VIRY.CZ

Dobrý večer, chcem Vás poprosiť o kontrolu notebooku.
Prikladám log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2022
Ran by PC (administrator) on DESKTOP-5KFCUQI (HP OMEN by HP Laptop 15-dc0xxx) (13-11-2022 19:11:32)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Platform: Microsoft Windows 10 Home Version 21H2 19044.2251 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(Discord Inc. -> Discord Inc.) C:\Users\PC\AppData\Local\Discord\app-1.0.9007\Discord.exe <6>
(DriverStore\FileRepository\cui_dc_comp.inf_amd64_1c77f1231c19bc72\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dc_comp.inf_amd64_1c77f1231c19bc72\igfxEM.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\Glorious Model D Software\OemDrv.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <77>
(explorer.exe ->) (Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (ResolveDevOps Limited -> ResolveDevOps Limited) C:\Users\PC\AppData\Roaming\ProductAuthenticationService\pas.exe
(explorer.exe ->) (Sam G) C:\Program Files\WindowsApps\32669SamG.ModernFlyouts_0.9.3.0_x64__pcy8vm99wrpcg\ModernFlyoutsHost.exe
(explorer.exe ->) (Softdeluxe) [File not signed] D:\Nový priečinok\fdm.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe
(services.exe ->) (Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe
(services.exe ->) (DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3e1a713e1f6bc37c\x64\OmenCap\OmenCap.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dc_comp.inf_amd64_1c77f1231c19bc72\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dc_base.inf_amd64_04dfefe2ba7fe997\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dc_base.inf_amd64_04dfefe2ba7fe997\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe
(services.exe ->) (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.14.0.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [878368 2019-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5204968 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Steam] => c:\program files (x86)\steam\steam.exe [4234088 2022-10-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Discord] => C:\Users\PC\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\PC\AppData\Local\Microsoft\Teams\Update.exe [2453704 2021-03-28] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [ProductAuthenticationService] => C:\Users\PC\AppData\Roaming\ProductAuthenticationService\pas.exe [1004072 2021-03-29] (ResolveDevOps Limited -> ResolveDevOps Limited) <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [SteamServerBrowser] => C:\Users\PC\AppData\Roaming\SteamServerBrowser\SteamServerBrowser.exe [289304 2021-04-27] (Lyrha Software Technologies Inc. -> )
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19903800 2021-07-27] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Overwolf] => D:\Overwolf\OverwolfLauncher.exe -overwolfsilent (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [electron.app.SquadOV] => C:\Users\PC\AppData\Local\Programs\squadov_client_ui\SquadOV.exe --hidden (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Medal] => C:\Users\PC\AppData\Local\Medal\update.exe [1901144 2022-03-25] (Ferox Games B.V. -> )
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-10-28] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Free Download Manager] => D:\Nový priečinok\fdm.exe [5654016 2022-08-18] (Softdeluxe) [File not signed]
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Spotify] => C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe [20232568 2022-11-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e01f76-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e021d4-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\107.1.45.123\Installer\chrmstp.exe [2022-11-11] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-09-29]
ShortcutTarget: Rainmeter.lnk -> D:\Rainmeter.exe (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ThrottleStop – odkaz.lnk [2021-03-24]
ShortcutTarget: ThrottleStop – odkaz.lnk -> C:\ThrottleStop_9.3\ThrottleStop.exe (TechPowerUp LLC -> uWebb Software)
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0852C903-B1E7-44A9-BD41-8A48A0255961} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1ED9A6F7-B527-4137-B067-2F27F2F69E22} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {2E8AD2B9-DB5A-455C-9618-54EC8FFA6A07} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3B919DCB-C795-422C-AF63-3BEFEDCB2C88} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
Task: {46C4F992-DD40-456B-9E11-5C41E32C7E25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
Task: {56A27047-4681-47CD-9BC3-486007410385} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {5865F3B5-9FDA-4F9C-A860-6D21ED851ED4} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{EDD0C207-1C45-448F-8A0F-4E4ECB69DD7B} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2022-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {629EA3CF-1711-4C38-9712-4C730A7E4C83} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3978504 2021-07-29] (Easeware Technology Limited -> Easeware)
Task: {65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56} - System32\Tasks\Overwolf Updater Task => D:\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (No File)
Task: {6929F85E-B085-44A8-A40D-940A4B5ECF98} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{EA44E20C-BCDE-4902-AD25-405816F84DE1} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2022-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {6A43A4D8-8C5C-460C-9774-E7BCC5149B2A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {72D074A7-B24D-4DAF-B269-D4229B1C5DBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
Task: {81269C2F-A2B1-4E1A-8273-C772ACB1887F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8D7D18C0-8D99-45EE-9653-7154ABB53DF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {9659A028-5AD1-4939-A931-ADD2067CC32F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9D4C2D71-F72C-4967-98E5-2FE34B418E60} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6093928 2021-12-20] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {A1898B5B-DB2C-412C-8C43-DB21C68A805F} - System32\Tasks\LightStudioHelper => C:\Program Files\HP\LightStudioHelper\LightStudioHelper.exe [26248 2021-03-27] (HP Inc. -> HP Inc.)
Task: {A1EC9422-EAF5-49FE-9A34-0C94E64D1040} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [542976 2021-11-21] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
Task: {ABCE889C-5E1C-473D-8648-AF2F55E201C6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B219C4D4-CEE2-439B-B211-99682FD7F244} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
Task: {B976CEBE-9B60-446B-904B-CB73B45BBD4F} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
Task: {C88A1DD2-C01B-4E15-BD06-5D37EBAEC240} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
Task: {C9C67DB9-BD0E-41C8-948F-A7AB9D63BF5C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5629064 2021-11-23] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {D3C5A8E5-DAFA-4006-81F7-6A0414038198} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "dd8a3f9a-bc4d-4b4a-8d8f-5e1ad638d84b" --version "6.05.10110" --silent
Task: {D9371033-FF28-44E6-A4FF-AF75502BF6AD} - System32\Tasks\CCleanerSkipUAC - PC => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DA4CA902-16A7-42AE-BFA9-C2C0029A90E0} - System32\Tasks\ThrottleStop => C:\ThrottleStop_9.3\ThrottleStop.exe [3903904 2021-03-24] (TechPowerUp LLC -> uWebb Software)
Task: {E102283B-72E0-4EE2-B9CF-B52D6F0245DC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {E42C9CB3-175F-4DBE-AD37-0127D2126399} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {E6A72E18-A14E-4A18-B8B3-F949E92DCDB4} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {F2A9DFA4-243C-4653-8FB8-8EA6B36CE88E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [5363552 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {F4B2E43C-8975-483D-BB3F-140C24A2DE8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FA71D4FB-0CF5-4007-8828-DFA3FC543F17} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FC35017C-536F-497A-BEB5-5E87FBCA57FE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FDC44496-80F0-4888-83FD-5513FF95188F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{2264d6bb-b2cd-4762-a0ff-1ee88b5dc1fa}: [DhcpNameServer] 217.23.254.124 217.23.254.125

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-13]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-12-04] (Oracle America, Inc. -> Oracle Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2022-11-13]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-09-01]
CHR Extension: (Flash Player +) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnipglnbhfacfmefbgiiodalehbcgcbm [2022-03-09]
CHR Extension: (Return YouTube Dislike) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-09-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-27]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-08]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-11-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-11-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-08]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-11-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-11-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-13]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Brave:
=======
BRA Profile: C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-11-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539152 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-18] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2022-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2022-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 dcsvc; C:\Windows\system32\dcsvc.dll [785408 2022-11-09] (Microsoft Windows -> Microsoft Corporation)
R2 DTSAPO3Service; C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe [207472 2019-05-23] (DTS, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-25] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-01] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 FACEITService; D:\FACEIT AC\faceitservice.exe [26209168 2022-08-29] (FACE IT LIMITED -> )
R2 HPAppHelperCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\AppHelperCap.exe [786888 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\DiagsCap.exe [785896 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\NetworkCap.exe [782296 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3e1a713e1f6bc37c\x64\OmenCap\OmenCap.exe [775168 2022-09-02] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-11-26] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe [786392 2022-09-28] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe [493680 2022-09-28] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10097408 2022-10-28] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-13] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [860640 2022-11-11] (McAfee, LLC -> McAfee, LLC)
S3 Rockstar Service; D:\GTAV\RockstarService.exe [2718048 2022-09-28] (Rockstar Games, Inc. -> Rockstar Games)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2782080 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4605312 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10450928 2022-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\107.1.45.123\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 OverwolfUpdater; "D:\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [42304 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [238152 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [390096 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [306128 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [105936 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [48512 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276520 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [564304 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [114464 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [90008 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [862936 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [672272 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [221944 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [327896 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2021-12-16] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [16576040 2022-08-29] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 HPCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-19] (HP Inc. -> HP Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-24] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193992 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-11-13] (Malwarebytes Inc. -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S0 Spybot3ELAM; C:\Windows\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8746536 2022-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
R3 ViGEmBus; C:\Windows\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [48136 2021-05-13] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 ThrottleStop; \??\C:\Users\PC\AppData\Local\Temp\ThrottleStop.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-13 19:11 - 2022-11-13 19:12 - 000038360 _____ C:\Users\PC\Desktop\FRST.txt
2022-11-13 19:04 - 2022-11-13 19:11 - 000000000 ____D C:\FRST
2022-11-13 19:04 - 2022-11-13 19:04 - 002375168 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2022-11-13 18:47 - 2022-11-13 18:47 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000193992 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-13 18:47 - 2022-11-13 18:47 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-13 18:47 - 2022-11-13 18:47 - 000000000 ____D C:\Users\PC\AppData\Local\mbam
2022-11-13 18:47 - 2022-11-13 18:46 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-11-13 18:46 - 2022-11-13 18:46 - 002632256 _____ (Malwarebytes) C:\Users\PC\Downloads\MBSetup-1A79B652-37335.37335.exe
2022-11-13 18:46 - 2022-11-13 18:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-13 18:46 - 2022-11-13 18:46 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-13 15:21 - 2022-11-13 17:59 - 000000000 ____D C:\Users\PC\Desktop\Scammer
2022-11-13 15:18 - 2022-11-13 15:18 - 000057354 _____ C:\Users\PC\Downloads\SpotX-Win-main.zip
2022-11-12 20:16 - 2022-11-12 20:16 - 006009856 _____ C:\Users\PC\Downloads\154LSK_pred_4_2008.ppt
2022-11-12 20:16 - 2022-11-12 20:16 - 000855250 _____ C:\Users\PC\Downloads\INF14.pptx
2022-11-11 21:18 - 2022-11-11 21:18 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2022-11-11 20:43 - 2022-11-11 21:16 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2022-11-11 20:43 - 2022-11-11 20:43 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2022-11-11 20:43 - 2022-11-11 20:43 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2022-11-11 20:43 - 2022-11-11 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2022-11-11 20:43 - 2019-06-21 07:34 - 000019904 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Spybot3ELAM.sys
2022-11-11 20:43 - 2018-02-06 18:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2022-11-11 20:42 - 2022-11-13 18:21 - 000003484 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{EA44E20C-BCDE-4902-AD25-405816F84DE1}
2022-11-11 20:42 - 2022-11-13 18:21 - 000003260 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{EDD0C207-1C45-448F-8A0F-4E4ECB69DD7B}
2022-11-11 20:42 - 2022-11-13 14:53 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2022-11-11 20:42 - 2022-11-11 20:42 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 ____D C:\Users\PC\AppData\Local\BraveSoftware
2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 ____D C:\Program Files\BraveSoftware
2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2022-11-11 20:41 - 2022-11-11 20:41 - 065427184 _____ (Safer-Networking Ltd. ) C:\Users\PC\Downloads\spybotsd-2.9.82.0.exe
2022-11-11 06:59 - 2022-11-13 18:35 - 000000000 ____D C:\Users\PC\AppData\Roaming\Spotify
2022-11-11 06:59 - 2022-11-13 15:21 - 000000000 ____D C:\Users\PC\AppData\Local\Spotify
2022-11-11 06:59 - 2022-11-11 06:59 - 000923096 _____ (Spotify Ltd) C:\Users\PC\Downloads\SpotifySetup (1).exe
2022-11-11 06:59 - 2022-11-11 06:59 - 000001835 _____ C:\Users\PC\Desktop\Spotify.lnk
2022-11-11 06:59 - 2022-11-11 06:59 - 000001821 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2022-11-10 19:33 - 2022-11-10 19:33 - 000000000 ___HD C:\$WinREAgent
2022-11-09 20:42 - 2022-11-09 20:42 - 000688128 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-11-09 20:42 - 2022-11-09 20:42 - 000073216 _____ C:\Windows\system32\nettraceex.dll
2022-11-09 20:42 - 2022-11-09 20:42 - 000012253 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-11-09 20:41 - 2022-11-09 20:41 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-11-09 20:40 - 2022-11-09 20:40 - 001554510 _____ C:\Users\PC\Downloads\Wurst-Client-v7.30-MC1.19.2.jar
2022-11-08 18:11 - 2022-11-08 18:11 - 000000000 ____D C:\Users\PC\AppData\Roaming\Python
2022-11-08 16:37 - 2022-11-08 16:37 - 000000000 ____D C:\Users\PC\AppData\Roaming\Fusion360
2022-11-08 16:37 - 2022-11-08 16:37 - 000000000 ____D C:\Users\PC\AppData\Roaming\CadSoft
2022-11-08 16:33 - 2022-11-08 16:37 - 000000000 ____D C:\Users\PC\AppData\Roaming\Autodesk
2022-11-08 16:33 - 2022-11-08 16:33 - 000002665 _____ C:\Users\PC\Desktop\Autodesk Fusion 360.lnk
2022-11-08 16:33 - 2022-11-08 16:33 - 000000000 ____D C:\Users\PC\Documents\Fusion 360
2022-11-08 16:33 - 2022-11-08 16:33 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2022-11-08 16:33 - 2022-11-08 16:33 - 000000000 ____D C:\ProgramData\Autodesk
2022-11-08 16:28 - 2022-11-08 18:43 - 000000000 ____D C:\Users\PC\AppData\Local\Autodesk
2022-11-07 20:23 - 2022-11-13 18:21 - 000002878 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-11-07 20:23 - 2022-11-13 18:21 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-11-07 19:47 - 2022-11-07 20:12 - 000000000 ____D C:\Users\PC\AppData\Roaming\vscode-java-installer
2022-11-07 19:44 - 2022-11-07 21:55 - 000000000 ____D C:\Users\PC\AppData\Roaming\Code
2022-11-07 19:44 - 2022-11-07 19:44 - 000000000 ____D C:\Users\PC\.vscode
2022-11-07 19:42 - 2022-11-07 19:58 - 000000836 _____ C:\Users\PC\Desktop\Visual Studio Code.lnk
2022-11-07 19:42 - 2022-11-07 19:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-11-07 19:40 - 2022-11-07 19:40 - 000923096 _____ (Spotify Ltd) C:\Users\PC\Downloads\SpotifySetup.exe
2022-11-07 19:34 - 2022-11-07 19:34 - 000000000 ____D C:\Users\PC\.m2
2022-11-07 19:31 - 2022-11-07 19:31 - 000000000 ____D C:\Users\PC\Documents\NetBeansProjects
2022-11-07 19:30 - 2022-11-07 19:30 - 000000000 ____D C:\Users\PC\AppData\Roaming\NetBeans
2022-11-07 19:30 - 2022-11-07 19:30 - 000000000 ____D C:\Users\PC\AppData\Local\NetBeans
2022-11-07 19:27 - 2022-11-07 19:44 - 000000000 ____D C:\Users\PC\.nbi
2022-11-01 22:13 - 2022-11-01 22:13 - 000270552 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-11-01 22:13 - 2022-11-01 22:13 - 000221944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-10-29 19:09 - 2022-10-29 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-10-29 19:09 - 2022-10-29 19:09 - 000000000 ____D C:\Program Files\LGHUB
2022-10-22 20:26 - 2014-01-12 12:31 - 000000000 ____D C:\Users\PC\Downloads\THE ORPHANAGE v2
2022-10-22 20:23 - 2022-10-22 20:23 - 020373315 _____ C:\Users\PC\Downloads\The Orphanage Horror 1.7.2 REMO v2.rar
2022-10-22 20:15 - 2022-10-22 20:15 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-10-22 20:15 - 2022-10-22 20:15 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-10-17 19:35 - 2022-10-17 19:35 - 018298490 _____ C:\Users\PC\Downloads\§bBedlessFault§r - tokyo edit.zip
2022-10-17 19:35 - 2022-10-17 19:35 - 017981709 _____ C:\Users\PC\Downloads\§bBedlessFault§r - BuddhaTortoise edit.zip
2022-10-17 19:35 - 2022-10-17 19:35 - 017015992 _____ C:\Users\PC\Downloads\§bBedlessFault§r - Pvrpleflare edit.zip
2022-10-17 19:35 - 2022-10-17 19:35 - 016998279 _____ C:\Users\PC\Downloads\§bBedlessFault§r - daDurian edit.zip
2022-10-17 19:35 - 2022-10-17 19:35 - 016149791 _____ C:\Users\PC\Downloads\§bBedlessFault§r - SidNotAvenged edit.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-13 18:53 - 2022-08-05 14:19 - 000000000 ____D C:\Users\PC\Downloads\modest-menu_v0.9.4
2022-11-13 18:51 - 2021-03-27 21:25 - 000000000 ____D C:\Users\PC\AppData\Roaming\discord
2022-11-13 18:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-11-13 18:39 - 2021-03-27 21:25 - 000000000 ____D C:\Users\PC\AppData\Local\Discord
2022-11-13 18:26 - 2020-11-18 23:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-11-13 18:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-13 18:21 - 2021-09-06 09:38 - 000002248 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - PC
2022-11-13 18:21 - 2021-04-06 09:42 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:42 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-03-27 17:21 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-11-13 18:21 - 2021-03-27 17:01 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-11-13 18:21 - 2021-03-27 16:56 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-11-13 18:21 - 2021-03-27 16:56 - 000003162 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-11-13 18:21 - 2020-11-19 00:31 - 000003560 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-13 18:21 - 2020-11-19 00:31 - 000003336 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-13 18:15 - 2021-03-27 16:56 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-13 16:44 - 2021-09-28 18:43 - 000000000 ____D C:\Users\PC\Desktop\ŠKOLA
2022-11-13 15:32 - 2021-12-16 08:33 - 000051774 _____ C:\Windows\system32\perfh01B.dat
2022-11-13 15:32 - 2021-12-16 08:33 - 000012864 _____ C:\Windows\system32\perfc01B.dat
2022-11-13 15:32 - 2021-03-24 20:12 - 000885192 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-13 15:32 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-11-13 14:56 - 2021-03-27 17:21 - 000000000 ____D C:\Program Files\CCleaner
2022-11-13 14:56 - 2021-03-24 20:15 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-13 14:55 - 2021-06-29 09:31 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2022-11-13 14:53 - 2022-08-23 13:31 - 000000000 ____D C:\Users\PC\AppData\Roaming\LGHUB
2022-11-13 14:53 - 2022-08-23 13:30 - 000000000 ____D C:\Users\PC\AppData\Local\LGHUB
2022-11-13 14:53 - 2021-03-24 20:12 - 000000000 __SHD C:\Users\PC\IntelGraphicsProfiles
2022-11-13 14:53 - 2021-03-24 19:44 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-13 14:53 - 2020-11-19 00:28 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-11-13 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-11-12 20:16 - 2020-11-19 00:31 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-12 20:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-12 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-11-11 22:59 - 2021-03-27 18:00 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2022-11-11 21:20 - 2021-03-27 16:58 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-11 21:19 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-11-11 20:49 - 2021-06-29 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2022-11-11 07:03 - 2020-11-18 23:28 - 000303608 _____ C:\Windows\system32\FNTCACHE.DAT
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-11-11 06:53 - 2021-03-27 16:56 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-10 21:46 - 2021-03-27 19:00 - 000000000 ____D C:\Users\PC\AppData\Roaming\.minecraft
2022-11-09 20:45 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-11-09 20:41 - 2020-11-19 00:31 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-11-09 20:30 - 2021-03-24 20:08 - 000000000 ____D C:\Windows\system32\MRT
2022-11-09 20:29 - 2021-03-24 20:08 - 146960040 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-11-08 16:59 - 2021-03-24 20:40 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2022-11-07 21:50 - 2021-03-27 17:11 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-07 21:34 - 2021-03-24 20:08 - 000000000 ____D C:\Users\PC\AppData\Local\PlaceholderTileLogoFolder
2022-11-07 21:34 - 2021-03-24 19:47 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2022-11-07 21:34 - 2020-11-19 00:33 - 000000000 ____D C:\ProgramData\Packages
2022-11-07 20:28 - 2021-11-11 13:48 - 000000000 ____D C:\Users\PC\Desktop\GAMES
2022-11-07 19:49 - 2021-08-30 08:42 - 000000000 ____D C:\Users\PC\.cache
2022-11-07 19:44 - 2021-03-24 19:47 - 000000000 ____D C:\Users\PC
2022-11-05 18:53 - 2021-03-27 17:05 - 000000000 ____D C:\Users\PC\AppData\Roaming\lunarclient
2022-11-01 22:13 - 2021-03-27 17:01 - 000862936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000672272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000564304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000390096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000327896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000306128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000276520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000238152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000114464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000105936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000090008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000048512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000042304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-10-30 21:23 - 2021-11-02 12:45 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-10-28 14:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-10-28 14:02 - 2021-03-28 11:16 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-28 11:33 - 2021-03-27 18:46 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-10-23 17:28 - 2021-04-28 10:39 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2022-10-22 20:15 - 2021-11-20 17:45 - 000153048 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 002815456 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 000452048 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 000243168 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 000198096 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll

==================== Files in the root of some directories ========

2021-03-28 19:04 - 2021-03-28 19:04 - 000000068 _____ () C:\Users\PC\AppData\Roaming\changzhi_leidian.data
2021-09-06 09:26 - 2021-09-06 09:26 - 000000128 _____ () C:\Users\PC\AppData\Roaming\changzhi_leidianmac.data
2022-03-25 19:08 - 2022-03-25 19:08 - 001322873 _____ () C:\Users\PC\AppData\Roaming\VideoPad.dmp
2022-05-28 20:26 - 2022-05-28 20:26 - 000000866 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2021-09-05 17:51 - 2021-09-05 17:51 - 000000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [ProductAuthenticationService] => C:\Users\PC\AppData\Roaming\ProductAuthenticationService\pas.exe [1004072 2021-03-29] (ResolveDevOps Limited -> ResolveDevOps Limited) <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Overwolf] => D:\Overwolf\OverwolfLauncher.exe -overwolfsilent (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [electron.app.SquadOV] => C:\Users\PC\AppData\Local\Programs\squadov_client_ui\SquadOV.exe --hidden (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e01f76-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e021d4-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: Rainmeter.lnk -> D:\Rainmeter.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56} - System32\Tasks\Overwolf Updater Task => D:\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (No File)
Task: {72D074A7-B24D-4DAF-B269-D4229B1C5DBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
Task: {B976CEBE-9B60-446B-904B-CB73B45BBD4F} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
Task: {E42C9CB3-175F-4DBE-AD37-0127D2126399} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {E6A72E18-A14E-4A18-B8B3-F949E92DCDB4} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {C88A1DD2-C01B-4E15-BD06-5D37EBAEC240} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
S3 ThrottleStop; \??\C:\Users\PC\AppData\Local\Temp\ThrottleStop.sys [X] <==== ATTENTION
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Windows\tracing:? [16]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk:21661D084B [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk:550995E265 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk:880C9F1679 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [4282]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6810]
FirewallRules: [TCP Query User{5986F4C9-BF41-4B12-BB6D-11111678E4B1}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{9E8501EB-57D0-4C9C-BD83-DCFCD993F269}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DA86AD72-88DC-4169-BED6-6CC89C8517D0}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{137C25B1-C568-4D8B-A744-63956E12998C}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{A0F1BA4A-4F23-4D65-8AF7-23FFF57B2855}D:\call of duty - black ops\blackops.exe] => (Allow) D:\call of duty - black ops\blackops.exe => No File
FirewallRules: [UDP Query User{D1C13958-D2F1-4FA6-A6D7-799D8012915C}D:\call of duty - black ops\blackops.exe] => (Allow) D:\call of duty - black ops\blackops.exe => No File
FirewallRules: [{1509021e-952a-4222-925b-e9ef2e35da46}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{1E0EE64E-909A-4681-A680-85CF328345BC}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [TCP Query User{0B9618CE-9AE9-4972-8C27-F6F818043472}C:\users\pc\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc\appdata\local\vghd\bin\vghd.exe => No File
FirewallRules: [UDP Query User{14DB72FD-F01E-4C7D-BE78-9ED10F914B0C}C:\users\pc\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc\appdata\local\vghd\bin\vghd.exe => No File
FirewallRules: [{141FBB48-833F-4E9F-ACBB-61098233CEA2}] => (Allow) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{BC9BB575-4FD0-4343-82F8-68FEDAB902F2}] => (Allow) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{EB2693AC-6F73-4E81-9E5B-BC6E84DF241A}] => (Block) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{5C48C7D6-36C2-4908-81EA-13BFD0D9F6BB}] => (Block) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{0670FED8-3489-4009-9FBA-754A472D995F}] => (Allow) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{47E21C8A-C5E3-47EB-88DD-256BA2274690}] => (Allow) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{DA6F9692-0866-461F-8A86-2FDA9898CEC9}] => (Block) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{8CCB671E-19F6-48C6-A59F-9EBEB40D6531}] => (Block) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{9D99E0B3-A2A9-4036-B281-1B988BCA4FCF}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe => No File
FirewallRules: [{9F5B31BD-F852-4F9E-A6AC-C6F0F46B6D24}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe => No File
FirewallRules: [TCP Query User{D4F1D848-0539-421C-A301-D5CE5C0768BA}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe] => (Allow) C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe => No File
FirewallRules: [UDP Query User{CD3299B8-5515-494D-8C1C-70ED42250164}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe] => (Allow) C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe => No File
FirewallRules: [TCP Query User{35D12D6B-9C42-4243-AC53-42A4DF444EDC}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe => No File
FirewallRules: [UDP Query User{75252765-4A7B-42C0-9D30-12BC38F0D293}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe => No File
FirewallRules: [TCP Query User{B8D6D6D2-D23F-4274-982E-FF633C47B538}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{897E455F-4AE9-4986-862F-8976E2841F47}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{366E3984-F6D6-449C-897A-350D5D9C622D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{78BE0FF5-1524-4058-8BCC-F98B71596A40}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{97B3C35E-E396-40A1-8910-CE25CB6E13FA}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{9B2D62DF-5AEE-4B19-A9C1-1AD8C936CB8D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{0A8154D5-7FE5-4FB5-A6DA-B04F089C1EFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [UDP Query User{2970E84F-3E8D-42A1-83B1-B2A06750047B}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [TCP Query User{B0192293-99B2-4696-9DA8-E64AC169BE35}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{58B871B9-FDFD-419C-90C7-D66035344BA0}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{CF60911A-E1A5-45A3-B938-E1145136F1F9}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{E6D9EF68-1545-4069-9B75-E20412A45836}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{3D03A8DA-625C-44CB-B264-087BA38A9AD9}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1CA9DE41-516F-4694-8A0A-DAAE07D3E666}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{6DDA3E65-6636-4F04-B173-E2CB9A48CF0F}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1D9A3C8B-3378-48A4-A306-DB4D1335B26D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{95AB5A75-6E7A-4ACF-AE8D-4B4D022980BE}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{EB053A19-12D0-4348-8828-CE727F8CE8FC}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{83F5AE87-8DAC-4403-9103-C05F9C069538}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{3A703689-0A21-48F5-943D-319A3A59C706}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{DC4A6C3F-E170-4D2B-9748-5C4697671306}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{A0964DC6-BE57-4EDA-9897-1873F6C4833B}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{4266122A-D462-4F5F-AC34-0EC18DED9DFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [UDP Query User{0B6D3A67-43B4-4741-97C0-616F9641304E}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [{07233AD6-369E-4935-B5D4-8984A7731E2F}] => (Allow) D:\DAVINČI\ElementsPanelDaemon.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2022
Ran by PC (13-11-2022 20:45:42) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [ProductAuthenticationService] => C:\Users\PC\AppData\Roaming\ProductAuthenticationService\pas.exe [1004072 2021-03-29] (ResolveDevOps Limited -> ResolveDevOps Limited) <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Overwolf] => D:\Overwolf\OverwolfLauncher.exe -overwolfsilent (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [electron.app.SquadOV] => C:\Users\PC\AppData\Local\Programs\squadov_client_ui\SquadOV.exe --hidden (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e01f76-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e021d4-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: Rainmeter.lnk -> D:\Rainmeter.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56} - System32\Tasks\Overwolf Updater Task => D:\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (No File)
Task: {72D074A7-B24D-4DAF-B269-D4229B1C5DBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
Task: {B976CEBE-9B60-446B-904B-CB73B45BBD4F} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
Task: {E42C9CB3-175F-4DBE-AD37-0127D2126399} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {E6A72E18-A14E-4A18-B8B3-F949E92DCDB4} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {C88A1DD2-C01B-4E15-BD06-5D37EBAEC240} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
S3 ThrottleStop; \??\C:\Users\PC\AppData\Local\Temp\ThrottleStop.sys [X] <==== ATTENTION
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Windows\tracing:? [16]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk:21661D084B [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk:550995E265 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk:880C9F1679 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [4282]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6810]
FirewallRules: [TCP Query User{5986F4C9-BF41-4B12-BB6D-11111678E4B1}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{9E8501EB-57D0-4C9C-BD83-DCFCD993F269}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DA86AD72-88DC-4169-BED6-6CC89C8517D0}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{137C25B1-C568-4D8B-A744-63956E12998C}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{A0F1BA4A-4F23-4D65-8AF7-23FFF57B2855}D:\call of duty - black ops\blackops.exe] => (Allow) D:\call of duty - black ops\blackops.exe => No File
FirewallRules: [UDP Query User{D1C13958-D2F1-4FA6-A6D7-799D8012915C}D:\call of duty - black ops\blackops.exe] => (Allow) D:\call of duty - black ops\blackops.exe => No File
FirewallRules: [{1509021e-952a-4222-925b-e9ef2e35da46}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{1E0EE64E-909A-4681-A680-85CF328345BC}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [TCP Query User{0B9618CE-9AE9-4972-8C27-F6F818043472}C:\users\pc\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc\appdata\local\vghd\bin\vghd.exe => No File
FirewallRules: [UDP Query User{14DB72FD-F01E-4C7D-BE78-9ED10F914B0C}C:\users\pc\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc\appdata\local\vghd\bin\vghd.exe => No File
FirewallRules: [{141FBB48-833F-4E9F-ACBB-61098233CEA2}] => (Allow) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{BC9BB575-4FD0-4343-82F8-68FEDAB902F2}] => (Allow) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{EB2693AC-6F73-4E81-9E5B-BC6E84DF241A}] => (Block) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{5C48C7D6-36C2-4908-81EA-13BFD0D9F6BB}] => (Block) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{0670FED8-3489-4009-9FBA-754A472D995F}] => (Allow) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{47E21C8A-C5E3-47EB-88DD-256BA2274690}] => (Allow) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{DA6F9692-0866-461F-8A86-2FDA9898CEC9}] => (Block) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{8CCB671E-19F6-48C6-A59F-9EBEB40D6531}] => (Block) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{9D99E0B3-A2A9-4036-B281-1B988BCA4FCF}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe => No File
FirewallRules: [{9F5B31BD-F852-4F9E-A6AC-C6F0F46B6D24}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe => No File
FirewallRules: [TCP Query User{D4F1D848-0539-421C-A301-D5CE5C0768BA}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe] => (Allow) C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe => No File
FirewallRules: [UDP Query User{CD3299B8-5515-494D-8C1C-70ED42250164}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe] => (Allow) C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe => No File
FirewallRules: [TCP Query User{35D12D6B-9C42-4243-AC53-42A4DF444EDC}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe => No File
FirewallRules: [UDP Query User{75252765-4A7B-42C0-9D30-12BC38F0D293}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe => No File
FirewallRules: [TCP Query User{B8D6D6D2-D23F-4274-982E-FF633C47B538}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{897E455F-4AE9-4986-862F-8976E2841F47}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{366E3984-F6D6-449C-897A-350D5D9C622D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{78BE0FF5-1524-4058-8BCC-F98B71596A40}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{97B3C35E-E396-40A1-8910-CE25CB6E13FA}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{9B2D62DF-5AEE-4B19-A9C1-1AD8C936CB8D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{0A8154D5-7FE5-4FB5-A6DA-B04F089C1EFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [UDP Query User{2970E84F-3E8D-42A1-83B1-B2A06750047B}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [TCP Query User{B0192293-99B2-4696-9DA8-E64AC169BE35}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{58B871B9-FDFD-419C-90C7-D66035344BA0}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{CF60911A-E1A5-45A3-B938-E1145136F1F9}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{E6D9EF68-1545-4069-9B75-E20412A45836}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{3D03A8DA-625C-44CB-B264-087BA38A9AD9}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1CA9DE41-516F-4694-8A0A-DAAE07D3E666}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{6DDA3E65-6636-4F04-B173-E2CB9A48CF0F}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1D9A3C8B-3378-48A4-A306-DB4D1335B26D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{95AB5A75-6E7A-4ACF-AE8D-4B4D022980BE}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{EB053A19-12D0-4348-8828-CE727F8CE8FC}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{83F5AE87-8DAC-4403-9103-C05F9C069538}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{3A703689-0A21-48F5-943D-319A3A59C706}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{DC4A6C3F-E170-4D2B-9748-5C4697671306}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{A0964DC6-BE57-4EDA-9897-1873F6C4833B}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{4266122A-D462-4F5F-AC34-0EC18DED9DFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [UDP Query User{0B6D3A67-43B4-4741-97C0-616F9641304E}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [{07233AD6-369E-4935-B5D4-8984A7731E2F}] => (Allow) D:\DAVINČI\ElementsPanelDaemon.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ProductAuthenticationService" => removed successfully
"HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Salad" => removed successfully
"HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Overwolf" => removed successfully
"HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\Software\Microsoft\Windows\CurrentVersion\Run\\electron.app.SquadOV" => removed successfully
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71e01f76-1491-11ec-89ae-983b8f6c6479} => removed successfully
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71e021d4-1491-11ec-89ae-983b8f6c6479} => removed successfully
"D:\Rainmeter.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56}" => removed successfully
C:\Windows\System32\Tasks\Overwolf Updater Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Overwolf Updater Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{72D074A7-B24D-4DAF-B269-D4229B1C5DBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72D074A7-B24D-4DAF-B269-D4229B1C5DBB}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B976CEBE-9B60-446B-904B-CB73B45BBD4F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B976CEBE-9B60-446B-904B-CB73B45BBD4F}" => removed successfully
C:\Windows\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E42C9CB3-175F-4DBE-AD37-0127D2126399}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E42C9CB3-175F-4DBE-AD37-0127D2126399}" => removed successfully
C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E6A72E18-A14E-4A18-B8B3-F949E92DCDB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6A72E18-A14E-4A18-B8B3-F949E92DCDB4}" => removed successfully
C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C88A1DD2-C01B-4E15-BD06-5D37EBAEC240}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C88A1DD2-C01B-4E15-BD06-5D37EBAEC240}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\ThrottleStop => removed successfully
ThrottleStop => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Windows\tracing => ":?" ADS removed successfully
C:\ProgramData\mntemp => ":8EAD8B3507" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk => ":21661D084B" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk => ":550995E265" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk => ":880C9F1679" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk => ":F20EF51E1F" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk => ":F208FC6732" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5986F4C9-BF41-4B12-BB6D-11111678E4B1}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9E8501EB-57D0-4C9C-BD83-DCFCD993F269}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DA86AD72-88DC-4169-BED6-6CC89C8517D0}D:\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{137C25B1-C568-4D8B-A744-63956E12998C}D:\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A0F1BA4A-4F23-4D65-8AF7-23FFF57B2855}D:\call of duty - black ops\blackops.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D1C13958-D2F1-4FA6-A6D7-799D8012915C}D:\call of duty - black ops\blackops.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1509021e-952a-4222-925b-e9ef2e35da46}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E0EE64E-909A-4681-A680-85CF328345BC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0B9618CE-9AE9-4972-8C27-F6F818043472}C:\users\pc\appdata\local\vghd\bin\vghd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{14DB72FD-F01E-4C7D-BE78-9ED10F914B0C}C:\users\pc\appdata\local\vghd\bin\vghd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{141FBB48-833F-4E9F-ACBB-61098233CEA2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC9BB575-4FD0-4343-82F8-68FEDAB902F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB2693AC-6F73-4E81-9E5B-BC6E84DF241A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C48C7D6-36C2-4908-81EA-13BFD0D9F6BB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0670FED8-3489-4009-9FBA-754A472D995F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47E21C8A-C5E3-47EB-88DD-256BA2274690}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA6F9692-0866-461F-8A86-2FDA9898CEC9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CCB671E-19F6-48C6-A59F-9EBEB40D6531}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D99E0B3-A2A9-4036-B281-1B988BCA4FCF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F5B31BD-F852-4F9E-A6AC-C6F0F46B6D24}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D4F1D848-0539-421C-A301-D5CE5C0768BA}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CD3299B8-5515-494D-8C1C-70ED42250164}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{35D12D6B-9C42-4243-AC53-42A4DF444EDC}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{75252765-4A7B-42C0-9D30-12BC38F0D293}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B8D6D6D2-D23F-4274-982E-FF633C47B538}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{897E455F-4AE9-4986-862F-8976E2841F47}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{366E3984-F6D6-449C-897A-350D5D9C622D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{78BE0FF5-1524-4058-8BCC-F98B71596A40}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{97B3C35E-E396-40A1-8910-CE25CB6E13FA}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9B2D62DF-5AEE-4B19-A9C1-1AD8C936CB8D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0A8154D5-7FE5-4FB5-A6DA-B04F089C1EFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2970E84F-3E8D-42A1-83B1-B2A06750047B}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B0192293-99B2-4696-9DA8-E64AC169BE35}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{58B871B9-FDFD-419C-90C7-D66035344BA0}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CF60911A-E1A5-45A3-B938-E1145136F1F9}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E6D9EF68-1545-4069-9B75-E20412A45836}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D03A8DA-625C-44CB-B264-087BA38A9AD9}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1CA9DE41-516F-4694-8A0A-DAAE07D3E666}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6DDA3E65-6636-4F04-B173-E2CB9A48CF0F}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1D9A3C8B-3378-48A4-A306-DB4D1335B26D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{95AB5A75-6E7A-4ACF-AE8D-4B4D022980BE}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EB053A19-12D0-4348-8828-CE727F8CE8FC}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{83F5AE87-8DAC-4403-9103-C05F9C069538}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3A703689-0A21-48F5-943D-319A3A59C706}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DC4A6C3F-E170-4D2B-9748-5C4697671306}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A0964DC6-BE57-4EDA-9897-1873F6C4833B}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4266122A-D462-4F5F-AC34-0EC18DED9DFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B6D3A67-43B4-4741-97C0-616F9641304E}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07233AD6-369E-4935-B5D4-8984A7731E2F}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32583162 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1382481793 B
Windows/system/drivers => 3529646 B
Edge => 0 B
Chrome => 847685966 B
Brave => 1688288 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 537452 B
NetworkService => 537452 B
PC => 196164803 B

RecycleBin => 30709024 B
EmptyTemp: => 2.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:47:25 ====

Smazáno, log je již OK.

Ďakujem veľmi pekne za pomoc

Nemáte zač!