\appmarket\cef_frame_render.exe <3>
(Tencent Technology(Shenzhen) Company Limited -> ) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) D:\program files\txgameassistant\appmarket\AppMarket.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) D:\program files\txgameassistant\appmarket\QMEmulatorService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3894552 2022-01-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3779152 2021-09-28] (IObit CO., LTD -> IObit)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {38e6a015-501a-11ec-86c4-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {6dcf23ff-57da-11ea-8b3b-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {76221485-46b2-11eb-867f-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {7622148c-46b2-11eb-867f-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {adbd6370-ec79-11eb-965b-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {b623b378-3738-11e9-b4ce-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {c11c29f0-68e1-11ea-a150-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {ea686d71-2ee6-11eb-b4ec-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {fe59e268-2dd8-11e9-8eae-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {fe59e26d-2dd8-11e9-8eae-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Adam S\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Adam S\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [Spotify Web Helper] => C:\Users\Adam S\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2021-10-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [Spotify] => C:\Users\Adam S\AppData\Roaming\Spotify\Spotify.exe [6754928 2021-10-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [Discord] => C:\Users\Adam S\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\MountPoints2: {38e6a015-501a-11ec-86c4-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\Installer\chrmstp.exe [2021-12-16] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-15] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {054B2AEB-4946-4E1F-B550-21ED989976B1} - System32\Tasks\CCleanerSkipUAC - Katka => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1275BC01-1847-4263-A58F-069E97039BDB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core => C:\Users\Katka\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.)
Task: {136E5341-D277-44BA-808F-772107EA7038} - System32\Tasks\iTopVPN_Scheduler_Adam S => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [5882880 2021-09-28] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {19A27209-C73F-492B-B03F-279640CEBA3D} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6475544 2021-12-16] (Avast Software s.r.o. -> Avast Software)
Task: {1F476527-B622-4126-AC50-920E83B32E06} - System32\Tasks\ASC_SkipUac_Katka => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [10686032 2021-10-13] (IObit CO., LTD -> IObit)
Task: {22DBAC3C-1836-499E-AB1A-D9EE000BDF55} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
Task: {2FA58001-5267-4DB0-A260-45F5349AFBBF} - System32\Tasks\iTopVPN_Update_Adam S => C:\Program Files (x86)\iTop VPN\atud.exe [2971136 2021-09-06] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {31634724-1E77-4347-B2B8-FE6FFEC964B8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {468C14E7-124C-4F1F-8E07-029DF23F244F} - System32\Tasks\iTop Screenshot SkipUAC (Katka) => C:\Program Files (x86)\iTop Screenshot\iScrShot.exe [7622656 2021-07-21] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {4AD86668-01D5-478A-ABB5-7B4E1EB487A2} - System32\Tasks\CCleanerSkipUAC - Adam S => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5EF3FF8F-3325-4FF2-B344-DE8C1A4B714E} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4760344 2022-01-07] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 35c2e1ae-ff65-47f1-98ae-9337a695fed7
Task: {7936EBC9-5EED-4785-B2C7-16432DDB7B8A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-08-28] (Avast Software s.r.o. -> Avast Software)
Task: {7BF68C68-F0B0-4A9F-8AF3-43A32ED1BF5D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-15] (Google Inc -> Google Inc.)
Task: {828C2B96-FAA5-40C7-ADC0-04F0C59240CA} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2521976 2021-12-15] (Piriform Software Ltd -> Piriform Software)
Task: {834753CC-0E74-439C-8651-E94D1E6F3EF6} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-22] (Piriform Software Ltd -> Piriform Software)
Task: {83AEE53B-FD31-4A22-AC66-5801105CB079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-15] (Google Inc -> Google Inc.)
Task: {83FE2781-379C-4A91-A2FD-C6413871B71E} - System32\Tasks\IAStorIcon => C:\Program Files\Intel\Intel(R) Virtual RAID on CPU\IAStorIcon.exe [289840 2019-09-24] (Intel(R) Virtual RAID On CPU -> Intel Corporation)
Task: {8BA30B19-A46A-4A60-98EE-581F6749470A} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2521976 2021-12-15] (Piriform Software Ltd -> Piriform Software)
Task: {91108DE4-45FF-469A-A5AE-556FD3C20550} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {9F553661-BE47-4BC6-BA4D-96F74E60D2D5} - System32\Tasks\iTop Screenshot Update => C:\Program Files (x86)\iTop Screenshot\AutoUpdate.exe [2800640 2021-07-21] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {AE9CC364-E532-467D-A9F8-62D3CCF0EA4F} - System32\Tasks\iTop Screen Recorder SkipUAC (Katka) => C:\Program Files\iTop Screen Recorder\IScrRec.exe [14479872 2021-12-17] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {B333649A-7297-45A3-BF31-CC2134F08676} - System32\Tasks\iTop Screen Recorder UAC => C:\Program Files\iTop Screen Recorder\iScrInit.exe [1542144 2021-11-11] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {B3E1E255-BA48-4996-9499-DF7B821634FD} - System32\Tasks\ASC_SkipUac_Adam S => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [10686032 2021-10-13] (IObit CO., LTD -> IObit)
Task: {CA7073DA-D354-4ECC-85F9-251CF1954ED2} - System32\Tasks\iTop Screen Recorder SkipUAC (Adam S) => C:\Program Files (x86)\iTop Screen Recorder\IScrRec.exe /skipuac (No File)
Task: {CC741BCD-96D5-4970-B273-0CB1ABE33326} - System32\Tasks\iTop Screen Recorder Update => C:\Program Files\iTop Screen Recorder\AutoUpdate.exe [2821632 2021-10-26] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {D155E767-ECCA-4C9D-9D6B-F77F9C78B889} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {D63B67C9-379A-47F3-977A-AED8B1F04813} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-22] (Piriform Software Ltd -> Piriform Software)
Task: {D8B1F135-BB75-4A4E-9960-A6C5489216E3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA => C:\Users\Katka\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.)
Task: {EB6DFEA5-C752-49E8-988A-139185455E1C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EB7B8187-411B-415C-9F76-D25897FDC52F} - System32\Tasks\iTopVPN_SkipUAC_Adam S => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [5882880 2021-09-28] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {F5799E9D-0B02-408E-B99F-29831DA0C70B} - System32\Tasks\ASUS\i-Setup182734 => C:\Windows\Install\AsusSetup.exe [1293624 2018-09-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F71DFF49-0BCF-47ED-9B44-8897F00443A8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 10.100.160.1 10.100.160.7 10.100.160.8
Tcpip\..\Interfaces\{37280C33-00E4-44DB-9F1B-2DE344C466F5}: [DhcpNameServer] 192.168.88.1 10.100.160.1 10.100.160.7 10.100.160.8

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Adam S\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-07]

FireFox:
========
FF DefaultProfile: obr0yu1g.default
FF ProfilePath: C:\Users\Adam S\AppData\Roaming\Mozilla\Firefox\Profiles\obr0yu1g.default [2021-12-04]
FF user.js: detected! => C:\Users\Adam S\AppData\Roaming\Mozilla\Firefox\Profiles\obr0yu1g.default\user.js [2021-12-04]
FF ProfilePath: C:\Users\Adam S\AppData\Roaming\Mozilla\Firefox\Profiles\s1uzvqfi.default-release [2022-01-07]
FF user.js: detected! => C:\Users\Adam S\AppData\Roaming\Mozilla\Firefox\Profiles\s1uzvqfi.default-release\user.js [2021-12-04]
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-10-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-10-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-01-22] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-01-22] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default [2022-01-07]
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR Extension: (Prezentace) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-08]
CHR Extension: (Dokumenty) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-08]
CHR Extension: (Disk Google) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-08]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-09-09]
CHR Extension: (YouTube) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-08]
CHR Extension: (Tabulky) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-08]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-09-08]
CHR Extension: (Gmail) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-08]
CHR Profile: C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-07]
CHR HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdvancedSystemCareService15; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1873488 2021-08-21] (IObit CO., LTD -> IObit)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-28] (Avast Software s.r.o. -> AVAST Software)
S3 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-22] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\elevation_service.exe [1721904 2021-12-15] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-22] (Piriform Software Ltd -> Piriform Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [13745432 2022-01-07] (Avast Software s.r.o. -> AVAST Software)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> )
S4 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 QMEmulatorService; D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [244680 2021-11-17] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [28592 2021-07-07] (IObit CO., LTD -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [28592 2021-07-07] (IObit CO., LTD -> IObit)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-09-15] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36784 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [223176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369216 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [252992 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [100416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R3 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [186280 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [540056 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2021-08-28] (AVAST Software s.r.o. -> AVAST Software)
S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108912 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83976 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [853800 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [545176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [215432 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318760 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [382944 2021-08-09] (Google LLC -> Google, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 iobit_monitor_server2021; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [15280 2021-08-11] (IObit CO., LTD -> IObit)
R1 MEmuDrv; C:\Windows\System32\DRIVERS\MEmuDrv.sys [309904 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R1 TBoxDrv; C:\Program Files\AndroidTbox\TBoxDrv.sys [292032 2020-08-07] (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
U3 aswbdisk; no ImagePath
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-07 17:58 - 2022-01-07 17:58 - 000002040 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2022-01-07 17:58 - 2022-01-07 17:58 - 000000000 ____D C:\Windows\system32\gf2engine
2022-01-07 17:58 - 2022-01-07 17:57 - 000036120 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2022-01-07 17:48 - 2022-01-07 18:14 - 000029697 _____ C:\Users\Adam S\Desktop\FRST.txt
2022-01-07 17:42 - 2022-01-07 18:14 - 000000000 ____D C:\FRST
2022-01-07 17:42 - 2022-01-07 17:46 - 000017097 _____ C:\Users\Adam S\Downloads\FRST.txt
2022-01-07 17:41 - 2022-01-07 17:41 - 002311168 _____ (Farbar) C:\Users\Adam S\Desktop\FRST64.exe
2022-01-07 17:23 - 2022-01-07 17:23 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Adam S
2022-01-06 17:24 - 2022-01-06 18:25 - 1851988810 _____ C:\Users\Adam S\Downloads\Měda 2 CZdabing 2015.avi
2022-01-06 15:20 - 2022-01-06 15:49 - 1076654816 _____ C:\Users\Adam S\Downloads\Méďa [Ted] (2012) CZ dabing.avi
2021-12-23 21:30 - 2022-01-07 18:07 - 000002974 _____ C:\Windows\system32\Tasks\iTop Screen Recorder SkipUAC (Katka)
2021-12-23 21:30 - 2022-01-07 18:07 - 000002968 _____ C:\Windows\system32\Tasks\iTop Screen Recorder UAC
2021-12-23 21:29 - 2022-01-07 18:07 - 000003230 _____ C:\Windows\system32\Tasks\iTop Screen Recorder Update
2021-12-23 21:29 - 2022-01-01 15:32 - 000000000 ____D C:\Program Files\iTop Screen Recorder
2021-12-23 21:29 - 2021-12-23 21:29 - 000000979 _____ C:\Users\Public\Desktop\iTop Screen Recorder.lnk
2021-12-23 21:29 - 2021-12-23 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTop Screen Recorder
2021-12-23 20:49 - 2022-01-03 19:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-21 20:09 - 2021-12-21 20:13 - 000000000 ____D C:\Users\Katka\Desktop\vánoce
2021-12-20 16:19 - 2021-12-20 16:53 - 000000000 ____D C:\Users\Adam S\Desktop\dušan
2021-12-20 13:12 - 2021-12-20 13:11 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-12-20 13:12 - 2021-12-20 13:11 - 000215432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-12-18 15:41 - 2021-12-18 16:11 - 1185211320 _____ C:\Users\Adam S\Downloads\Mimoni (2015) CZ dabing.avi
2021-12-11 12:14 - 2021-12-11 12:14 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-12-08 15:28 - 2021-12-08 16:16 - 2074365306 _____ C:\Users\Adam S\Downloads\Maxinožka 2 (2020) CZ dabing NOVINKA.mkv
2021-12-08 15:02 - 2021-12-08 15:25 - 1017939704 _____ C:\Users\Adam S\Downloads\Detektiv Pikachu 2019 cz.dabing,novinky.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-07 18:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-01-07 18:11 - 2021-11-17 20:29 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\discord
2022-01-07 18:09 - 2021-11-17 20:29 - 000000000 ____D C:\Users\Adam S\AppData\Local\Discord
2022-01-07 18:07 - 2021-11-06 08:35 - 000003044 _____ C:\Windows\system32\Tasks\iTopVPN_Update_Adam S
2022-01-07 18:07 - 2021-11-06 08:35 - 000003002 _____ C:\Windows\system32\Tasks\iTopVPN_Scheduler_Adam S
2022-01-07 18:07 - 2021-11-06 08:35 - 000002800 _____ C:\Windows\system32\Tasks\iTopVPN_SkipUAC_Adam S
2022-01-07 18:07 - 2021-11-06 08:33 - 000003014 _____ C:\Windows\system32\Tasks\ASC_SkipUac_Adam S
2022-01-07 18:07 - 2021-10-28 22:46 - 000002918 _____ C:\Windows\system32\Tasks\IAStorIcon
2022-01-07 18:07 - 2021-10-28 22:16 - 000003234 _____ C:\Windows\system32\Tasks\iTop Screenshot Update
2022-01-07 18:07 - 2021-10-28 22:16 - 000002980 _____ C:\Windows\system32\Tasks\iTop Screenshot SkipUAC (Katka)
2022-01-07 18:07 - 2021-10-28 22:10 - 000003010 _____ C:\Windows\system32\Tasks\ASC_SkipUac_Katka
2022-01-07 18:07 - 2018-09-15 17:10 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-01-07 18:01 - 2021-11-17 20:29 - 000000000 ____D C:\Users\Adam S\AppData\Local\SquirrelTemp
2022-01-07 18:01 - 2021-09-11 20:06 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\dvdcss
2022-01-07 18:00 - 2021-09-27 18:37 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\One Night at Flumpty's 2
2022-01-07 18:00 - 2021-02-28 08:46 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-07 17:58 - 2021-09-08 19:18 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\Avast Software
2022-01-07 17:58 - 2021-08-28 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2022-01-07 17:58 - 2021-08-28 09:48 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-01-07 17:57 - 2021-08-28 09:47 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-01-07 17:57 - 2021-08-28 09:42 - 000000000 ____D C:\Program Files\Avast Software
2022-01-07 17:57 - 2021-08-28 09:41 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-07 17:44 - 2009-07-14 05:45 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-01-07 17:44 - 2009-07-14 05:45 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-01-07 17:35 - 2018-09-15 17:13 - 000000000 ____D C:\Program Files\CCleaner
2022-01-07 17:34 - 2018-09-15 17:18 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-01-07 17:27 - 2018-09-15 17:04 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-07 17:23 - 2021-11-22 20:05 - 000000000 ____D C:\Temp
2022-01-07 17:22 - 2021-11-04 14:02 - 000003000 _____ C:\Windows\system32\Tasks\iTop Screen Recorder SkipUAC (Adam S)
2022-01-07 17:22 - 2021-08-21 12:37 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Katka
2022-01-07 17:22 - 2021-01-22 15:41 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2022-01-07 17:22 - 2021-01-22 15:38 - 000003438 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-01-07 17:22 - 2020-07-01 08:07 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-07 17:22 - 2020-07-01 08:07 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-07 17:22 - 2018-12-21 11:54 - 000003566 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA
2022-01-07 17:22 - 2018-12-21 11:54 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core
2022-01-07 17:22 - 2018-09-15 17:04 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-07 17:22 - 2018-09-15 17:04 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-07 16:13 - 2021-09-11 08:58 - 000001373 _____ C:\Users\Adam S\Desktop\Roblox Player.lnk
2022-01-07 16:13 - 2021-09-11 08:48 - 000001188 _____ C:\Users\Adam S\Desktop\Roblox Studio.lnk
2022-01-07 16:13 - 2021-09-11 08:48 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-01-07 13:09 - 2021-09-08 19:07 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\Seznam.cz
2022-01-07 13:08 - 2021-10-01 18:58 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\Spotify
2022-01-07 13:07 - 2011-04-12 09:34 - 000672872 _____ C:\Windows\system32\perfh005.dat
2022-01-07 13:07 - 2011-04-12 09:34 - 000142966 _____ C:\Windows\system32\perfc005.dat
2022-01-07 13:07 - 2009-07-14 06:13 - 001595396 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-07 13:06 - 2021-08-28 09:47 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-01-07 13:05 - 2021-10-28 19:39 - 000000000 ____D C:\ProgramData\ProductData
2022-01-07 13:03 - 2021-10-01 18:58 - 000000000 ____D C:\Users\Adam S\AppData\Local\Spotify
2022-01-07 13:03 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-06 15:52 - 2021-09-08 19:38 - 000000000 ____D C:\Users\Adam S\AppData\Local\Avast Software
2022-01-05 19:17 - 2021-11-06 08:34 - 000000000 ____D C:\Program Files (x86)\iTop VPN
2022-01-04 18:41 - 2019-08-03 14:40 - 000000000 ____D C:\stahování
2022-01-04 15:19 - 2021-09-09 12:13 - 000002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-01-04 15:19 - 2021-09-09 12:13 - 000001854 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-01-04 15:19 - 2021-09-09 12:13 - 000001854 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-01-04 15:19 - 2021-09-09 12:13 - 000001842 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-01-03 19:14 - 2018-09-15 17:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-01 19:48 - 2018-09-15 17:12 - 000000000 ____D C:\Users\Katka\AppData\LocalLow\Mozilla
2022-01-01 18:52 - 2019-02-06 11:00 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-01 15:59 - 2021-08-28 10:25 - 000000000 ____D C:\Users\Katka\AppData\Local\Avast Software
2022-01-01 15:31 - 2021-09-08 12:10 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-01-01 15:27 - 2021-10-28 19:36 - 000000000 ____D C:\ProgramData\IObit
2021-12-25 12:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2021-12-23 21:30 - 2021-10-28 22:16 - 000000000 ____D C:\Users\Katka\AppData\Roaming\iTop Screen Recorder
2021-12-23 21:29 - 2021-10-28 22:16 - 000000000 ____D C:\Program Files (x86)\iTop Screen Recorder
2021-12-23 10:07 - 2009-07-14 06:08 - 000032566 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2021-12-20 13:11 - 2021-08-28 09:47 - 000853800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000545176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000540056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000318760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000252992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000223176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000186280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000108912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000100416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000083976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000042416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000036784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-12-20 13:10 - 2021-08-28 09:47 - 000369216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-12-19 10:42 - 2020-07-01 08:08 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-18 20:31 - 2021-10-28 22:16 - 000000000 ____D C:\ProgramData\iTop
2021-12-18 20:25 - 2021-09-11 20:02 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\vlc
2021-12-16 17:49 - 2021-01-22 15:41 - 000002328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-12-16 17:49 - 2021-01-22 15:38 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-12-15 16:23 - 2018-09-15 17:05 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-14 21:08 - 2018-09-14 22:18 - 000000000 ____D C:\Windows\system32\MRT
2021-12-14 21:02 - 2018-09-14 22:18 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-13 17:23 - 2021-11-28 09:50 - 000000000 ____D C:\Users\Katka\Desktop\Kalendář 2022
2021-12-13 16:44 - 2018-09-14 18:29 - 000000000 ____D C:\Users\Katka
2021-12-11 12:11 - 2018-09-15 11:10 - 000000000 ____D C:\Users\UpdatusUser
2021-12-11 12:07 - 2021-09-08 19:05 - 000000000 ____D C:\Users\Adam S
2021-12-11 12:05 - 2021-11-06 08:35 - 000000000 ____D C:\ProgramData\iTop VPN
2021-12-11 12:05 - 2021-11-04 14:02 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\iTop Screen Recorder
2021-12-11 12:05 - 2021-09-11 08:48 - 000000000 ____D C:\Users\Adam S\AppData\Local\Roblox
2021-12-11 12:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-12-31 12:32
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Adam S (07-01-2022 18:16:04)
Running from C:\Users\Adam S\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X64) (2018-09-14 17:29:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Adam S (S-1-5-21-3410242202-4032261145-1968254855-1004 - Administrator - Enabled) => C:\Users\Adam S
Administrator (S-1-5-21-3410242202-4032261145-1968254855-500 - Administrator - Disabled)
Guest (S-1-5-21-3410242202-4032261145-1968254855-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3410242202-4032261145-1968254855-1003 - Limited - Enabled)
Katka (S-1-5-21-3410242202-4032261145-1968254855-1000 - Administrator - Enabled) => C:\Users\Katka
UpdatusUser (S-1-5-21-3410242202-4032261145-1968254855-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Avast Antivirus (Disabled - Out of date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Out of date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4x4 Offroader (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\0c209a9dd9c050bae86b9467ba4198f3) (Version: 1.0 - 4x4 Offroader)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 15.0.1 - IObit)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.4.11260.5766 - Avast Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Backup and Sync from Google (HKLM\...\{685BAD50-A3AA-4B91-A15B-77F9DC7346D4}) (Version: 3.57.4043.4118 - Google, Inc.)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 96.1.13589.113 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Crash Time 2 Demo (remove only) (HKLM-x32\...\BurningWheels Demo) (Version: - )
Crazy Stunt Cars 2 (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\5125ab90dfd3875770380bedfc5353ec) (Version: 1.0 - Crazy Stunt Cars 2)
CREY (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\CREY) (Version: - Bitglobe ApS)
Discord (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Game Jolt Client version 0.61.1 (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\game-jolt-client_is1) (Version: 0.61.1 - Lucent Web Creative, LLC)
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 4.1.30.90 - Tencent Technology Company)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 54.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Google Photos Backup (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.4.43 - Intel Corporation)
Intel(R) Virtual RAID on CPU (HKLM-x32\...\{fe14d5b2-aa03-4c4d-8458-f089749db800}) (Version: 6.2.0.1239 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
iTop Screen Recorder (HKLM-x32\...\iTop Screen Recorder_is1) (Version: 2.0.0.453 - iTop Inc.)
iTop Screenshot (HKLM-x32\...\iTop Screenshot_is1) (Version: 1.2.1.535 - iTop Inc.)
iTop VPN (HKLM-x32\...\iTop VPN_is1) (Version: 2.2.2.2025 - iTop Inc.)
Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
JJSploit 6.1.2 (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\b1e3a7e5-766b-5910-bd89-4bbe7200c627) (Version: 6.1.2 - )
JJSploit v5 5.3.4 (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\0dc89eee-466e-5758-9507-219f65134c5e) (Version: 5.3.4 - )
Kreslení pro děti (doporučená instalace) (HKLM-x32\...\Kreslení pro děti (doporučená instalace)) (Version: - )
MEmu (HKLM-x32\...\MEmu) (Version: 7.5.6.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Teams) (Version: 1.4.00.29469 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 95.0.2 (x64 cs)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
NVIDIA Ovladače grafiky 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
One Night at Flumpty's 2 (HKLM-x32\...\One Night at Flumpty's 2) (Version: - )
One Night at Flumpty's 3 (HKLM-x32\...\One Night at Flumpty's 3) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
Roblox Player for Adam S (HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\roblox-player) (Version: - Roblox Corporation)
Roblox Player for Katka (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Katka (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\roblox-studio) (Version: - Roblox Corporation)
Seznam Software (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
Seznam Software (HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
Sports Cars Driver (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\904bf27e7d80c3790d3801c046c925b6) (Version: 1.0 - Sports Cars Driver)
Spotify (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Spotify) (Version: 1.1.70.610.g4585142b - Spotify AB)
Spotify (HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TLauncher (HKLM-x32\...\TLauncher2.82) (Version: 2.82 - TLauncher Inc.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Wargaming.net Game Center) (Version: 21.7.0.6827 - Wargaming.net)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2021-07-31] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2021-07-31] (IObit CO., LTD -> IObit)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2021-07-31] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2021-07-31] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Adam S\Desktop\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Adam S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Adam S\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\MSVCP140.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\ucrtbase.DLL
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\VCRUNTIME140.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\VCRUNTIME140_1.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3410242202-4032261145-1968254855-1000 -> DefaultScope {6A1806CD-94D4-4689 URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2021-10-28 22:26 - 000000842 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam S\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1 - 10.100.160.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{12A036AB-7305-432C-A437-7BC54E1C4429}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B28AE327-CB98-46B1-A468-28B999FBC5ED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08FB3C3A-5ED9-4AB3-B2DE-F4495AF01D03}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4D914528-2C72-4ADD-AF0A-E1E34186B457}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5AA36964-7A74-4E39-A890-FA78F6C8C8D2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{C8C38A2A-37AC-4BBF-9D6D-416CC544AD21}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{A2BB4098-9B53-4639-89AC-1AA70244C275}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{FD200992-4304-40FF-AF88-3289E958AEFF}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{1619CD17-9812-46E5-AC59-30EC74C3656C}C:\users\katka\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\katka\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C6765C65-03D7-4D40-BCB7-7ED580E0C4A9}C:\users\katka\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\katka\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2D04588-5C5B-4B09-9660-B95B73B80701}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1FCA55E3-7531-4397-833F-4441C01F4C82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{00813BA2-32ED-4442-A2A9-68750122E1F2}C:\users\katka\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\katka\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{D10FAB15-0671-4A00-9FF6-56907D71ADC6}C:\users\katka\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\katka\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{CED0F2D1-D516-4664-9AE9-90538E790449}C:\users\katka\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\katka\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{A1997B04-534D-48FD-908E-6EBCF8C2ADE4}C:\users\katka\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\katka\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{4FEB58ED-670A-468A-AFF6-5415059D138A}C:\users\katka\appdata\roaming\.minecraft\versions\raft v2.1.0\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\katka\appdata\roaming\.minecraft\versions\raft v2.1.0\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{8E4183DF-F495-4F7C-A3A6-32F78BB6D2C7}C:\users\katka\appdata\roaming\.minecraft\versions\raft v2.1.0\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\katka\appdata\roaming\.minecraft\versions\raft v2.1.0\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{9E1CCF06-02A3-4247-847E-9872EAB68173}C:\users\katka\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{9EF89AFE-B5B8-4D43-B2FA-C0426D42F28C}C:\users\katka\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{00908A97-0301-4BCC-9D70-65724E9AAC70}C:\users\katka\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{60C1CADF-95C9-40C5-A553-8D34FD5D56FA}C:\users\katka\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{611C30D4-CBFF-4FBD-A8F3-7DEE9B84604A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E6B474DE-7A7E-4467-A965-AC61D08925CC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ED767204-1115-45B9-B165-099C355B37AA}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{780E11D9-9E79-4DFF-8CDF-4DA703C278A3}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{1AB3C18F-F866-4FA1-A4EE-99864D85BC1D}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{5F3FF775-CD76-415A-9CD8-4A0358214FCC}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D399C9F7-9E52-4226-A28E-8027B4F26C64}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EF30F5E1-D56A-468C-941D-D8606E30C166}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{2A59EB02-5901-4529-B01D-ECAB80DCA7F8}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BC0EA9D6-EC16-4900-B010-A39A796C5F20}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{ED3BC18C-A4F3-4245-A3C0-80612749C99D}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{00226C7E-322C-4958-A215-3FD4BCC0C194}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{45D7402B-D6CF-4602-BF55-37AE5AACD689}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9CE461D7-54A3-4DAC-9E16-76C1CD993B22}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEx.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{7F84B945-538C-4065-9DA9-739E7CDB08CE}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEn.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9088271E-9204-450E-B149-80CB431190EB}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{44998EF3-FEBB-4F42-8482-DDCC165CF013}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{4A1AF47A-38B9-430F-9387-157B560449C4}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{040331CB-03F4-4B45-9B5B-5D05E680C6BD}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B575B3A0-171D-45C2-B22E-96BA5459C6E8}] => (Allow) C:\Users\Katka\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F98FFFBF-1B40-45CF-A7F2-3B6CE6D36F28}] => (Allow) C:\Users\Katka\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A4A1E7BC-9725-4D71-9483-9AD3498D5713}] => (Allow) C:\Users\Katka\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A28B6237-0885-45FE-AD3C-4592DB20C26C}] => (Allow) C:\Users\Katka\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{304994AD-4824-492B-8A8D-518221F9EC68}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C091F126-E6C6-428A-B666-A155D4AE45FA}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [TCP Query User{3048F218-FCFE-457D-9E2E-407688AB32B2}C:\users\adam s\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\adam s\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{09786803-3460-47F8-8927-DAB8C602715B}C:\users\adam s\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\adam s\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{E98755E8-C4D9-4AF4-96CC-33E041632D84}C:\users\adam s\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\adam s\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{031E06A4-FD48-4233-9D88-1DB7B39ABA07}C:\users\adam s\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\adam s\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{F0D24AB6-3F4C-4521-AC9D-6BBE0983C1D1}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8F7CBA7A-A38E-422E-B93C-AA5F0C3154D7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{90301F6F-F15F-4F7A-B060-EB097C5AA467}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{401A770B-65F7-416D-863B-17243E8A8228}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEx.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A140DAAD-88C8-4687-8DFF-D7668B43C2FD}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEn.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9AF9A907-8E4F-4FDD-B98D-54D1033B3962}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{73A8BA81-D317-4671-B0D6-F24D95FBF6DA}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A2A3C8F3-5375-4BA8-B967-DE8F115898BE}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F3E7A3A1-7D6D-47E6-BC0D-306A1ECDC9EA}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{6CB37F99-3B6E-4E61-82B5-21618674A52C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{90B05A0A-EDE3-4641-B35B-C0C99BC42799}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D096503-0EE9-4D06-BA44-E6BF8AB64799}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{0C10F87C-ACA8-43E3-8A9C-D4C419FE6970}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEx.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{CFECB0FB-3277-444D-878E-37D65CA52EBA}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEn.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A4E5B55D-2F45-4CDA-BCF3-1CBF0DAAFEC0}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{16DD4E01-49C5-4C57-AD34-07E2F71AA3D2}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{DE24E6EC-3E33-4DB7-9B40-2A351396403F}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C1D98A59-471E-44C2-8B75-B0C0FF5B39C8}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A25AD800-2B69-4846-8373-916150505DD5}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{7C359DEF-832E-46EF-A5D6-847D4CE4E715}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3E6BEF46-0EBF-476B-8FBF-4A9FB5ADD16D}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A6F6197A-9C2F-4CA1-B52E-57C0C123B9D8}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3F383FEC-C56F-4B16-B88E-4F20623BEB0E}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{8396D470-67B6-4DCD-A6A5-B4B325E18B72}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{511F0455-DC0F-47DC-BD8E-AEA4F9060701}] => (Allow) C:\Program Files\AndroidTbox\THypervBox.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{F4089A6A-2962-48B6-8C7E-8ECE53703996}] => (Allow) C:\Program Files\AndroidTbox\TBoxHeadless.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{2F57FE9A-814B-46B3-ABA6-5B4EE3D7D702}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetNAT.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{D955F14F-8F63-444A-8A0B-2389C5CB99E1}] => (Allow) C:\Program Files\AndroidTbox\TBoxSDL.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{F13170EA-E8AE-4513-9DFE-125EE108095A}] => (Allow) C:\Program Files\AndroidTbox\TBoxExtPackHelperApp.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{41F652F6-19E1-40E3-83CE-21AAFEFEAD34}] => (Allow) C:\Program Files\AndroidTbox\USBInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BB079EFF-8352-4F35-ABDF-9A4C5DDEA896}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetDHCP.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{B8ABB960-7BD6-42E2-9A2C-BEBEAE63D381}] => (Allow) C:\Program Files\AndroidTbox\TBoxManage.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{63F2C6E3-1DA5-4B5A-9F4B-9348F2491314}] => (Allow) C:\Program Files\AndroidTbox\USBUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{77368C31-1BF6-4198-BB4F-30FF14993B0B}] => (Allow) C:\Program Files\AndroidTbox\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A12E50DF-FFEB-4012-8CDB-C286694AB56A}] => (Allow) C:\Program Files\AndroidTbox\SUPLoggerCtl.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{11EDBDB2-1121-42D5-B546-5FC942E22240}] => (Allow) C:\Program Files\AndroidTbox\NetFltUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{E33B7DB1-B34D-46D5-A47E-CAAAC8473CA6}] => (Allow) C:\Program Files\AndroidTbox\NetFltInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B9688EF9-F78F-4573-99AB-B14A443793ED}] => (Allow) C:\Program Files\AndroidTbox\SUPUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{CD4281D4-B355-4875-AF1D-0E567878180B}] => (Allow) C:\Program Files\AndroidTbox\TBoxBalloonCtrl.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{3050CFCE-C125-4647-ADE1-95A8E60C5DDC}] => (Allow) C:\Program Files\AndroidTbox\SUPInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{723AB8B5-57CF-4D13-846B-7084D8F4F648}] => (Allow) C:\Program Files\AndroidTbox\TBoxSVC.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{A42ECF05-297F-45EB-B541-06068562E956}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{94F7F519-B69D-4705-96B6-54FB8ED0DD93}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C800553B-CB2B-4D1E-B066-420C6C132CA7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{45B2B607-EECF-4A16-9856-3DE0D0D6D49A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2485BB14-592D-4E66-9F34-9EC388C95E15}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{050408F6-C93F-4CCD-9E6C-18CE366AE801}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{28660034-2374-4AC7-BE3F-39FCEBF87EC5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3E787994-A1F9-4CEB-B813-7FFCC087FC95}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AA4962E5-784F-4094-897C-963A7E1EC4E1}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{09CDD68D-7455-4942-8B47-9CDCC8E7D713}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

07-01-2022 13:14:37 Windows Update

==================== Faulty Device Manager Devices ============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/07/2022 05:51:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 6.1.7601.24523, časové razítko: 0x5d79ba7b
Název chybujícího modulu: RltkAPO64.dll, verze: 11.0.6000.536, časové razítko: 0x58213607
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000228e23
ID chybujícího procesu: 0x13ac
Čas spuštění chybující aplikace: 0x01d803e502a02e4a
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\RltkAPO64.dll
ID zprávy: 103d7ac1-6fda-11ec-b5e7-001a7d0ab781

Error: (01/07/2022 01:04:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/06/2022 03:19:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/05/2022 02:20:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/04/2022 03:02:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2022 07:15:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/01/2022 03:27:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/31/2021 11:54:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (01/07/2022 06:19:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/07/2022 05:49:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace bezpečnostních informací pro produkt Microsoft Security Essentials - KB2310138 (verze 1.355.1571.0).

Error: (01/07/2022 05:45:54 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu: 1.355.1571.0

Předchozí verze podpisu: 1.355.1558.0

Zdroj aktualizace: Uživatel

Fáze aktualizace: Instalovat

Zdrojová cesta:

Typ podpisu: Antispywarový program

Typ aktualizace: Delta

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu: 1.1.18800.4

Předchozí verze modulu: 1.1.18800.4

Kód chyby: 0x80508001

Popis chyby: Potíže neumožňují spuštění programu. Nainstalujte všechny dostupné aktualizace a zkuste daný program spustit znovu. Informace o instalaci aktualizací najdete v nápovědě a podpoře.

Error: (01/07/2022 05:45:54 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu: 1.355.1571.0

Předchozí verze podpisu: 1.355.1558.0

Zdroj aktualizace: Uživatel

Fáze aktualizace: Instalovat

Zdrojová cesta:

Typ podpisu: Antivirový program

Typ aktualizace: Delta

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu: 1.1.18800.4

Předchozí verze modulu: 1.1.18800.4

Kód chyby: 0x80508001

Popis chyby: Potíže neumožňují spuštění programu. Nainstalujte všechny dostupné aktualizace a zkuste daný program spustit znovu. Informace o instalaci aktualizací najdete v nápovědě a podpoře.

Error: (01/07/2022 05:41:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/07/2022 01:10:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (01/07/2022 01:03:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avast! Tools bylo dosaženo časového limitu (30000 ms).

Error: (01/06/2022 03:35:49 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.355.1450.0

Zdroj aktualizace: Server Microsoft Update

Fáze aktualizace: Stahovat

Zdrojová cesta: http://www.microsoft.com

Typ podpisu: Antivirový program

Typ aktualizace: Úplné

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu:

Předchozí verze modulu: 1.1.18800.4

Kód chyby: 0x8024001e

Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 3602 03/26/2018
Motherboard: ASUSTeK COMPUTER INC. H81M-R
Processor: Intel(R) Pentium(R) CPU G3420 @ 3.20GHz
Percentage of memory in use: 86%
Total physical RAM: 4034.72 MB
Available physical RAM: 561.38 MB
Total Virtual: 8128.87 MB
Available Virtual: 3534.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:180.87 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:186.49 GB) NTFS

\\?\Volume{64896b8a-b842-11e8-b9ec-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 78197819)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: FC5BB8BC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Rudy]

Spousťte ADWCleaner:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Petura]

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-07-2022
# Duration: 00:00:49
# OS: Windows 7 Professional
# Cleaned: 49
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted C:\ProgramData\Tencent
Deleted C:\Users\Adam S\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Adam S\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Adam S\AppData\Roaming\Seznam.cz
Deleted C:\Users\Adam S\AppData\Roaming\Tencent
Deleted C:\Users\Katka\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Katka\AppData\Local\Temp\Tencent
Deleted C:\Users\Katka\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Katka\AppData\Roaming\Seznam.cz
Deleted C:\Users\Katka\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

Deleted C:\Users\Adam S\AppData\Roaming\Mozilla\Firefox\Profiles\s1uzvqfi.default-release\invalidprefs.js
Deleted C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\siw10km5.default\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A28B6237-0885-45FE-AD3C-4592DB20C26C}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A4A1E7BC-9725-4D71-9483-9AD3498D5713}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B575B3A0-171D-45C2-B22E-96BA5459C6E8}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E33B7DB1-B34D-46D5-A47E-CAAAC8473CA6}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F98FFFBF-1B40-45CF-A7F2-3B6CE6D36F28}
Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
Deleted HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\Software\Seznam.cz

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6425 octets] - [07/01/2022 18:56:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[Petura]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Adam S (administrator) on KATKA-PC (ATComputers OPTIMUS) (07-01-2022 20:26:18)
Running from C:\Users\Adam S\Desktop
Loaded Profiles: Katka & UpdatusUser & Adam S
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\54.0.2.0\crashpad_handler.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Adam S\Downloads\adwcleaner_8.3.1.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3894552 2022-01-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Run: [Advanced SystemCare] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto (the data entry has 65 more characters). (No File)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {38e6a015-501a-11ec-86c4-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {6dcf23ff-57da-11ea-8b3b-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {76221485-46b2-11eb-867f-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {7622148c-46b2-11eb-867f-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {adbd6370-ec79-11eb-965b-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {b623b378-3738-11e9-b4ce-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {c11c29f0-68e1-11ea-a150-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {ea686d71-2ee6-11eb-b4ec-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {fe59e268-2dd8-11e9-8eae-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {fe59e26d-2dd8-11e9-8eae-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [Spotify Web Helper] => C:\Users\Adam S\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2021-10-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [Spotify] => C:\Users\Adam S\AppData\Roaming\Spotify\Spotify.exe [6754928 2021-10-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [Discord] => C:\Users\Adam S\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\MountPoints2: {38e6a015-501a-11ec-86c4-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\Installer\chrmstp.exe [2021-12-16] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-07] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {054B2AEB-4946-4E1F-B550-21ED989976B1} - System32\Tasks\CCleanerSkipUAC - Katka => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1275BC01-1847-4263-A58F-069E97039BDB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core => C:\Users\Katka\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.)
Task: {136E5341-D277-44BA-808F-772107EA7038} - System32\Tasks\iTopVPN_Scheduler_Adam S => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [5882880 2021-09-28] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {19A27209-C73F-492B-B03F-279640CEBA3D} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6475544 2021-12-16] (Avast Software s.r.o. -> Avast Software)
Task: {1F476527-B622-4126-AC50-920E83B32E06} - System32\Tasks\ASC_SkipUac_Katka => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac (No File)
Task: {22DBAC3C-1836-499E-AB1A-D9EE000BDF55} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
Task: {2FA58001-5267-4DB0-A260-45F5349AFBBF} - System32\Tasks\iTopVPN_Update_Adam S => C:\Program Files (x86)\iTop VPN\atud.exe [2971136 2021-09-06] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {31634724-1E77-4347-B2B8-FE6FFEC964B8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {468C14E7-124C-4F1F-8E07-029DF23F244F} - System32\Tasks\iTop Screenshot SkipUAC (Katka) => C:\Program Files (x86)\iTop Screenshot\iScrShot.exe [7622656 2021-07-21] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {4AD86668-01D5-478A-ABB5-7B4E1EB487A2} - System32\Tasks\CCleanerSkipUAC - Adam S => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5EF3FF8F-3325-4FF2-B344-DE8C1A4B714E} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4760344 2022-01-07] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 35c2e1ae-ff65-47f1-98ae-9337a695fed7
Task: {7936EBC9-5EED-4785-B2C7-16432DDB7B8A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-08-28] (Avast Software s.r.o. -> Avast Software)
Task: {7BF68C68-F0B0-4A9F-8AF3-43A32ED1BF5D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-15] (Google Inc -> Google Inc.)
Task: {828C2B96-FAA5-40C7-ADC0-04F0C59240CA} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2521976 2021-12-15] (Piriform Software Ltd -> Piriform Software)
Task: {834753CC-0E74-439C-8651-E94D1E6F3EF6} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-22] (Piriform Software Ltd -> Piriform Software)
Task: {83AEE53B-FD31-4A22-AC66-5801105CB079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-15] (Google Inc -> Google Inc.)
Task: {83FE2781-379C-4A91-A2FD-C6413871B71E} - System32\Tasks\IAStorIcon => C:\Program Files\Intel\Intel(R) Virtual RAID on CPU\IAStorIcon.exe [289840 2019-09-24] (Intel(R) Virtual RAID On CPU -> Intel Corporation)
Task: {8BA30B19-A46A-4A60-98EE-581F6749470A} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2521976 2021-12-15] (Piriform Software Ltd -> Piriform Software)
Task: {91108DE4-45FF-469A-A5AE-556FD3C20550} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {9F553661-BE47-4BC6-BA4D-96F74E60D2D5} - System32\Tasks\iTop Screenshot Update => C:\Program Files (x86)\iTop Screenshot\AutoUpdate.exe [2800640 2021-07-21] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {AE9CC364-E532-467D-A9F8-62D3CCF0EA4F} - System32\Tasks\iTop Screen Recorder SkipUAC (Katka) => C:\Program Files\iTop Screen Recorder\IScrRec.exe [14479872 2021-12-17] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {B333649A-7297-45A3-BF31-CC2134F08676} - System32\Tasks\iTop Screen Recorder UAC => C:\Program Files\iTop Screen Recorder\iScrInit.exe [1542144 2021-11-11] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {B3E1E255-BA48-4996-9499-DF7B821634FD} - System32\Tasks\ASC_SkipUac_Adam S => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac (No File)
Task: {CA7073DA-D354-4ECC-85F9-251CF1954ED2} - System32\Tasks\iTop Screen Recorder SkipUAC (Adam S) => C:\Program Files (x86)\iTop Screen Recorder\IScrRec.exe /skipuac (No File)
Task: {CC741BCD-96D5-4970-B273-0CB1ABE33326} - System32\Tasks\iTop Screen Recorder Update => C:\Program Files\iTop Screen Recorder\AutoUpdate.exe [2821632 2021-10-26] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {D155E767-ECCA-4C9D-9D6B-F77F9C78B889} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {D63B67C9-379A-47F3-977A-AED8B1F04813} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-22] (Piriform Software Ltd -> Piriform Software)
Task: {D8B1F135-BB75-4A4E-9960-A6C5489216E3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA => C:\Users\Katka\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.)
Task: {EB6DFEA5-C752-49E8-988A-139185455E1C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EB7B8187-411B-415C-9F76-D25897FDC52F} - System32\Tasks\iTopVPN_SkipUAC_Adam S => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [5882880 2021-09-28] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {F5799E9D-0B02-408E-B99F-29831DA0C70B} - System32\Tasks\ASUS\i-Setup182734 => C:\Windows\Install\AsusSetup.exe [1293624 2018-09-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F71DFF49-0BCF-47ED-9B44-8897F00443A8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 10.100.160.1 10.100.160.7 10.100.160.8
Tcpip\..\Interfaces\{37280C33-00E4-44DB-9F1B-2DE344C466F5}: [DhcpNameServer] 192.168.88.1 10.100.160.1 10.100.160.7 10.100.160.8

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Adam S\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-07]

FireFox:
========
FF DefaultProfile: obr0yu1g.default
FF ProfilePath: C:\Users\Adam S\AppData\Roaming\Mozilla\Firefox\Profiles\obr0yu1g.default [2021-12-04]
FF user.js: detected! => C:\Users\Adam S\AppData\Roaming\Mozilla\Firefox\Profiles\obr0yu1g.default\user.js [2021-12-04]
FF ProfilePath: C:\Users\Adam S\AppData\Roaming\Mozilla\Firefox\Profiles\s1uzvqfi.default-release [2022-01-07]
FF user.js: detected! => C:\Users\Adam S\AppData\Roaming\Mozilla\Firefox\Profiles\s1uzvqfi.default-release\user.js [2021-12-04]
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-10-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-10-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-01-22] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-01-22] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default [2022-01-07]
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR Extension: (Prezentace) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-08]
CHR Extension: (Dokumenty) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-08]
CHR Extension: (Disk Google) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-08]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-09-09]
CHR Extension: (YouTube) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-08]
CHR Extension: (Tabulky) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-08]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-09-08]
CHR Extension: (Gmail) - C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-08]
CHR Profile: C:\Users\Adam S\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-07]
CHR HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-28] (Avast Software s.r.o. -> AVAST Software)
S3 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-22] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\elevation_service.exe [1721904 2021-12-15] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-22] (Piriform Software Ltd -> Piriform Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [13745432 2022-01-07] (Avast Software s.r.o. -> AVAST Software)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> )
S4 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S4 QMEmulatorService; D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [244680 2021-11-17] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S4 AdvancedSystemCareService15; "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-09-15] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36784 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [223176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369216 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [252992 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [100416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R3 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [186280 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [540056 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2021-08-28] (AVAST Software s.r.o. -> AVAST Software)
S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108912 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83976 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [853800 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [545176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [215432 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318760 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [382944 2021-08-09] (Google LLC -> Google, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 MEmuDrv; C:\Windows\System32\DRIVERS\MEmuDrv.sys [309904 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R1 TBoxDrv; C:\Program Files\AndroidTbox\TBoxDrv.sys [292032 2020-08-07] (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
R3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [X]
R3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [X]
U3 aswbdisk; no ImagePath
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-07 18:55 - 2022-01-07 19:01 - 000000000 ____D C:\AdwCleaner
2022-01-07 18:55 - 2022-01-07 18:55 - 008540344 _____ (Malwarebytes) C:\Users\Adam S\Downloads\adwcleaner_8.3.1.exe
2022-01-07 18:16 - 2022-01-07 18:20 - 000065812 _____ C:\Users\Adam S\Desktop\Addition.txt
2022-01-07 17:58 - 2022-01-07 17:58 - 000002040 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2022-01-07 17:58 - 2022-01-07 17:58 - 000000000 ____D C:\Windows\system32\gf2engine
2022-01-07 17:58 - 2022-01-07 17:57 - 000036120 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2022-01-07 17:48 - 2022-01-07 20:27 - 000027783 _____ C:\Users\Adam S\Desktop\FRST.txt
2022-01-07 17:42 - 2022-01-07 20:26 - 000000000 ____D C:\FRST
2022-01-07 17:42 - 2022-01-07 17:46 - 000017097 _____ C:\Users\Adam S\Downloads\FRST.txt
2022-01-07 17:41 - 2022-01-07 17:41 - 002311168 _____ (Farbar) C:\Users\Adam S\Desktop\FRST64.exe
2022-01-07 17:23 - 2022-01-07 17:23 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Adam S
2022-01-06 17:24 - 2022-01-06 18:25 - 1851988810 _____ C:\Users\Adam S\Downloads\Měda 2 CZdabing 2015.avi
2022-01-06 15:20 - 2022-01-06 15:49 - 1076654816 _____ C:\Users\Adam S\Downloads\Méďa [Ted] (2012) CZ dabing.avi
2021-12-23 21:30 - 2022-01-07 18:30 - 000002974 _____ C:\Windows\system32\Tasks\iTop Screen Recorder SkipUAC (Katka)
2021-12-23 21:30 - 2022-01-07 18:30 - 000002968 _____ C:\Windows\system32\Tasks\iTop Screen Recorder UAC
2021-12-23 21:29 - 2022-01-07 18:30 - 000003230 _____ C:\Windows\system32\Tasks\iTop Screen Recorder Update
2021-12-23 21:29 - 2022-01-01 15:32 - 000000000 ____D C:\Program Files\iTop Screen Recorder
2021-12-23 21:29 - 2021-12-23 21:29 - 000000979 _____ C:\Users\Public\Desktop\iTop Screen Recorder.lnk
2021-12-23 21:29 - 2021-12-23 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTop Screen Recorder
2021-12-23 20:49 - 2022-01-03 19:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-21 20:09 - 2021-12-21 20:13 - 000000000 ____D C:\Users\Katka\Desktop\vánoce
2021-12-20 16:19 - 2021-12-20 16:53 - 000000000 ____D C:\Users\Adam S\Desktop\dušan
2021-12-20 13:12 - 2021-12-20 13:11 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-12-20 13:12 - 2021-12-20 13:11 - 000215432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-12-18 15:41 - 2021-12-18 16:11 - 1185211320 _____ C:\Users\Adam S\Downloads\Mimoni (2015) CZ dabing.avi
2021-12-11 12:14 - 2021-12-11 12:14 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-12-08 15:28 - 2021-12-08 16:16 - 2074365306 _____ C:\Users\Adam S\Downloads\Maxinožka 2 (2020) CZ dabing NOVINKA.mkv
2021-12-08 15:02 - 2021-12-08 15:25 - 1017939704 _____ C:\Users\Adam S\Downloads\Detektiv Pikachu 2019 cz.dabing,novinky.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-07 20:27 - 2018-09-15 17:04 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-07 19:06 - 2019-02-06 11:00 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-07 19:05 - 2021-11-26 19:31 - 000000000 ____D C:\Users\Adam S\AppData\LocalLow\Mozilla
2022-01-07 19:02 - 2021-10-29 18:15 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\IObit
2022-01-07 19:02 - 2021-10-29 18:15 - 000000000 ____D C:\Users\Adam S\AppData\LocalLow\IObit
2022-01-07 19:02 - 2021-10-28 19:39 - 000000000 ____D C:\Users\Katka\AppData\LocalLow\IObit
2022-01-07 19:02 - 2021-10-28 19:36 - 000000000 ____D C:\Users\Katka\AppData\Roaming\IObit
2022-01-07 19:02 - 2021-10-28 19:36 - 000000000 ____D C:\ProgramData\IObit
2022-01-07 19:02 - 2021-10-28 19:36 - 000000000 ____D C:\Program Files (x86)\IObit
2022-01-07 19:01 - 2021-11-17 20:29 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\discord
2022-01-07 18:58 - 2018-09-15 17:05 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-07 18:31 - 2021-10-28 22:46 - 000002918 _____ C:\Windows\system32\Tasks\IAStorIcon
2022-01-07 18:30 - 2021-11-06 08:35 - 000003044 _____ C:\Windows\system32\Tasks\iTopVPN_Update_Adam S
2022-01-07 18:30 - 2021-11-06 08:35 - 000003002 _____ C:\Windows\system32\Tasks\iTopVPN_Scheduler_Adam S
2022-01-07 18:30 - 2021-11-06 08:35 - 000002800 _____ C:\Windows\system32\Tasks\iTopVPN_SkipUAC_Adam S
2022-01-07 18:30 - 2021-11-06 08:33 - 000003014 _____ C:\Windows\system32\Tasks\ASC_SkipUac_Adam S
2022-01-07 18:30 - 2021-10-28 22:16 - 000003234 _____ C:\Windows\system32\Tasks\iTop Screenshot Update
2022-01-07 18:30 - 2021-10-28 22:16 - 000002980 _____ C:\Windows\system32\Tasks\iTop Screenshot SkipUAC (Katka)
2022-01-07 18:30 - 2021-10-28 22:10 - 000003010 _____ C:\Windows\system32\Tasks\ASC_SkipUac_Katka
2022-01-07 18:30 - 2018-09-15 17:10 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-01-07 18:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-01-07 18:09 - 2021-11-17 20:29 - 000000000 ____D C:\Users\Adam S\AppData\Local\Discord
2022-01-07 18:01 - 2021-11-17 20:29 - 000000000 ____D C:\Users\Adam S\AppData\Local\SquirrelTemp
2022-01-07 18:01 - 2021-09-11 20:06 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\dvdcss
2022-01-07 18:00 - 2021-09-27 18:37 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\One Night at Flumpty's 2
2022-01-07 18:00 - 2021-02-28 08:46 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-07 17:58 - 2021-09-08 19:18 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\Avast Software
2022-01-07 17:58 - 2021-08-28 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2022-01-07 17:58 - 2021-08-28 09:48 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-01-07 17:57 - 2021-08-28 09:47 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-01-07 17:57 - 2021-08-28 09:42 - 000000000 ____D C:\Program Files\Avast Software
2022-01-07 17:57 - 2021-08-28 09:41 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-07 17:44 - 2009-07-14 05:45 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-01-07 17:44 - 2009-07-14 05:45 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-01-07 17:35 - 2018-09-15 17:13 - 000000000 ____D C:\Program Files\CCleaner
2022-01-07 17:34 - 2018-09-15 17:18 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-01-07 17:23 - 2021-11-22 20:05 - 000000000 ____D C:\Temp
2022-01-07 17:22 - 2021-11-04 14:02 - 000003000 _____ C:\Windows\system32\Tasks\iTop Screen Recorder SkipUAC (Adam S)
2022-01-07 17:22 - 2021-08-21 12:37 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Katka
2022-01-07 17:22 - 2021-01-22 15:41 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2022-01-07 17:22 - 2021-01-22 15:38 - 000003438 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-01-07 17:22 - 2020-07-01 08:07 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-07 17:22 - 2020-07-01 08:07 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-07 17:22 - 2018-12-21 11:54 - 000003566 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA
2022-01-07 17:22 - 2018-12-21 11:54 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core
2022-01-07 17:22 - 2018-09-15 17:04 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-07 17:22 - 2018-09-15 17:04 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-07 16:13 - 2021-09-11 08:58 - 000001373 _____ C:\Users\Adam S\Desktop\Roblox Player.lnk
2022-01-07 16:13 - 2021-09-11 08:48 - 000001188 _____ C:\Users\Adam S\Desktop\Roblox Studio.lnk
2022-01-07 16:13 - 2021-09-11 08:48 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-01-07 13:08 - 2021-10-01 18:58 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\Spotify
2022-01-07 13:07 - 2011-04-12 09:34 - 000672872 _____ C:\Windows\system32\perfh005.dat
2022-01-07 13:07 - 2011-04-12 09:34 - 000142966 _____ C:\Windows\system32\perfc005.dat
2022-01-07 13:07 - 2009-07-14 06:13 - 001595396 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-07 13:06 - 2021-08-28 09:47 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-01-07 13:05 - 2021-10-28 19:39 - 000000000 ____D C:\ProgramData\ProductData
2022-01-07 13:03 - 2021-10-01 18:58 - 000000000 ____D C:\Users\Adam S\AppData\Local\Spotify
2022-01-07 13:03 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-06 15:52 - 2021-09-08 19:38 - 000000000 ____D C:\Users\Adam S\AppData\Local\Avast Software
2022-01-05 19:17 - 2021-11-06 08:34 - 000000000 ____D C:\Program Files (x86)\iTop VPN
2022-01-04 18:41 - 2019-08-03 14:40 - 000000000 ____D C:\stahování
2022-01-04 15:19 - 2021-09-09 12:13 - 000002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-01-04 15:19 - 2021-09-09 12:13 - 000001854 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-01-04 15:19 - 2021-09-09 12:13 - 000001854 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-01-04 15:19 - 2021-09-09 12:13 - 000001842 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-01-03 19:14 - 2018-09-15 17:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-01 19:48 - 2018-09-15 17:12 - 000000000 ____D C:\Users\Katka\AppData\LocalLow\Mozilla
2022-01-01 15:59 - 2021-08-28 10:25 - 000000000 ____D C:\Users\Katka\AppData\Local\Avast Software
2022-01-01 15:31 - 2021-09-08 12:10 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-12-25 12:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2021-12-23 21:30 - 2021-10-28 22:16 - 000000000 ____D C:\Users\Katka\AppData\Roaming\iTop Screen Recorder
2021-12-23 21:29 - 2021-10-28 22:16 - 000000000 ____D C:\Program Files (x86)\iTop Screen Recorder
2021-12-23 10:07 - 2009-07-14 06:08 - 000032566 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2021-12-20 13:11 - 2021-08-28 09:47 - 000853800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000545176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000540056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000318760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000252992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000223176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000186280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000108912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000100416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000083976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000042416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-12-20 13:11 - 2021-08-28 09:47 - 000036784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-12-20 13:10 - 2021-08-28 09:47 - 000369216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-12-19 10:42 - 2020-07-01 08:08 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-18 20:31 - 2021-10-28 22:16 - 000000000 ____D C:\ProgramData\iTop
2021-12-18 20:25 - 2021-09-11 20:02 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\vlc
2021-12-16 17:49 - 2021-01-22 15:41 - 000002328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-12-16 17:49 - 2021-01-22 15:38 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-12-14 21:08 - 2018-09-14 22:18 - 000000000 ____D C:\Windows\system32\MRT
2021-12-14 21:02 - 2018-09-14 22:18 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-13 17:23 - 2021-11-28 09:50 - 000000000 ____D C:\Users\Katka\Desktop\Kalendář 2022
2021-12-13 16:44 - 2018-09-14 18:29 - 000000000 ____D C:\Users\Katka
2021-12-11 12:11 - 2018-09-15 11:10 - 000000000 ____D C:\Users\UpdatusUser
2021-12-11 12:07 - 2021-09-08 19:05 - 000000000 ____D C:\Users\Adam S
2021-12-11 12:05 - 2021-11-06 08:35 - 000000000 ____D C:\ProgramData\iTop VPN
2021-12-11 12:05 - 2021-11-04 14:02 - 000000000 ____D C:\Users\Adam S\AppData\Roaming\iTop Screen Recorder
2021-12-11 12:05 - 2021-09-11 08:48 - 000000000 ____D C:\Users\Adam S\AppData\Local\Roblox
2021-12-11 12:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-12-31 12:32
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Adam S (07-01-2022 20:28:27)
Running from C:\Users\Adam S\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X64) (2018-09-14 17:29:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Adam S (S-1-5-21-3410242202-4032261145-1968254855-1004 - Administrator - Enabled) => C:\Users\Adam S
Administrator (S-1-5-21-3410242202-4032261145-1968254855-500 - Administrator - Disabled)
Guest (S-1-5-21-3410242202-4032261145-1968254855-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3410242202-4032261145-1968254855-1003 - Limited - Enabled)
Katka (S-1-5-21-3410242202-4032261145-1968254855-1000 - Administrator - Enabled) => C:\Users\Katka
UpdatusUser (S-1-5-21-3410242202-4032261145-1968254855-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Avast Antivirus (Disabled - Out of date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Out of date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4x4 Offroader (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\0c209a9dd9c050bae86b9467ba4198f3) (Version: 1.0 - 4x4 Offroader)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.4.11260.5766 - Avast Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Backup and Sync from Google (HKLM\...\{685BAD50-A3AA-4B91-A15B-77F9DC7346D4}) (Version: 3.57.4043.4118 - Google, Inc.)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 96.1.13589.113 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Crash Time 2 Demo (remove only) (HKLM-x32\...\BurningWheels Demo) (Version: - )
Crazy Stunt Cars 2 (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\5125ab90dfd3875770380bedfc5353ec) (Version: 1.0 - Crazy Stunt Cars 2)
CREY (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\CREY) (Version: - Bitglobe ApS)
Discord (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Game Jolt Client version 0.61.1 (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\game-jolt-client_is1) (Version: 0.61.1 - Lucent Web Creative, LLC)
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 4.1.30.90 - Tencent Technology Company)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 54.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC)
Google Photos Backup (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.4.43 - Intel Corporation)
Intel(R) Virtual RAID on CPU (HKLM-x32\...\{fe14d5b2-aa03-4c4d-8458-f089749db800}) (Version: 6.2.0.1239 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
iTop Screen Recorder (HKLM-x32\...\iTop Screen Recorder_is1) (Version: 2.0.0.453 - iTop Inc.)
iTop Screenshot (HKLM-x32\...\iTop Screenshot_is1) (Version: 1.2.1.535 - iTop Inc.)
iTop VPN (HKLM-x32\...\iTop VPN_is1) (Version: 2.2.2.2025 - iTop Inc.)
Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
JJSploit 6.1.2 (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\b1e3a7e5-766b-5910-bd89-4bbe7200c627) (Version: 6.1.2 - )
JJSploit v5 5.3.4 (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\0dc89eee-466e-5758-9507-219f65134c5e) (Version: 5.3.4 - )
Kreslení pro děti (doporučená instalace) (HKLM-x32\...\Kreslení pro děti (doporučená instalace)) (Version: - )
MEmu (HKLM-x32\...\MEmu) (Version: 7.5.6.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Teams) (Version: 1.4.00.29469 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 95.0.2 (x64 cs)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
NVIDIA Ovladače grafiky 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
One Night at Flumpty's 2 (HKLM-x32\...\One Night at Flumpty's 2) (Version: - )
One Night at Flumpty's 3 (HKLM-x32\...\One Night at Flumpty's 3) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
Roblox Player for Adam S (HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\roblox-player) (Version: - Roblox Corporation)
Roblox Player for Katka (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Katka (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\roblox-studio) (Version: - Roblox Corporation)
Sports Cars Driver (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\904bf27e7d80c3790d3801c046c925b6) (Version: 1.0 - Sports Cars Driver)
Spotify (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Spotify) (Version: 1.1.70.610.g4585142b - Spotify AB)
Spotify (HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TLauncher (HKLM-x32\...\TLauncher2.82) (Version: 2.82 - TLauncher Inc.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\Wargaming.net Game Center) (Version: 21.7.0.6827 - Wargaming.net)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\54.0.2.0\drivefsext.dll [2021-12-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Adam S\Desktop\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Adam S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Adam S\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2021-08-29 20:03 - 2021-08-29 20:03 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\MSVCP140.dll
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\ucrtbase.DLL
2021-11-05 13:23 - 2021-11-05 13:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\VCRUNTIME140.dll
2022-01-07 17:18 - 2022-01-07 17:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\Avast Software\Avast\defs\22010702\avast.local_vc142.crt\VCRUNTIME140_1.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3410242202-4032261145-1968254855-1000 -> DefaultScope {6A1806CD-94D4-4689 URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2021-10-28 22:26 - 000000842 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam S\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1 - 10.100.160.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{12A036AB-7305-432C-A437-7BC54E1C4429}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B28AE327-CB98-46B1-A468-28B999FBC5ED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08FB3C3A-5ED9-4AB3-B2DE-F4495AF01D03}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4D914528-2C72-4ADD-AF0A-E1E34186B457}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5AA36964-7A74-4E39-A890-FA78F6C8C8D2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{C8C38A2A-37AC-4BBF-9D6D-416CC544AD21}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{A2BB4098-9B53-4639-89AC-1AA70244C275}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{FD200992-4304-40FF-AF88-3289E958AEFF}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{1619CD17-9812-46E5-AC59-30EC74C3656C}C:\users\katka\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\katka\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C6765C65-03D7-4D40-BCB7-7ED580E0C4A9}C:\users\katka\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\katka\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2D04588-5C5B-4B09-9660-B95B73B80701}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1FCA55E3-7531-4397-833F-4441C01F4C82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{00813BA2-32ED-4442-A2A9-68750122E1F2}C:\users\katka\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\katka\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{D10FAB15-0671-4A00-9FF6-56907D71ADC6}C:\users\katka\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\katka\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{CED0F2D1-D516-4664-9AE9-90538E790449}C:\users\katka\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\katka\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{A1997B04-534D-48FD-908E-6EBCF8C2ADE4}C:\users\katka\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\katka\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{4FEB58ED-670A-468A-AFF6-5415059D138A}C:\users\katka\appdata\roaming\.minecraft\versions\raft v2.1.0\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\katka\appdata\roaming\.minecraft\versions\raft v2.1.0\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{8E4183DF-F495-4F7C-A3A6-32F78BB6D2C7}C:\users\katka\appdata\roaming\.minecraft\versions\raft v2.1.0\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\katka\appdata\roaming\.minecraft\versions\raft v2.1.0\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{9E1CCF06-02A3-4247-847E-9872EAB68173}C:\users\katka\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{9EF89AFE-B5B8-4D43-B2FA-C0426D42F28C}C:\users\katka\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{00908A97-0301-4BCC-9D70-65724E9AAC70}C:\users\katka\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{60C1CADF-95C9-40C5-A553-8D34FD5D56FA}C:\users\katka\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katka\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{611C30D4-CBFF-4FBD-A8F3-7DEE9B84604A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E6B474DE-7A7E-4467-A965-AC61D08925CC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ED767204-1115-45B9-B165-099C355B37AA}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{780E11D9-9E79-4DFF-8CDF-4DA703C278A3}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{1AB3C18F-F866-4FA1-A4EE-99864D85BC1D}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{5F3FF775-CD76-415A-9CD8-4A0358214FCC}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D399C9F7-9E52-4226-A28E-8027B4F26C64}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EF30F5E1-D56A-468C-941D-D8606E30C166}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{2A59EB02-5901-4529-B01D-ECAB80DCA7F8}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BC0EA9D6-EC16-4900-B010-A39A796C5F20}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{ED3BC18C-A4F3-4245-A3C0-80612749C99D}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{00226C7E-322C-4958-A215-3FD4BCC0C194}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{45D7402B-D6CF-4602-BF55-37AE5AACD689}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9CE461D7-54A3-4DAC-9E16-76C1CD993B22}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEx.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{7F84B945-538C-4065-9DA9-739E7CDB08CE}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEn.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9088271E-9204-450E-B149-80CB431190EB}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{44998EF3-FEBB-4F42-8482-DDCC165CF013}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{4A1AF47A-38B9-430F-9387-157B560449C4}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{040331CB-03F4-4B45-9B5B-5D05E680C6BD}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{304994AD-4824-492B-8A8D-518221F9EC68}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C091F126-E6C6-428A-B666-A155D4AE45FA}] => (Allow) D:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [TCP Query User{3048F218-FCFE-457D-9E2E-407688AB32B2}C:\users\adam s\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\adam s\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{09786803-3460-47F8-8927-DAB8C602715B}C:\users\adam s\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\adam s\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{E98755E8-C4D9-4AF4-96CC-33E041632D84}C:\users\adam s\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\adam s\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{031E06A4-FD48-4233-9D88-1DB7B39ABA07}C:\users\adam s\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\adam s\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{F0D24AB6-3F4C-4521-AC9D-6BBE0983C1D1}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8F7CBA7A-A38E-422E-B93C-AA5F0C3154D7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{90301F6F-F15F-4F7A-B060-EB097C5AA467}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{401A770B-65F7-416D-863B-17243E8A8228}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEx.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A140DAAD-88C8-4687-8DFF-D7668B43C2FD}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEn.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9AF9A907-8E4F-4FDD-B98D-54D1033B3962}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{73A8BA81-D317-4671-B0D6-F24D95FBF6DA}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A2A3C8F3-5375-4BA8-B967-DE8F115898BE}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F3E7A3A1-7D6D-47E6-BC0D-306A1ECDC9EA}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{6CB37F99-3B6E-4E61-82B5-21618674A52C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{90B05A0A-EDE3-4641-B35B-C0C99BC42799}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D096503-0EE9-4D06-BA44-E6BF8AB64799}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{0C10F87C-ACA8-43E3-8A9C-D4C419FE6970}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEx.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{CFECB0FB-3277-444D-878E-37D65CA52EBA}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulatorEn.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A4E5B55D-2F45-4CDA-BCF3-1CBF0DAAFEC0}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{16DD4E01-49C5-4C57-AD34-07E2F71AA3D2}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{DE24E6EC-3E33-4DB7-9B40-2A351396403F}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C1D98A59-471E-44C2-8B75-B0C0FF5B39C8}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A25AD800-2B69-4846-8373-916150505DD5}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{7C359DEF-832E-46EF-A5D6-847D4CE4E715}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3E6BEF46-0EBF-476B-8FBF-4A9FB5ADD16D}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A6F6197A-9C2F-4CA1-B52E-57C0C123B9D8}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3F383FEC-C56F-4B16-B88E-4F20623BEB0E}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{8396D470-67B6-4DCD-A6A5-B4B325E18B72}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{511F0455-DC0F-47DC-BD8E-AEA4F9060701}] => (Allow) C:\Program Files\AndroidTbox\THypervBox.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{F4089A6A-2962-48B6-8C7E-8ECE53703996}] => (Allow) C:\Program Files\AndroidTbox\TBoxHeadless.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{2F57FE9A-814B-46B3-ABA6-5B4EE3D7D702}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetNAT.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{D955F14F-8F63-444A-8A0B-2389C5CB99E1}] => (Allow) C:\Program Files\AndroidTbox\TBoxSDL.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{F13170EA-E8AE-4513-9DFE-125EE108095A}] => (Allow) C:\Program Files\AndroidTbox\TBoxExtPackHelperApp.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{41F652F6-19E1-40E3-83CE-21AAFEFEAD34}] => (Allow) C:\Program Files\AndroidTbox\USBInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BB079EFF-8352-4F35-ABDF-9A4C5DDEA896}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetDHCP.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{B8ABB960-7BD6-42E2-9A2C-BEBEAE63D381}] => (Allow) C:\Program Files\AndroidTbox\TBoxManage.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{63F2C6E3-1DA5-4B5A-9F4B-9348F2491314}] => (Allow) C:\Program Files\AndroidTbox\USBUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{77368C31-1BF6-4198-BB4F-30FF14993B0B}] => (Allow) C:\Program Files\AndroidTbox\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A12E50DF-FFEB-4012-8CDB-C286694AB56A}] => (Allow) C:\Program Files\AndroidTbox\SUPLoggerCtl.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{11EDBDB2-1121-42D5-B546-5FC942E22240}] => (Allow) C:\Program Files\AndroidTbox\NetFltUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B9688EF9-F78F-4573-99AB-B14A443793ED}] => (Allow) C:\Program Files\AndroidTbox\SUPUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{CD4281D4-B355-4875-AF1D-0E567878180B}] => (Allow) C:\Program Files\AndroidTbox\TBoxBalloonCtrl.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{3050CFCE-C125-4647-ADE1-95A8E60C5DDC}] => (Allow) C:\Program Files\AndroidTbox\SUPInstall.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{723AB8B5-57CF-4D13-846B-7084D8F4F648}] => (Allow) C:\Program Files\AndroidTbox\TBoxSVC.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation)
FirewallRules: [{A42ECF05-297F-45EB-B541-06068562E956}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{94F7F519-B69D-4705-96B6-54FB8ED0DD93}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C800553B-CB2B-4D1E-B066-420C6C132CA7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{45B2B607-EECF-4A16-9856-3DE0D0D6D49A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{050408F6-C93F-4CCD-9E6C-18CE366AE801}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{28660034-2374-4AC7-BE3F-39FCEBF87EC5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3E787994-A1F9-4CEB-B813-7FFCC087FC95}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AA4962E5-784F-4094-897C-963A7E1EC4E1}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{09CDD68D-7455-4942-8B47-9CDCC8E7D713}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5FA50C5B-3357-4624-9A48-45EEE8E60F58}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

07-01-2022 13:14:37 Windows Update

==================== Faulty Device Manager Devices ============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/07/2022 08:26:52 PM) (Source: VSS) (EventID: 12297) (User: )
Description: Chyba služby Stínová kopie svazku: Po dobu vytváření stínové kopie na svazku \\?\Volume{64896b8b-b842-11e8-b9ec-806e6f6e6963}\ nelze zapsat vstupně-výstupní zápisy.
Index svazku v sadě stínové kopie: 0. Podrobnosti o chybě: Otevřeno[0x00000000, Operace byla dokončena úspěšně.
], Zapsáno[0x80042302, V součásti Stínová kopie svazku došlo k neočekávané chybě.
Další informace získáte v protokolu událostí aplikace.
], Uvolněno[0x00000000, Operace byla dokončena úspěšně.
], Spuštěno[0x00000000, Operace byla dokončena úspěšně.
].


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (01/07/2022 08:26:52 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Chyba služby Stínová kopie svazků: Neočekávaná chyba DeviceIoControl(\\?\Volume{64896b8b-b842-11e8-b9ec-806e6f6e6963} - 0000000000000234,0x0053c000,00000000000F90C0,0,00000000000FA0D0,4096,[0]). hr = 0x80070005, Přístup byl odepřen.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: calling flush-and-hold IOCTL
Aktuální stav: flush-and-hold writes
Název svazku: \\?\Volume{64896b8b-b842-11e8-b9ec-806e6f6e6963}\

Error: (01/07/2022 05:51:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 6.1.7601.24523, časové razítko: 0x5d79ba7b
Název chybujícího modulu: RltkAPO64.dll, verze: 11.0.6000.536, časové razítko: 0x58213607
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000228e23
ID chybujícího procesu: 0x13ac
Čas spuštění chybující aplikace: 0x01d803e502a02e4a
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\RltkAPO64.dll
ID zprávy: 103d7ac1-6fda-11ec-b5e7-001a7d0ab781

Error: (01/07/2022 01:04:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/06/2022 03:19:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/05/2022 02:20:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/04/2022 03:02:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2022 07:15:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (01/07/2022 07:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba QMEmulatorService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/07/2022 07:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Advanced SystemCare Service 15 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/07/2022 07:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/07/2022 07:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/07/2022 06:19:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/07/2022 05:49:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace bezpečnostních informací pro produkt Microsoft Security Essentials - KB2310138 (verze 1.355.1571.0).

Error: (01/07/2022 05:45:54 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu: 1.355.1571.0

Předchozí verze podpisu: 1.355.1558.0

Zdroj aktualizace: Uživatel

Fáze aktualizace: Instalovat

Zdrojová cesta:

Typ podpisu: Antispywarový program

Typ aktualizace: Delta

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu: 1.1.18800.4

Předchozí verze modulu: 1.1.18800.4

Kód chyby: 0x80508001

Popis chyby: Potíže neumožňují spuštění programu. Nainstalujte všechny dostupné aktualizace a zkuste daný program spustit znovu. Informace o instalaci aktualizací najdete v nápovědě a podpoře.

Error: (01/07/2022 05:45:54 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu: 1.355.1571.0

Předchozí verze podpisu: 1.355.1558.0

Zdroj aktualizace: Uživatel

Fáze aktualizace: Instalovat

Zdrojová cesta:

Typ podpisu: Antivirový program

Typ aktualizace: Delta

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu: 1.1.18800.4

Předchozí verze modulu: 1.1.18800.4

Kód chyby: 0x80508001

Popis chyby: Potíže neumožňují spuštění programu. Nainstalujte všechny dostupné aktualizace a zkuste daný program spustit znovu. Informace o instalaci aktualizací najdete v nápovědě a podpoře.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 3602 03/26/2018
Motherboard: ASUSTeK COMPUTER INC. H81M-R
Processor: Intel(R) Pentium(R) CPU G3420 @ 3.20GHz
Percentage of memory in use: 86%
Total physical RAM: 4034.72 MB
Available physical RAM: 548.68 MB
Total Virtual: 8128.87 MB
Available Virtual: 3548.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:180.2 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:186.49 GB) NTFS

\\?\Volume{64896b8a-b842-11e8-b9ec-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 78197819)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: FC5BB8BC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {38e6a015-501a-11ec-86c4-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {6dcf23ff-57da-11ea-8b3b-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {76221485-46b2-11eb-867f-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {7622148c-46b2-11eb-867f-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {adbd6370-ec79-11eb-965b-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {b623b378-3738-11e9-b4ce-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {c11c29f0-68e1-11ea-a150-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {ea686d71-2ee6-11eb-b4ec-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {fe59e268-2dd8-11e9-8eae-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {fe59e26d-2dd8-11e9-8eae-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\MountPoints2: {38e6a015-501a-11ec-86c4-001a7d0ab781} - F:\HiSuiteDownLoader.exe
Task: {1275BC01-1847-4263-A58F-069E97039BDB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core => C:\Users\Katka\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.)
Task: {7BF68C68-F0B0-4A9F-8AF3-43A32ED1BF5D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-15] (Google Inc -> Google Inc.)
Task: {83AEE53B-FD31-4A22-AC66-5801105CB079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-15] (Google Inc -> Google Inc.)
Task: {D8B1F135-BB75-4A4E-9960-A6C5489216E3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA => C:\Users\Katka\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.)
Task: {CA7073DA-D354-4ECC-85F9-251CF1954ED2} - System32\Tasks\iTop Screen Recorder SkipUAC (Adam S) => C:\Program Files (x86)\iTop Screen Recorder\IScrRec.exe /skipuac (No File)
Task: {1F476527-B622-4126-AC50-920E83B32E06} - System32\Tasks\ASC_SkipUac_Katka => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac (No File)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 aswbdisk; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
SearchScopes: HKU\S-1-5-21-3410242202-4032261145-1968254855-1000 -> DefaultScope {6A1806CD-94D4-4689 URL =

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Petura]

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Adam S (07-01-2022 21:12:52) Run:1
Running from C:\Users\Adam S\Desktop
Loaded Profiles: Katka & UpdatusUser & Adam S
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {38e6a015-501a-11ec-86c4-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {6dcf23ff-57da-11ea-8b3b-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {76221485-46b2-11eb-867f-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {7622148c-46b2-11eb-867f-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {adbd6370-ec79-11eb-965b-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {b623b378-3738-11e9-b4ce-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {c11c29f0-68e1-11ea-a150-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {ea686d71-2ee6-11eb-b4ec-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {fe59e268-2dd8-11e9-8eae-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\...\MountPoints2: {fe59e26d-2dd8-11e9-8eae-001a7d0ab781} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\...\MountPoints2: {38e6a015-501a-11ec-86c4-001a7d0ab781} - F:\HiSuiteDownLoader.exe
Task: {1275BC01-1847-4263-A58F-069E97039BDB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core => C:\Users\Katka\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.)
Task: {7BF68C68-F0B0-4A9F-8AF3-43A32ED1BF5D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-15] (Google Inc -> Google Inc.)
Task: {83AEE53B-FD31-4A22-AC66-5801105CB079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-15] (Google Inc -> Google Inc.)
Task: {D8B1F135-BB75-4A4E-9960-A6C5489216E3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA => C:\Users\Katka\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.)
Task: {CA7073DA-D354-4ECC-85F9-251CF1954ED2} - System32\Tasks\iTop Screen Recorder SkipUAC (Adam S) => C:\Program Files (x86)\iTop Screen Recorder\IScrRec.exe /skipuac (No File)
Task: {1F476527-B622-4126-AC50-920E83B32E06} - System32\Tasks\ASC_SkipUac_Katka => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac (No File)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 aswbdisk; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
SearchScopes: HKU\S-1-5-21-3410242202-4032261145-1968254855-1000 -> DefaultScope {6A1806CD-94D4-4689 URL =

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38e6a015-501a-11ec-86c4-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6dcf23ff-57da-11ea-8b3b-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76221485-46b2-11eb-867f-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7622148c-46b2-11eb-867f-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{adbd6370-ec79-11eb-965b-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b623b378-3738-11e9-b4ce-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c11c29f0-68e1-11ea-a150-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea686d71-2ee6-11eb-b4ec-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe59e268-2dd8-11e9-8eae-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe59e26d-2dd8-11e9-8eae-001a7d0ab781} => removed successfully
HKU\S-1-5-21-3410242202-4032261145-1968254855-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38e6a015-501a-11ec-86c4-001a7d0ab781} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1275BC01-1847-4263-A58F-069E97039BDB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1275BC01-1847-4263-A58F-069E97039BDB}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BF68C68-F0B0-4A9F-8AF3-43A32ED1BF5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BF68C68-F0B0-4A9F-8AF3-43A32ED1BF5D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83AEE53B-FD31-4A22-AC66-5801105CB079}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83AEE53B-FD31-4A22-AC66-5801105CB079}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8B1F135-BB75-4A4E-9960-A6C5489216E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8B1F135-BB75-4A4E-9960-A6C5489216E3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA7073DA-D354-4ECC-85F9-251CF1954ED2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA7073DA-D354-4ECC-85F9-251CF1954ED2}" => removed successfully
C:\Windows\System32\Tasks\iTop Screen Recorder SkipUAC (Adam S) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iTop Screen Recorder SkipUAC (Adam S)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F476527-B622-4126-AC50-920E83B32E06}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F476527-B622-4126-AC50-920E83B32E06}" => removed successfully
C:\Windows\System32\Tasks\ASC_SkipUac_Katka => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC_SkipUac_Katka" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
"C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000UA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3410242202-4032261145-1968254855-1000Core" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\Advanced SystemCare => removed successfully
"HKU\S-1-5-21-3410242202-4032261145-1968254855-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3974993 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 5106357 B
Edge => 0 B
Chrome => 42032376 B
Firefox => 54157164 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83693 B
systemprofile32 => 150049 B
LocalService => 216277 B
NetworkService => 282505 B
Katka => 8804604609 B
UpdatusUser => 8804604609 B
Adam S => 8932875264 B

RecycleBin => 0 B
EmptyTemp: => 24.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-01-2022 21:31:51)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 21:31:53 ====

[Rudy]

Smazáno. Nastala nějaká změna?