VIRY.CZ

Dobrý den, mám postarší ntb. Zdá se mi pomalejší než obvykle. Processor se jeví více vytěžovaný, a pak se ntb o to hlučnější.
Prosím o kontrolu jestli je něco v nepořádku, nebo už je jen starý a nezvládá to.

Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by Roman (administrator) on ROMANNTB (LENOVO 42406AG) (09-11-2023 20:40:46)
Running from C:\Users\Roman\Desktop\FRST64.exe
Loaded Profiles: Roman
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\Lenovo\HOTKEY\tphkload.exe ->) (LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(C:\Program Files\Lenovo\HOTKEY\tphkload.exe ->) (Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(C:\Program Files\Lenovo\HOTKEY\tphkload.exe ->) (Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(explorer.exe ->) (Thesycon Software Solutions GmbH & Co. KG -> ) C:\Program Files\Native Instruments\Komplete Audio Driver\W10_x64\NativeInstrumentsUsbAudioCpl.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Ericsson AB -> Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe
(services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [250976 2013-05-22] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [193984 2023-09-26] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1103480 2022-09-26] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\upd (the data entry has 80 more characters). [676768 2023-10-26] (Mozilla Corporation -> Mozilla Corporation)
AppInit_DLLs: C:\Windows\system32\DriverStore\FileRepository\nvltwi.inf_amd64_02ae1c51f1fc4c9a\nvinitx.dll => C:\Windows\system32\DriverStore\FileRepository\nvltwi.inf_amd64_02ae1c51f1fc4c9a\nvinitx.dll [209936 2020-12-08] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\system32\DriverStore\FileRepository\nvltwi.inf_amd64_02ae1c51f1fc4c9a\nvinit.dll => C:\Windows\system32\DriverStore\FileRepository\nvltwi.inf_amd64_02ae1c51f1fc4c9a\nvinit.dll [184656 2020-12-08] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Native Instruments Komplete Audio Control Panel Autostart.lnk [2021-02-14]
ShortcutTarget: Native Instruments Komplete Audio Control Panel Autostart.lnk -> C:\Program Files\Native Instruments\Komplete Audio Driver\W10_x64\NativeInstrumentsUsbAudioCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy-Firefox: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4992AE14-9D7C-4802-842C-7BD6098AFBFD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {5868E12E-3CEB-4317-B7FA-EFC09FD60CF4} - System32\Tasks\AdobeAAMUpdater-1.0-ROMANNTB-Roman => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {72BAEE3E-9176-4EB0-B3D4-0BBB0A695014} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B0BB5206-4A2F-4802-8460-8A4D1B683698} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "18f3e8f9-51c5-4020-a1af-51b26ae1a469" --version "6.17.10746" --silent
Task: {B7BDD226-E5E2-4981-A768-EA68EF0D3015} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {00160B95-5EC7-432C-A4C7-A20937CA7229} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129016 2022-12-04] (Lenovo -> Lenovo)
Task: {0243E96B-55C6-445A-A674-F5DEA2D5D795} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-04] (Lenovo -> )
Task: {A8539234-89F0-4621-805F-4B7848786C0A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-26] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B17F6709-11F0-40D2-9EE2-6FEFF55AB294} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-10-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {17EE55CC-3054-44AB-8791-23C5544483D4} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2104648 2020-12-08] (NVIDIA Corporation -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 8.8.4.4
Tcpip\..\Interfaces\{1774d3b4-6a36-4a96-8960-08261cf52bae}: [DhcpNameServer] 1.1.1.1 8.8.4.4
Tcpip\..\Interfaces\{380a19ed-d466-4072-9807-8e5380484841}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-04]

FireFox:
========
FF DefaultProfile: ub6lu8b3.default
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\ub6lu8b3.default [2021-02-03]
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\2enufo14.default-release [2023-11-09]
FF Homepage: Mozilla\Firefox\Profiles\2enufo14.default-release -> www.advaita.cz
FF Session Restore: Mozilla\Firefox\Profiles\2enufo14.default-release -> is enabled.
FF Extension: (SaveFrom.net helper) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\2enufo14.default-release\Extensions\helper@savefrom.net.xpi [2023-10-30]
FF Extension: (YouTube NonStop) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\2enufo14.default-release\Extensions\{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}.xpi [2023-11-02]
FF Extension: (No Name) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\2enufo14.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-24]
FF Extension: (SaveFrom.net helper) - C:\Program Files\Mozilla Firefox\distribution\extensions\helper@savefrom.net.xpi [2021-02-05]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-04-13] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-04-13] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-11-09]

Opera:
=======
OPR Profile: C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable [2023-10-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-06]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2528888 2023-09-26] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3860080 2023-09-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3860080 2023-09-26] (ESET, spol. s r.o. -> ESET)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [119912 2022-02-03] (Proton Technologies AG -> )
R3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65640 2022-02-03] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2022-02-03] (Proton Technologies AG -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB -> Ericsson AB)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [208704 2023-08-02] (ESET, spol. s r.o. -> ESET)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-06-13] (Ericsson AB -> Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2011-06-13] (Ericsson AB -> Ericsson AB)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [118904 2023-08-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-08-24] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [249544 2023-08-02] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [55424 2023-08-02] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [81712 2023-08-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [123040 2023-08-02] (ESET, spol. s r.o. -> ESET)
R3 hanvonugeemfilter; C:\Windows\System32\drivers\hanvonugeemfilter.sys [9728 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB -> Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation -> MCCI Corporation)
S3 NativeInstrumentsUsbAudio; C:\Windows\System32\drivers\NativeInstrumentsUsbAudio.sys [400952 2020-12-16] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 NativeInstrumentsUsbAudioks; C:\Windows\System32\drivers\NativeInstrumentsUsbAudioks.sys [53816 2020-12-16] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 nika6m2dfu; C:\Windows\System32\drivers\nika6m2dfu.sys [39672 2019-03-25] (Native Instruments GmbH -> Native Instruments GmbH)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 risdxc; C:\Windows\System32\drivers\risdxc64.sys [105472 2012-07-04] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2021-02-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-02] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2022-03-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2022-03-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB -> Ericsson AB)
R3 XPPenTablet; C:\Windows\System32\drivers\XPPenTablet.sys [10752 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-09 20:40 - 2023-11-09 20:41 - 000020647 _____ C:\Users\Roman\Desktop\FRST.txt
2023-11-09 20:40 - 2023-11-09 20:41 - 000000000 ____D C:\FRST
2023-11-09 20:38 - 2023-11-09 20:37 - 002383872 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2023-11-09 20:37 - 2023-11-09 20:37 - 002383872 _____ (Farbar) C:\Users\Roman\Downloads\FRST64.exe
2023-10-13 19:52 - 2023-10-13 19:52 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-10-13 19:41 - 2023-10-13 19:41 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-09 20:23 - 2021-02-09 00:56 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2023-11-09 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-11-09 20:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-09 20:20 - 2021-01-26 20:46 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-09 20:20 - 2019-12-07 15:43 - 000683504 _____ C:\Windows\system32\perfh005.dat
2023-11-09 20:20 - 2019-12-07 15:43 - 000137284 _____ C:\Windows\system32\perfc005.dat
2023-11-09 20:20 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-11-08 14:25 - 2021-01-26 21:11 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-08 14:25 - 2021-01-26 20:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-08 11:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-08 11:28 - 2021-02-03 22:47 - 000000000 ____D C:\Users\Roman\AppData\Roaming\vlc
2023-11-08 11:16 - 2021-01-26 21:50 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-03 15:24 - 2021-01-26 21:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-10-31 00:01 - 2022-02-11 20:05 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-30 19:27 - 2021-02-09 17:04 - 000000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2023-10-30 19:26 - 2021-02-02 19:52 - 000000000 ____D C:\Program Files\CCleaner
2023-10-30 18:42 - 2021-12-13 18:21 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-225735304-3798317993-2765611396-1001
2023-10-30 18:42 - 2021-01-26 20:46 - 000003364 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-225735304-3798317993-2765611396-1001
2023-10-30 18:42 - 2021-01-26 20:42 - 000002377 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-30 18:41 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-10-26 17:25 - 2021-02-03 16:52 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-10-26 17:25 - 2021-02-03 16:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-26 17:25 - 2021-02-03 16:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-10-26 17:06 - 2022-10-03 15:43 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-26 17:06 - 2022-10-03 15:43 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-26 17:06 - 2021-02-02 19:52 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-26 15:16 - 2021-01-26 20:43 - 000000000 ____D C:\Users\Roman\AppData\Local\Packages
2023-10-26 14:53 - 2021-01-26 21:50 - 000003638 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-26 14:53 - 2021-01-26 21:50 - 000003514 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-21 09:40 - 2021-02-09 01:00 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-10-21 09:39 - 2022-10-14 20:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-10-21 09:39 - 2022-10-14 20:36 - 000002021 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-10-14 20:42 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-10-14 20:38 - 2021-01-26 20:39 - 000611864 _____ C:\Windows\system32\FNTCACHE.DAT
2023-10-14 20:38 - 2021-01-26 20:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-14 20:38 - 2021-01-26 20:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-14 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-10-14 20:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-10-14 20:37 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-10-14 20:36 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2023-10-14 20:36 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\cs
2023-10-14 20:36 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\cs
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-10-14 20:35 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-14 20:35 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-10-14 20:35 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-14 20:35 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-10-13 20:02 - 2019-12-07 15:47 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-10-13 20:02 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-10-13 20:02 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-10-13 19:52 - 2021-01-26 20:43 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-10-13 19:24 - 2021-01-26 21:12 - 000000000 ____D C:\Windows\system32\MRT
2023-10-13 19:20 - 2021-01-26 21:12 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-10-13 19:19 - 2022-02-16 00:43 - 000000000 ____D C:\Program Files\RUXIM

==================== Files in the root of some directories ========

2021-06-15 15:36 - 2023-07-29 12:31 - 000000034 _____ () C:\Users\Roman\AppData\Roaming\AdobeWLCMCache.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by Roman (09-11-2023 20:44:26)
Running from C:\Users\Roman\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) (2021-01-26 19:41:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-225735304-3798317993-2765611396-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-225735304-3798317993-2765611396-503 - Limited - Disabled)
Guest (S-1-5-21-225735304-3798317993-2765611396-501 - Limited - Disabled)
Roman (S-1-5-21-225735304-3798317993-2765611396-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-225735304-3798317993-2765611396-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Ableton Live 10 Suite (HKLM\...\{03CC0C7C-3DB9-4DDC-A64A-80A37DB9591F}) (Version: 10.0.0.0 - Ableton)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.006.20360 - Adobe)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 16.2.15.0 - ESET, spol. s r.o.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.5.5.2 (HKLM\...\{61C7ACC0-A7E0-43FB-80A4-C15D0F546355}) (Version: 7.5.5.2 - The Document Foundation)
MeldaProduction Audio Plugins 14 (HKLM-x32\...\MeldaProduction Audio Plugins 14) (Version: - MeldaProduction)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.44 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\OneDriveSetup.exe) (Version: 23.209.1008.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30708 (HKLM-x32\...\{ee198d9f-cfe1-4f8a-bf5f-7b1be355b63d}) (Version: 14.30.30708.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.5.1.5 - Ericsson AB)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 119.0 (x64 cs)) (Version: 119.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0 - Mozilla)
Native Access 3.5.0 (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.5.0 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.3.4.436 - Native Instruments)
Native Instruments Komplete Audio Driver v5.0.0 (HKLM-x32\...\Software_NativeInstruments_NativeInstruments_UsbAudio_Driver_Setup) (Version: 5.0.0 - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.1.0.27 - Native Instruments)
NVIDIA nView 149.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 149.34 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 392.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 392.63 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 392.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 392.63 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Outlook (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.3.10.220926 - XPPen Technology)
ProtonVPN (HKLM-x32\...\{4C61AA40-5E08-4C1F-B353-3B0A3605E648}) (Version: 1.25.2 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.25.2) (Version: 1.25.2 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{C953D354-0C14-4CB5-AB42-0A9E40F55857}) (Version: 0.13.0 - Proton Technologies AG)
RICOH_Media_Driver_v2.22.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.22.18.01 - RICOH)
Signal 1.40.1 (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 1.40.1 - Open Whisper Systems)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
Temper verze 1.1.1 (HKLM\...\{53531F09-A6EB-4C36-8BFA-BFE691D6177C}}_is1) (Version: 1.1.1 - Creative Intent)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
ValhallaFreqEcho version 1.2.0 (HKLM-x32\...\{701F5756-0DA6-43F1-B7EB-64656A02BCD7}_is1) (Version: 1.2.0 - Valhalla DSP, LLC)
ValhallaSpaceModulator version 1.1.6v3 (HKLM-x32\...\{424F3232-965A-4D12-BDD0-EF33B67D82E8}_is1) (Version: 1.1.6v3 - Valhalla DSP, LLC)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.5 - Nullsoft, Inc)
Word (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Zoner Photo Studio 9 (HKLM-x32\...\Zoner Photo Studio 9_is1) (Version: - ZONER software)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-10-21] ()
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-10] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-03-17] (Microsoft Corporation)
Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.0_neutral__2vp2pd36ganw2 [2023-07-04] (excel.office.com)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation)
PowerPoint -> C:\Program Files\WindowsApps\powerpoint.office.com-8D456796_1.0.0.1_neutral__sxc7ffma4ybfy [2022-11-15] (powerpoint.office.com)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-08] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-225735304-3798317993-2765611396-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-225735304-3798317993-2765611396-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-09-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-09-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2020-12-08] (NVIDIA Corporation -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-11-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-09-26] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-02-03 08:28 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-03-04 17:34 - 2019-04-13 06:01 - 000348888 _____ (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 001224704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\LIBEAY32.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\SSLEAY32.dll
2023-01-10 16:43 - 2022-04-26 15:20 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 001064960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 004814336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 004965376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000930304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000264704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 004464640 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000149504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-06-15 15:07 - 000001030 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-225735304-3798317993-2765611396-1001\Control Panel\Desktop\\Wallpaper -> D:\DOKUMENTY\OBRAZKY\obrazky\n27zWnPb8r5lmWVlIFQC9akC3vDjuE8Fv7b7Usglm60.jpg
DNS Servers: 1.1.1.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D07BD870-F2D8-402A-88E0-8C82385AA179}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AF9AF693-8936-4E48-BE63-AA8DBF40345C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{72842AD4-DC8D-4F4E-8EBC-C82D1A026E70}C:\users\roman\desktop\qbit\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) C:\users\roman\desktop\qbit\qbittorrentportable\app\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{C2905869-D36B-47B2-9D09-30DFE9EDFFC6}C:\users\roman\desktop\qbit\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) C:\users\roman\desktop\qbit\qbittorrentportable\app\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{982FF7CC-64AF-4CF3-A7D9-F57C091C266A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D10F4C31-AE99-46A3-8269-64BA16C1F6A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B9A3FB27-E36C-43A3-9194-7D3BCFB1BC12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C084E2BA-B1C8-4D8D-93AF-CEC5B567BF9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39B029C6-22B9-4479-B07E-2A637B51DF69}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

21-10-2023 13:00:26 Naplánovaný kontrolní bod
30-10-2023 18:40:24 Instalační služba modulů systému Windows
08-11-2023 12:27:27 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/09/2023 08:22:44 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/08/2023 03:00:32 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/08/2023 03:00:32 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (11/08/2023 03:00:32 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/08/2023 11:17:36 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/03/2023 02:30:37 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/03/2023 11:21:21 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/02/2023 09:36:39 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2


System errors:
=============
Error: (10/30/2023 07:27:13 PM) (Source: DCOM) (EventID: 10000) (User: ROMANNTB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/30/2023 06:43:36 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (10/30/2023 06:43:36 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (10/26/2023 09:35:14 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (10/26/2023 02:53:59 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (10/26/2023 02:53:59 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (10/04/2023 03:07:22 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (10/04/2023 03:07:22 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.


Windows Defender:
================
Date: 2021-02-02 20:35:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {924EDF6B-173B-4253-9384-13EAD45EEF38}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-02 20:26:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {77C13C7C-5E44-4818-9FF6-0EDF0FEE3C5C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-02 20:17:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6EA45029-1E2C-4066-AE81-E43172D3F04D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-11-09 20:20:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 8AET56WW (1.36 ) 12/06/2011
Motherboard: LENOVO 42406AG
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 28%
Total physical RAM: 16267.23 MB
Available physical RAM: 11678.28 MB
Total Virtual: 18699.23 MB
Available Virtual: 13826.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.22 GB) (Free:270.65 GB) (Model: Samsung SSD 860 EVO 500GB) NTFS

\\?\Volume{4ec45579-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{4ec45579-0000-0000-0000-005174000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4EC45579)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=506 MB) - (Type=27)

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Dobrý den,

Děkuji a posílám. Vyskočilo na mě info o předinstalovaných programech. Šlo o LEnovo hotkey a power manager. Ponechal jsem je, nebo je mám také odstranit ?

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-10-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.3570)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Roman\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2188 octets] - [10/11/2023 06:08:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Ty preimnstalled jsou v pořádku, pokud extrémně nezatěžují systém.. Teď dejte novélogy FRST+Addition.

Dobře děkuji, posílám další logy.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by Roman (administrator) on ROMANNTB (LENOVO 42406AG) (10-11-2023 11:53:58)
Running from C:\Users\Roman\Desktop\FRST64.exe
Loaded Profiles: Roman
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(explorer.exe ->) (Thesycon Software Solutions GmbH & Co. KG -> ) C:\Program Files\Native Instruments\Komplete Audio Driver\W10_x64\NativeInstrumentsUsbAudioCpl.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Ericsson AB -> Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe
(services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [250976 2013-05-22] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [193984 2023-09-26] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1103480 2022-09-26] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\upd (the data entry has 80 more characters). [676256 2023-11-09] (Mozilla Corporation -> Mozilla Corporation)
AppInit_DLLs: C:\Windows\system32\DriverStore\FileRepository\nvltwi.inf_amd64_02ae1c51f1fc4c9a\nvinitx.dll => C:\Windows\system32\DriverStore\FileRepository\nvltwi.inf_amd64_02ae1c51f1fc4c9a\nvinitx.dll [209936 2020-12-08] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\system32\DriverStore\FileRepository\nvltwi.inf_amd64_02ae1c51f1fc4c9a\nvinit.dll => C:\Windows\system32\DriverStore\FileRepository\nvltwi.inf_amd64_02ae1c51f1fc4c9a\nvinit.dll [184656 2020-12-08] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Native Instruments Komplete Audio Control Panel Autostart.lnk [2021-02-14]
ShortcutTarget: Native Instruments Komplete Audio Control Panel Autostart.lnk -> C:\Program Files\Native Instruments\Komplete Audio Driver\W10_x64\NativeInstrumentsUsbAudioCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy-Firefox: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4992AE14-9D7C-4802-842C-7BD6098AFBFD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {5868E12E-3CEB-4317-B7FA-EFC09FD60CF4} - System32\Tasks\AdobeAAMUpdater-1.0-ROMANNTB-Roman => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {72BAEE3E-9176-4EB0-B3D4-0BBB0A695014} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B0BB5206-4A2F-4802-8460-8A4D1B683698} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "18f3e8f9-51c5-4020-a1af-51b26ae1a469" --version "6.17.10746" --silent
Task: {B7BDD226-E5E2-4981-A768-EA68EF0D3015} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {00160B95-5EC7-432C-A4C7-A20937CA7229} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129016 2022-12-04] (Lenovo -> Lenovo)
Task: {0243E96B-55C6-445A-A674-F5DEA2D5D795} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-04] (Lenovo -> )
Task: {A8539234-89F0-4621-805F-4B7848786C0A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676256 2023-11-09] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B17F6709-11F0-40D2-9EE2-6FEFF55AB294} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-11-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {17EE55CC-3054-44AB-8791-23C5544483D4} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2104648 2020-12-08] (NVIDIA Corporation -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{1774d3b4-6a36-4a96-8960-08261cf52bae}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{380a19ed-d466-4072-9807-8e5380484841}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-04]

FireFox:
========
FF DefaultProfile: ub6lu8b3.default
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\ub6lu8b3.default [2021-02-03]
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\2enufo14.default-release [2023-11-10]
FF Homepage: Mozilla\Firefox\Profiles\2enufo14.default-release -> www.advaita.cz
FF Session Restore: Mozilla\Firefox\Profiles\2enufo14.default-release -> is enabled.
FF Extension: (SaveFrom.net helper) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\2enufo14.default-release\Extensions\helper@savefrom.net.xpi [2023-10-30]
FF Extension: (YouTube NonStop) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\2enufo14.default-release\Extensions\{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}.xpi [2023-11-02]
FF Extension: (No Name) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\2enufo14.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-24]
FF Extension: (SaveFrom.net helper) - C:\Program Files\Mozilla Firefox\distribution\extensions\helper@savefrom.net.xpi [2021-02-05]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-04-13] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-04-13] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-11-10]

Opera:
=======
OPR Profile: C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable [2023-10-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-06]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2528888 2023-09-26] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3860080 2023-09-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3860080 2023-09-26] (ESET, spol. s r.o. -> ESET)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [119912 2022-02-03] (Proton Technologies AG -> )
R3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65640 2022-02-03] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2022-02-03] (Proton Technologies AG -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB -> Ericsson AB)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [208704 2023-08-02] (ESET, spol. s r.o. -> ESET)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-06-13] (Ericsson AB -> Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2011-06-13] (Ericsson AB -> Ericsson AB)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [118904 2023-08-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-08-24] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [249544 2023-08-02] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [55424 2023-08-02] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [81712 2023-08-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [123040 2023-08-02] (ESET, spol. s r.o. -> ESET)
R3 hanvonugeemfilter; C:\Windows\System32\drivers\hanvonugeemfilter.sys [9728 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB -> Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation -> MCCI Corporation)
S3 NativeInstrumentsUsbAudio; C:\Windows\System32\drivers\NativeInstrumentsUsbAudio.sys [400952 2020-12-16] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 NativeInstrumentsUsbAudioks; C:\Windows\System32\drivers\NativeInstrumentsUsbAudioks.sys [53816 2020-12-16] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 nika6m2dfu; C:\Windows\System32\drivers\nika6m2dfu.sys [39672 2019-03-25] (Native Instruments GmbH -> Native Instruments GmbH)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 risdxc; C:\Windows\System32\drivers\risdxc64.sys [105472 2012-07-04] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2021-02-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-02] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2022-03-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2022-03-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB -> Ericsson AB)
R3 XPPenTablet; C:\Windows\System32\drivers\XPPenTablet.sys [10752 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-10 06:07 - 2023-11-10 06:09 - 000000000 ____D C:\AdwCleaner
2023-11-10 06:06 - 2023-11-10 06:06 - 008791352 _____ (Malwarebytes) C:\Users\Roman\Downloads\adwcleaner.exe
2023-11-10 06:06 - 2023-11-10 06:06 - 008791352 _____ (Malwarebytes) C:\Users\Roman\Desktop\adwcleaner.exe
2023-11-09 20:44 - 2023-11-09 20:46 - 000036972 _____ C:\Users\Roman\Desktop\Addition.txt
2023-11-09 20:40 - 2023-11-10 11:54 - 000018829 _____ C:\Users\Roman\Desktop\FRST.txt
2023-11-09 20:40 - 2023-11-10 11:54 - 000000000 ____D C:\FRST
2023-11-09 20:38 - 2023-11-09 20:37 - 002383872 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2023-11-09 20:37 - 2023-11-09 20:37 - 002383872 _____ (Farbar) C:\Users\Roman\Downloads\FRST64.exe
2023-10-13 19:52 - 2023-10-13 19:52 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-10-13 19:41 - 2023-10-13 19:41 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-10 11:54 - 2021-01-26 20:46 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-10 11:54 - 2019-12-07 15:43 - 000683504 _____ C:\Windows\system32\perfh005.dat
2023-11-10 11:54 - 2019-12-07 15:43 - 000137284 _____ C:\Windows\system32\perfc005.dat
2023-11-10 11:54 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-11-10 11:51 - 2021-02-02 19:52 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-11-10 06:12 - 2021-01-26 21:11 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-10 06:09 - 2021-02-10 01:11 - 000000000 ____D C:\Users\Roman\AppData\Roaming\IObit
2023-11-10 06:08 - 2021-02-09 00:56 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2023-11-10 06:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-09 21:20 - 2021-01-26 20:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-09 21:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-09 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-11-09 21:00 - 2021-02-03 16:52 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-09 21:00 - 2021-02-03 16:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-11-08 11:28 - 2021-02-03 22:47 - 000000000 ____D C:\Users\Roman\AppData\Roaming\vlc
2023-11-08 11:16 - 2021-01-26 21:50 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-03 15:24 - 2021-01-26 21:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-10-31 00:01 - 2022-02-11 20:05 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-30 19:27 - 2021-02-09 17:04 - 000000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2023-10-30 19:26 - 2021-02-02 19:52 - 000000000 ____D C:\Program Files\CCleaner
2023-10-30 18:42 - 2021-12-13 18:21 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-225735304-3798317993-2765611396-1001
2023-10-30 18:42 - 2021-01-26 20:46 - 000003364 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-225735304-3798317993-2765611396-1001
2023-10-30 18:42 - 2021-01-26 20:42 - 000002377 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-30 18:41 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-10-26 17:25 - 2021-02-03 16:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-10-26 17:06 - 2022-10-03 15:43 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-26 17:06 - 2022-10-03 15:43 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-26 15:16 - 2021-01-26 20:43 - 000000000 ____D C:\Users\Roman\AppData\Local\Packages
2023-10-26 14:53 - 2021-01-26 21:50 - 000003638 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-26 14:53 - 2021-01-26 21:50 - 000003514 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-21 09:40 - 2021-02-09 01:00 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-10-21 09:39 - 2022-10-14 20:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-10-21 09:39 - 2022-10-14 20:36 - 000002021 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-10-14 20:42 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-10-14 20:38 - 2021-01-26 20:39 - 000611864 _____ C:\Windows\system32\FNTCACHE.DAT
2023-10-14 20:38 - 2021-01-26 20:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-14 20:38 - 2021-01-26 20:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-14 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-10-14 20:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-10-14 20:37 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-10-14 20:36 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2023-10-14 20:36 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\cs
2023-10-14 20:36 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\cs
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-10-14 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-10-14 20:35 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-14 20:35 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-10-14 20:35 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-14 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-14 20:35 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-10-13 20:02 - 2019-12-07 15:47 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-10-13 20:02 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-10-13 20:02 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-10-13 19:52 - 2021-01-26 20:43 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-10-13 19:24 - 2021-01-26 21:12 - 000000000 ____D C:\Windows\system32\MRT
2023-10-13 19:20 - 2021-01-26 21:12 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-10-13 19:19 - 2022-02-16 00:43 - 000000000 ____D C:\Program Files\RUXIM

==================== Files in the root of some directories ========

2021-06-15 15:36 - 2023-07-29 12:31 - 000000034 _____ () C:\Users\Roman\AppData\Roaming\AdobeWLCMCache.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by Roman (10-11-2023 11:56:04)
Running from C:\Users\Roman\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) (2021-01-26 19:41:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-225735304-3798317993-2765611396-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-225735304-3798317993-2765611396-503 - Limited - Disabled)
Guest (S-1-5-21-225735304-3798317993-2765611396-501 - Limited - Disabled)
Roman (S-1-5-21-225735304-3798317993-2765611396-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-225735304-3798317993-2765611396-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Ableton Live 10 Suite (HKLM\...\{03CC0C7C-3DB9-4DDC-A64A-80A37DB9591F}) (Version: 10.0.0.0 - Ableton)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.006.20360 - Adobe)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 16.2.15.0 - ESET, spol. s r.o.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.5.5.2 (HKLM\...\{61C7ACC0-A7E0-43FB-80A4-C15D0F546355}) (Version: 7.5.5.2 - The Document Foundation)
MeldaProduction Audio Plugins 14 (HKLM-x32\...\MeldaProduction Audio Plugins 14) (Version: - MeldaProduction)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.44 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\OneDriveSetup.exe) (Version: 23.209.1008.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30708 (HKLM-x32\...\{ee198d9f-cfe1-4f8a-bf5f-7b1be355b63d}) (Version: 14.30.30708.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.5.1.5 - Ericsson AB)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 119.0.1 (x64 cs)) (Version: 119.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0 - Mozilla)
Native Access 3.5.0 (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.5.0 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.3.4.436 - Native Instruments)
Native Instruments Komplete Audio Driver v5.0.0 (HKLM-x32\...\Software_NativeInstruments_NativeInstruments_UsbAudio_Driver_Setup) (Version: 5.0.0 - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.1.0.27 - Native Instruments)
NVIDIA nView 149.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 149.34 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 392.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 392.63 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 392.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 392.63 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Outlook (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.3.10.220926 - XPPen Technology)
ProtonVPN (HKLM-x32\...\{4C61AA40-5E08-4C1F-B353-3B0A3605E648}) (Version: 1.25.2 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.25.2) (Version: 1.25.2 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{C953D354-0C14-4CB5-AB42-0A9E40F55857}) (Version: 0.13.0 - Proton Technologies AG)
RICOH_Media_Driver_v2.22.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.22.18.01 - RICOH)
Signal 1.40.1 (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 1.40.1 - Open Whisper Systems)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
Temper verze 1.1.1 (HKLM\...\{53531F09-A6EB-4C36-8BFA-BFE691D6177C}}_is1) (Version: 1.1.1 - Creative Intent)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
ValhallaFreqEcho version 1.2.0 (HKLM-x32\...\{701F5756-0DA6-43F1-B7EB-64656A02BCD7}_is1) (Version: 1.2.0 - Valhalla DSP, LLC)
ValhallaSpaceModulator version 1.1.6v3 (HKLM-x32\...\{424F3232-965A-4D12-BDD0-EF33B67D82E8}_is1) (Version: 1.1.6v3 - Valhalla DSP, LLC)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.5 - Nullsoft, Inc)
Word (HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Zoner Photo Studio 9 (HKLM-x32\...\Zoner Photo Studio 9_is1) (Version: - ZONER software)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-10-21] ()
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-10] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-03-17] (Microsoft Corporation)
Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.0_neutral__2vp2pd36ganw2 [2023-07-04] (excel.office.com)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation)
PowerPoint -> C:\Program Files\WindowsApps\powerpoint.office.com-8D456796_1.0.0.1_neutral__sxc7ffma4ybfy [2022-11-15] (powerpoint.office.com)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-08] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-225735304-3798317993-2765611396-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-225735304-3798317993-2765611396-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-09-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-09-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2020-12-08] (NVIDIA Corporation -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-11-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-09-26] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-02-03 08:28 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-03-04 17:34 - 2019-04-13 06:01 - 000348888 _____ (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 001224704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\LIBEAY32.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\SSLEAY32.dll
2023-01-10 16:43 - 2022-04-26 15:20 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 001064960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 004814336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 004965376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000930304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000264704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 004464640 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2023-01-10 16:43 - 2022-09-13 10:55 - 000149504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-06-15 15:07 - 000001030 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-225735304-3798317993-2765611396-1001\Control Panel\Desktop\\Wallpaper -> D:\DOKUMENTY\OBRAZKY\obrazky\n27zWnPb8r5lmWVlIFQC9akC3vDjuE8Fv7b7Usglm60.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-225735304-3798317993-2765611396-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D07BD870-F2D8-402A-88E0-8C82385AA179}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AF9AF693-8936-4E48-BE63-AA8DBF40345C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{72842AD4-DC8D-4F4E-8EBC-C82D1A026E70}C:\users\roman\desktop\qbit\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) C:\users\roman\desktop\qbit\qbittorrentportable\app\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{C2905869-D36B-47B2-9D09-30DFE9EDFFC6}C:\users\roman\desktop\qbit\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) C:\users\roman\desktop\qbit\qbittorrentportable\app\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{982FF7CC-64AF-4CF3-A7D9-F57C091C266A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D10F4C31-AE99-46A3-8269-64BA16C1F6A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B9A3FB27-E36C-43A3-9194-7D3BCFB1BC12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C084E2BA-B1C8-4D8D-93AF-CEC5B567BF9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39B029C6-22B9-4479-B07E-2A637B51DF69}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

21-10-2023 13:00:26 Naplánovaný kontrolní bod
30-10-2023 18:40:24 Instalační služba modulů systému Windows
08-11-2023 12:27:27 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/09/2023 08:22:44 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/08/2023 03:00:32 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/08/2023 03:00:32 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (11/08/2023 03:00:32 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/08/2023 11:17:36 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/03/2023 02:30:37 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/03/2023 11:21:21 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (11/02/2023 09:36:39 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2


System errors:
=============
Error: (11/10/2023 06:09:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Mobile Broadband Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/10/2023 06:09:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ProtonVPN Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/10/2023 06:09:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ProtonVPN Update Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/10/2023 06:09:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2023 06:09:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Hotkey Client Loader byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2023 06:09:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Microphone Mute byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2023 06:09:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2023 06:09:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NIHardwareService byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-02-02 20:35:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {924EDF6B-173B-4253-9384-13EAD45EEF38}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-02 20:26:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {77C13C7C-5E44-4818-9FF6-0EDF0FEE3C5C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-02 20:17:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6EA45029-1E2C-4066-AE81-E43172D3F04D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-11-10 11:51:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2023-11-10 06:06:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 8AET56WW (1.36 ) 12/06/2011
Motherboard: LENOVO 42406AG
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 22%
Total physical RAM: 16267.23 MB
Available physical RAM: 12565.98 MB
Total Virtual: 18699.23 MB
Available Virtual: 14862.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.22 GB) (Free:270.59 GB) (Model: Samsung SSD 860 EVO 500GB) NTFS

\\?\Volume{4ec45579-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{4ec45579-0000-0000-0000-005174000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4EC45579)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=506 MB) - (Type=27)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy-Firefox: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\Roman\AppData\Roaming\IObit

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by Roman (10-11-2023 13:20:46) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy-Firefox: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\Roman\AppData\Roaming\IObit

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully

"C:\Windows\system32\GroupPolicy\Machine" folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Program Files\Mozilla Firefox\distribution\policies.json => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully

"C:\Users\Roman\AppData\Roaming\IObit" folder move:

C:\Users\Roman\AppData\Roaming\IObit => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17998795 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 5066456 B
Edge => 100373 B
Firefox => 316627941 B
Opera => 6137894 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Roman => 3807179 B

RecycleBin => 4621261052 B
EmptyTemp: => 4.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:21:15 ====

Smazáno. Snížila se zátěž?

Moc Vám děkuji. Vypadá to, že ano. Víc to podle mě asi nepůjde.
Je to přece jen staré CPU a dnešní požadavky OS a SW jsou pro něj náročnější než tenkrát...
Rychlí test. Vytížení CPU u Firefoxu, se spuštěným YT a videem ve FHD se teď pohybuje kolem 30-40%. Předtím to kolísalo více mezi 40-60%

Dnešní požadavky jsou jistě vyšší. Něco málo ale byste získal možná defragmentací disku.