VIRY.CZ

Dobrý den, zdravím všechny odborníky. Sám si nevím rady a kamarád mi doporučil pomoc hledat zde. Poslední měsíc mi stále hučí větrák a procesor běží na 100%. PC jsem uvnitř vyčistil od prachu a stále stejný problém,. Už si nevím rady. Děkuji za jakoukoliv radu či pomoc. Předem všem děkuji za váš čas.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by zelen (administrator) on DESKTOP-2K8AIVB (Micro-Star International Co., Ltd. MAG H410 Infinite S (MS-B933)) (25-03-2024 17:32:29)
Running from C:\Users\zelen\Desktop\FRST64.exe
Loaded Profiles: zelen
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(A-Volute SAS -> A-Volute) C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\zelen\AppData\Local\Overwolf\ProcessCache\0.242.1.6\ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd\MSI companion.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupUI.exe <3>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <46>
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2402.1001.29.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_e43ec0fd38c7d43c\RstMwService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196264 2024-01-24] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [9849280 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-03-10] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [com.messenger] => "C:\Users\zelen\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [MicrosoftEdgeAutoLaunch_9D9C8361A4AB7D74294FA7EB59596A99] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.131\Installer\chrmstp.exe [2024-03-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\Installer\chrmstp.exe [2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {D1133895-E698-40E6-AF19-4AB92230F36A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {35EACF95-4684-497B-9C6B-73B5894268F2} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4979128 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\TuneUp\log" --guid 9a95d750-5df1-45af-9069-5 (the data entry has 11 more characters).
Task: {BF749130-D176-4C79-B1B6-3D1A55B54F52} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [7811512 2024-03-14] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {5A137660-8A4E-4D02-9229-8449C1961AAA} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CF408C2F-E0BB-4541-BF7B-B97111114BCB} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BF505F7F-2365-4B38-9E82-DAB2AE064EEF} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files\google\chrome\application\chrome.exe [2772256 2024-03-12] (Google LLC -> Google LLC) -> "hxxp://localhost:1487/cfosspeed/console.htm"
Task: {BE98D0DD-9660-4959-A455-0F69778063CB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5610344 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {9E27517C-4189-4CA1-BDA7-811F1E3F2A67} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2064744 2021-01-19] (Intel(R) Production Software -> Intel Corporation)
Task: {8997FA2E-6D7D-4CFD-910A-A0F8AB5E66D6} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2023-06-09] () [File not signed]
Task: {2A298CEE-C204-4B5A-81F5-3E796DC5637D} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Users\zelen\AppData\Local\Programs\Messenger\MessengerHelper.exe [2158328 2023-03-10] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {FC998AE5-FDD7-4AFC-A20A-71C0D4286589} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2169080 2024-03-16] (6E08453F-9BA7-4311-999C-D22FBA2FB1B8 -> Meta Platforms, Inc.)
Task: {69BF3700-02D6-4DE7-933D-26D785B12151} - System32\Tasks\MSI Task Host - ControlVoiceBoost => C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe [30384 2019-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {6C5D4572-F19C-46D3-A7DE-B23DF6219C58} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {4C21F9B7-417E-4B30-8EA9-681C24C1B462} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {1C7D70BC-CAE9-4B06-8BCB-9910D12D3C0D} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1822824 2023-10-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5368F08C-AE42-4CAE-ABBD-5FAED2CC7A06} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {22CA00AB-FE5F-4529-8968-AFEB662D5535} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1117352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {A1A9E40D-2563-4DFD-9509-93D22886E5C7} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1437352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {8AC3FE86-AFE9-42B4-949D-9C8AC1D33919} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1117352 ] (A-Volute SAS -> Nahimic)
Task: {39CB973B-C71C-4514-930A-599A98C28E10} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1437352 ] (A-Volute SAS -> Nahimic)
Task: {C29C609A-5AC2-42B3-BB2E-AEC20DC6DD93} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {86F38328-B421-41FF-B035-C73C93D4ABC8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AAE73B7E-F25D-4FF7-A998-CF7F8803FD82} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {40B3AB93-D2CD-4435-9A89-C2BAFF56AE82} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CC16CD5-9A97-4B53-A03F-98CB08AAB346} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD74F803-73AA-4D39-A009-A5B3B5E64C8D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B96474D-7710-47F9-A1D1-31B4784808ED} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {256FDCB8-8DC5-48A5-87E8-481290ABF7FF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AFAF0F7-9648-4E3A-8D9C-840C3BD00E8D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {6675C27F-3096-47DC-A842-6A30CFB9D681} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpDomain] home
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-03]
Edge Notifications: Default -> hxxps://freebitco.in
Edge Extension: (Avast Online Security & Privacy) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2023-06-16]
Edge Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2023-11-30]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: jyeb1nyy.default
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\jyeb1nyy.default [2021-08-25]
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release [2024-03-22]
FF Extension: (Tampermonkey) - C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release\Extensions\firefox@tampermonkey.net.xpi [2021-12-13]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-25]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default [2024-03-25]
CHR Notifications: Default -> hxxps://app.ens.domains; hxxps://drive.google.com; hxxps://freebitco.in; hxxps://mail.google.com; hxxps://twitter.com; hxxps://www.aliexpress.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.lidl.cz; hxxps://www.netflix.com; hxxps://zaletsi.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
CHR Extension: (DuckDuckGo) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-03-13]
CHR Extension: (uBlock Origin) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-24]
CHR Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-12]
CHR Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-03]
CHR Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-13]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2024-01-15]
CHR Extension: (Wayback Machine) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpnmgdkabkmnadcjpehmlllkndpkmiak [2023-11-22]
CHR Extension: (Authy) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2021-02-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (Wappalyzer - Technology profiler) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2024-02-21]
CHR Extension: (feedly) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2021-02-03]
CHR Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-09-11]
CHR Extension: (SEMOR) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-03]
CHR Extension: (WavesLiteApp) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2021-02-03]
CHR Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2022-05-30]
CHR Extension: (Morpheon Dark) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Ghostery Tracker Ad Blocker - Privacy AdBlock) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-03-10]
CHR Extension: (MetaMask) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2024-01-18]
CHR Extension: (Instant Data Scraper) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaokhiedipichpaobibbnahnkdoiiah [2024-01-31]
CHR Extension: (Web Server for Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhbbkphhbklhfoeikjpcbhemlocgigb [2021-04-07]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-13]
CHR Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-13]
CHR Extension: (Hlídač Shopů) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-15]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-15]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-12]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-25]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-11-10]
BRA Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-11-10]
BRA Extension: (Authenticator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2023-11-10]
BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-10]
BRA Extension: (Pushbullet) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-11-10]
BRA Extension: (Plasma Integration) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cimiefiiaegbelhefglklhhakcgmhkai [2023-11-10]
BRA Extension: (Simple Auto Scroll) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dccjkemhmffnljlnnoffljpkhkfpldff [2021-02-05]
BRA Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-11-10]
BRA Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-05]
BRA Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-10]
BRA Extension: (Dark Reader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-11-10]
BRA Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2023-11-10]
BRA Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-11-10]
BRA Extension: (SEMOR) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-05]
BRA Extension: (Bandzone Downloader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kdolellaicjnehmfidkjkkehmkkapngp [2021-02-05]
BRA Extension: (Social Book Post Manager) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2021-02-05]
BRA Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2023-11-10]
BRA Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-11-10]
BRA Extension: (Givee.Club - Get games for free!) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\modkgipgommbdobanfinadelfafeiadk [2023-11-10]
BRA Extension: (MetaMask) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-11-10]
BRA Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2023-11-10]
BRA Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-10]
BRA Extension: (SEOInfo) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ppbdklaincgliegpfolkjjfncpgobneb [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-11-10]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-11-10]
BRA Extension: (Brave NTP background images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-11-10]
BRA Extension: (Wallet Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-11-06]
BRA Extension: (Brave NTP sponsored images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-10]
BRA Extension: (Brave Ads Resources) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-11-10]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-11-06]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-11-10]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-11-06]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-11-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\elevation_service.exe [2671128 2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [18727360 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2539384 2024-01-24] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe [39224 2021-04-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3595776 2021-06-09] (Microsoft Corporation) [File not signed]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [749640 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-03-12] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-07-07] (Avast Software s.r.o. -> WireGuard LLC)
S3 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv.sys [313112 2019-05-29] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29208 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-11-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-11-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55528 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 EneTechIo; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\EneIo64.sys [32504 2022-07-10] (ENE TECHNOLOGY INC. -> )
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-11-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-11-28] (ESET, spol. s r.o. -> ESET)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_skl.inf_amd64_2a35efc43f1a612e\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [32592 2024-01-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [32488 2023-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [242632 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [252536 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1082080 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-02-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-25 17:32 - 2024-03-25 17:33 - 000047459 _____ C:\Users\zelen\Desktop\FRST.txt
2024-03-25 17:32 - 2024-03-25 17:32 - 000000000 ____D C:\FRST
2024-03-25 17:28 - 2024-03-25 17:31 - 002391552 _____ (Farbar) C:\Users\zelen\Desktop\FRST64.exe
2024-03-21 17:07 - 2024-03-21 17:07 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001488008 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000670344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001543176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001199624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 002174072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001626760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001024136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 000841840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-03-21 16:54 - 2024-03-13 18:26 - 000787592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 016034440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 012929144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-03-21 16:54 - 2024-03-13 18:24 - 005913096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-03-21 16:54 - 2024-03-13 18:24 - 005773344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-03-21 16:54 - 2024-03-13 18:23 - 000853104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-03-21 16:54 - 2024-03-13 06:29 - 000119399 _____ C:\WINDOWS\system32\nvinfo.pb
2024-03-17 15:45 - 2024-03-17 15:45 - 000000000 ____D C:\Program Files\dotnet
2024-03-13 18:30 - 2024-03-13 18:30 - 000015882 _____ C:\Users\zelen\README.md
2024-03-13 18:30 - 2024-03-13 18:30 - 000005838 _____ C:\Users\zelen\AppData\Local\recently-used.xbel
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 04:38 - 2024-03-13 04:38 - 000000000 ___HD C:\$WinREAgent
2024-03-13 04:33 - 2024-03-13 04:33 - 000003236 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - ControlVoiceBoost
2024-03-12 19:05 - 2024-03-12 19:05 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2024-03-12 19:05 - 2024-03-12 19:05 - 000000000 ____D C:\Program Files\ENE
2024-03-12 19:04 - 2024-03-12 19:04 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2024-03-12 19:04 - 2024-03-12 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2024-03-10 17:26 - 2024-03-10 17:26 - 000000000 ___HD C:\$Windows.~WS
2024-03-09 22:37 - 2024-03-09 22:37 - 000031414 _____ C:\Users\zelen\Downloads\65ec0bf85e355.webp
2024-03-09 11:49 - 2024-03-09 11:49 - 419594592 _____ C:\Users\zelen\Downloads\MOV_0334.mp4
2024-03-09 07:29 - 2024-03-09 07:29 - 000054660 _____ C:\Users\zelen\Downloads\hcdMvnn.jpeg
2024-03-08 05:24 - 2024-03-08 05:24 - 000167537 _____ C:\Users\zelen\Downloads\9238227.pdf
2024-03-06 17:22 - 2024-03-06 17:22 - 000043380 _____ C:\Users\zelen\Downloads\1643672604_1_DF_e65gg31uh8367591.ged
2024-03-06 15:27 - 2024-03-11 04:30 - 000000000 ____D C:\WINDOWS\Panther
2024-03-04 18:47 - 2024-03-04 18:47 - 000685384 _____ (Mobirise.com) C:\Users\zelen\Downloads\MobiriseSetup.exe
2024-03-04 18:43 - 2024-03-06 18:37 - 000000000 ____D C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs
2024-03-04 18:32 - 2024-03-04 18:32 - 005234364 _____ C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs.zip
2024-03-04 05:26 - 2024-03-04 05:26 - 000000000 ____D C:\WINDOWS\InboxApps
2024-03-04 05:25 - 2024-03-04 05:25 - 000000270 __RSH C:\ProgramData\ntuser.pol
2024-03-03 15:09 - 2024-03-03 15:09 - 000019035 _____ C:\Users\zelen\Downloads\[SkT]Windows_8.1_(64bit)(CZ).torrent
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Tasks.BackupByDriver Booster
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Roaming\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\LocalLow\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Local\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\ProductData
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\IObit
2024-03-03 09:03 - 2024-03-03 09:05 - 000000000 ____D C:\Users\zelen\Downloads\KMSAuto Lite Portable v1.6.5
2024-03-01 11:43 - 2024-03-01 11:43 - 002498035 _____ C:\Users\zelen\Downloads\Radosovice1.pdf
2024-03-01 10:43 - 2024-03-01 10:43 - 002236790 _____ C:\Users\zelen\Downloads\Radosovice.pdf
2024-03-01 04:04 - 2024-03-01 04:04 - 051062649 _____ C:\Users\zelen\Desktop\SDR Scan ,pá bře 1 2024 04-04-07.DAT
2024-02-29 19:24 - 2024-02-29 19:24 - 000000000 ____D C:\Users\zelen\Downloads\Windows 7 4v1 x86 9.2015 cz-sk
2024-02-29 15:22 - 2024-03-01 04:05 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2024-02-29 15:22 - 2024-03-01 04:05 - 000001854 _____ C:\Users\Public\Desktop\Stellar Data Recovery.lnk
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Data Recovery
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2024-02-29 15:21 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files\Stellar Data Recovery
2024-02-29 13:14 - 2024-02-29 13:14 - 000020072 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_SP1_4v1_(x86)(9_2015)(CZ_SK).torrent
2024-02-29 12:59 - 2024-02-29 12:59 - 000038460 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_32-bit_a_64-bit_-_Activated_DVD5.torrent
2024-02-29 10:23 - 2024-02-29 10:23 - 001432648 _____ (Akeo Consulting) C:\Users\zelen\Downloads\rufus-4.4.exe
2024-02-26 22:57 - 2024-02-26 22:57 - 000070612 _____ C:\Users\zelen\Downloads\101129_talkcmmntillu_p886.webp
2024-02-26 09:32 - 2024-02-26 09:32 - 000007110 _____ C:\Users\zelen\Downloads\1000126076-usedlost včetně valů a bývalého tvrziště.xlsx
2024-02-26 09:32 - 2024-02-26 09:32 - 000000000 ____D C:\Users\zelen\AppData\Roaming\NVIDIA
2024-02-25 18:10 - 2024-02-25 18:12 - 000000000 ____D C:\Users\zelen\Downloads\autodraha
2024-02-25 14:15 - 2024-02-25 14:15 - 000015478 _____ C:\Users\zelen\Downloads\[SkT]Windows_10Pro_2009.630_Lite.SE_ML_oprekin.com.iso.torrent
2024-02-24 16:27 - 2024-02-15 17:42 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-02-24 16:25 - 2024-03-13 18:21 - 006033568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-24 14:58 - 2024-02-24 14:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-02-24 14:55 - 2024-03-13 18:22 - 006946400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-25 17:21 - 2021-02-03 17:21 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-25 17:02 - 2021-02-27 19:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-25 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-25 15:03 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-25 15:00 - 2023-04-27 19:58 - 000000000 ____D C:\Users\zelen\AppData\Local\LogiBolt
2024-03-25 15:00 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Messenger
2024-03-25 15:00 - 2021-03-26 01:09 - 000002328 _____ C:\Users\zelen\Desktop\MSI companion.lnk
2024-03-25 15:00 - 2021-03-26 01:08 - 000000000 ____D C:\Users\zelen\AppData\Local\Overwolf
2024-03-25 02:58 - 2021-03-03 03:34 - 000000000 ____D C:\Users\zelen\AppData\Roaming\FileZilla
2024-03-24 19:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-23 04:36 - 2022-02-18 00:11 - 000000000 ____D C:\Program Files\RUXIM
2024-03-22 15:43 - 2022-05-11 17:41 - 000659932 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-22 15:43 - 2022-05-11 17:41 - 000136202 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-22 15:43 - 2021-02-27 19:28 - 001562480 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-22 15:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-22 15:36 - 2021-05-19 08:18 - 000003108 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2024-03-22 15:36 - 2021-05-19 08:18 - 000003088 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2024-03-22 15:36 - 2021-02-27 19:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-21 21:24 - 2021-12-17 20:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-21 21:24 - 2021-02-03 16:08 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-21 21:24 - 2021-02-03 16:08 - 000002173 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-21 17:07 - 2021-02-03 16:48 - 000000000 ____D C:\Users\zelen\AppData\Local\NVIDIA
2024-03-20 20:19 - 2021-02-05 14:16 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-03-20 20:19 - 2021-02-05 14:16 - 000002290 _____ C:\Users\Public\Desktop\Brave.lnk
2024-03-19 19:19 - 2021-03-10 20:51 - 000000000 ____D C:\Users\zelen\AppData\Local\babl-0.1
2024-03-19 19:18 - 2021-02-03 18:23 - 000000000 ____D C:\Users\zelen\AppData\Local\CrashDumps
2024-03-19 19:15 - 2021-02-03 19:00 - 000000000 ____D C:\Users\zelen\AppData\Roaming\vlc
2024-03-19 19:10 - 2021-02-03 18:59 - 000000883 _____ C:\Users\Public\Desktop\VLC media player.lnk
2024-03-18 19:05 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Local\Messenger
2024-03-18 19:05 - 2021-02-03 15:55 - 000000000 ___SD C:\Users\zelen\AppData\Roaming\Microsoft\Credentials
2024-03-18 15:54 - 2022-03-19 08:33 - 000000000 ____D C:\ProgramData\AVG
2024-03-18 15:00 - 2021-02-03 17:22 - 000000000 ____D C:\Users\zelen\AppData\Local\Steam
2024-03-17 15:45 - 2021-02-03 16:01 - 000000000 ____D C:\Users\zelen\AppData\Local\Packages
2024-03-17 15:45 - 2020-06-04 20:08 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-17 15:45 - 2019-10-30 14:46 - 000000000 ____D C:\ProgramData\Packages
2024-03-17 15:44 - 2021-02-03 16:05 - 000000000 ____D C:\Users\zelen\AppData\Local\PlaceholderTileLogoFolder
2024-03-17 09:54 - 2021-02-03 18:10 - 000000000 ____D C:\Users\zelen\AppData\Local\D3DSCache
2024-03-16 09:28 - 2022-09-18 05:44 - 000000000 ____D C:\Users\zelen\.VirtualBox
2024-03-16 01:29 - 2021-02-03 15:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-16 01:29 - 2021-02-03 15:50 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-15 19:57 - 2024-02-17 02:58 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-03-15 19:57 - 2022-10-22 20:36 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-03-15 19:57 - 2022-10-22 20:36 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-03-15 19:57 - 2021-11-19 05:11 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-03-15 19:57 - 2021-02-03 16:22 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 002709096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000706152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-03-15 19:45 - 2022-09-18 05:44 - 000000000 ____D C:\ProgramData\VirtualBox
2024-03-14 15:11 - 2021-03-26 01:09 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-03-13 18:30 - 2021-03-06 10:50 - 000000000 ____D C:\Users\zelen\.bluefish
2024-03-13 18:30 - 2021-02-27 19:21 - 000000000 ____D C:\Users\zelen
2024-03-13 15:19 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\Intel
2024-03-13 05:30 - 2023-03-16 03:54 - 000644104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-13 05:30 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-13 05:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-13 04:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-13 04:33 - 2021-02-04 09:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 04:33 - 2020-06-04 20:28 - 000000000 ____D C:\MSI
2024-03-13 04:27 - 2021-02-04 09:07 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-12 19:06 - 2020-06-04 20:31 - 000000000 ____D C:\ProgramData\MSI
2024-03-12 19:04 - 2021-02-27 19:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2024-03-12 19:04 - 2020-06-04 20:08 - 000000000 ____D C:\Program Files\Intel
2024-03-11 04:30 - 2021-09-04 10:38 - 000000000 ____D C:\ESD
2024-03-08 17:19 - 2021-03-10 20:57 - 000000000 ____D C:\Users\zelen\AppData\Local\gtk-2.0
2024-03-07 19:10 - 2021-05-14 21:36 - 000000000 ____D C:\Users\zelen\AppData\Local\ElevatedDiagnostics
2024-03-06 18:33 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Mobirise
2024-03-05 15:24 - 2021-02-27 19:24 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 15:24 - 2021-02-27 19:24 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-04 23:17 - 2021-02-21 20:14 - 000000000 ____D C:\ProgramData\Transmission
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\Users\Public\Desktop\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Local\mobirise-updater
2024-03-04 05:27 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-03-04 01:11 - 2019-12-07 15:44 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-03-04 01:11 - 2019-12-07 15:44 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-03-04 01:11 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-03-04 01:11 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CodeIntegrityAggregator.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AutomaticAppSignInPolicy.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000034112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticDataSettings.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000849280 _____ C:\WINDOWS\system32\aemarebackup.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccount.TokenProvider.Core.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000225280 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000104448 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AutomaticAppSignInPolicy.dll
2024-03-03 23:36 - 2021-02-21 20:13 - 000000000 ____D C:\Users\zelen\AppData\Local\transmission
2024-03-03 18:10 - 2022-09-17 05:05 - 000000000 ____D C:\Users\zelen\AppData\Local\Bluestacks
2024-03-03 18:10 - 2021-03-26 01:09 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-03-03 15:51 - 2023-02-07 06:22 - 000000206 _____ C:\Users\zelen\Downloads\rufus.ini
2024-02-29 13:44 - 2023-02-07 06:40 - 000000000 ____D C:\Users\zelen\Downloads\Rufus
2024-02-24 16:29 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

==================== Files in the root of some directories ========

2022-03-20 17:01 - 2022-03-20 17:04 - 000108928 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-05 10:29 - 2022-05-07 08:07 - 000034269 _____ () C:\Program Files (x86)\DiskPlayer Setup Log.txt
2022-02-05 10:30 - 2022-02-05 10:30 - 000007597 _____ () C:\Program Files (x86)\DiskPlayer Uninstall Log.txt
2021-08-04 15:16 - 2021-08-04 18:04 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
2021-08-04 15:28 - 2021-08-04 15:28 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
2023-08-07 17:34 - 2023-09-11 14:58 - 000000016 _____ () C:\Users\zelen\AppData\Roaming\msregsvv.dll
2021-03-06 10:21 - 2021-03-06 10:21 - 000000128 _____ () C:\Users\zelen\AppData\Local\PUTTY.RND
2024-03-13 18:30 - 2024-03-13 18:30 - 000005838 _____ () C:\Users\zelen\AppData\Local\recently-used.xbel
2021-03-25 01:01 - 2021-03-25 01:01 - 000000017 _____ () C:\Users\zelen\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


------------------------------------------------------------------------------------------------------------------------------------------------------------------------


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by zelen (25-03-2024 17:33:33)
Running from C:\Users\zelen\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2021-02-27 18:24:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2953557184-4198598645-1749663361-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2953557184-4198598645-1749663361-503 - Limited - Disabled)
Guest (S-1-5-21-2953557184-4198598645-1749663361-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2953557184-4198598645-1749663361-504 - Limited - Disabled)
Zedko (S-1-5-21-2953557184-4198598645-1749663361-1002 - Limited - Enabled) => C:\Users\Zedko
zelen (S-1-5-21-2953557184-4198598645-1749663361-1001 - Administrator - Enabled) => C:\Users\zelen

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3StepIcon version 1.0.0 (HKLM-x32\...\{44F8E787-21B1-4EED-83A7-37C6998D6F6D}_is1) (Version: 1.0.0 - )
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
AmpliTube 5 version 5.7.0 (HKLM\...\{D831D61F-EBF5-4158-AEE1-F58A7B8C04C8}_is1) (Version: 5.7.0 - IK Multimedia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
AVG TuneUp (HKLM\...\AVG TuneUp) (Version: 23.4.15807.8938 - AVG)
balenaEtcher 1.10.6 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.10.6 - Balena Inc.)
Bluefish 2.2.12 (HKLM-x32\...\Bluefish) (Version: 2.2.12 - The Bluefish Developers)
BlueStacks X (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\BlueStacks X) (Version: 0.18.30.9 - BlueStack Systems, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 123.1.64.109 - Autoři prohlížeče Brave)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
CMS (HKLM-x32\...\CMS) (Version: - )
DiskPlayer (HKLM-x32\...\DiskPlayer) (Version: - )
Documentation Manager (HKLM\...\{ECFBCE39-F4EE-43C7-8EE7-D28EE703617D}) (Version: 21.90.0.9 - Intel Corporation) Hidden
Dogecoin (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Dogecoin) (Version: 1.5.1.0 - Dogecoin)
Dynamic Application Loader Host Interface Service (HKLM\...\{9958AC82-2FDD-4124-9A9E-6699BBD044CC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EmbeddedIQ Searchmonkey version 3.2.0 (HKLM\...\{89CAA77F-6F11-476C-BA53-3AEA14214E1E}_is1) (Version: 3.2.0 - EmbeddedIQ)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{7c1089bb-6d30-4461-a52c-65839a41d745}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 17.0.16.0 - ESET, spol. s r.o.)
FileZilla 3.66.5 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\FileZilla Client) (Version: 3.66.5 - Tim Kosse)
G-EXTRACTOR V.18 INBUILT BROWSER (HKLM-x32\...\{5E64E6DF-BD28-4FCA-B6A1-C795994ADC21}) (Version: 18.0.0 - Tiger Vikram)
GIMP 2.10.32 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.131 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
HDR projects 5 (64-Bit) (HKLM\...\HDR_PROJECTS_5_2_3BF7CE82_is1) (Version: 5.52 - Franzis Verlag GmbH)
honestech VHS to DVD 3.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 3.0 - honestech)
iDealshare VideoGo 6.5.0.7675 (HKLM-x32\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD850}_is1) (Version: - iDealshare Corporation)
IK Product Manager 1.0.5 (HKLM\...\a401809f-3509-5ed7-a6dc-34dc618bf372) (Version: 1.0.5 - IK Multimedia)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{96d90b75-794d-49b2-9c6a-fb35a86c32a1}) (Version: 7.3.0.33 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{9796DAAB-D3AD-4FA4-B8F3-6061DBBE1352}) (Version: 10.1.18295.8201 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{b666e502-9089-483b-9816-0774ccc9cb61}) (Version: 10.1.18295.8201 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{8A72FDBD-8AD3-4C27-9A60-FF2837337B71}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{5DD7767A-9935-45D3-A012-5F4707E93AC5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2007.14.0.1488 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{80C61169-91EF-4104-BECD-CF58486979A3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{DA32477F-B10F-4028-A351-98B464F34A2F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3C4E6ADF-F07E-4B2B-A674-959EE7CFB887}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.80.0.3 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{71e5eda7-14f9-4a67-b930-17e31afe19be}) (Version: 21.90.0.9 - Intel Corporation) Hidden
IPCam Admin 3.0.4 (HKLM-x32\...\IPCam Admin Utility_is1) (Version: - OvisLink Technologies Corp.)
IPCam Surveillance Software 3.0.0.8 (HKLM-x32\...\IPCam Surveillance Software_is1) (Version: - OvisLink Technologies Corp.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java(TM) SE Development Kit 11.0.11 (64-bit) (HKLM\...\{7383FAC9-7481-5A92-A58B-85830D7B2AD3}) (Version: 11.0.11.0 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
K-Lite Codec Pack 17.6.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.6.6 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.3.7.2 (HKLM\...\{1CC94CCB-0957-4A62-8B29-D215EDF8D483}) (Version: 7.3.7.2 - The Document Foundation)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Messenger (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 182.0.455264854 - Facebook, Inc.)
Microsoft .NET Host - 8.0.3 (x64) (HKLM\...\{0511E062-77E0-4F80-ABA3-0F99B9EF8C4B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.3 (x64) (HKLM\...\{E79D3B29-C9A2-42D5-8703-85B73C452D8B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.3 (x64) (HKLM\...\{D98088DE-EDA4-4E1A-BF0F-ED9A9145CC70}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\OneDriveSetup.exe) (Version: 24.015.0121.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM\...\{CE0906F2-6C11-4A2B-880B-AFB92474B13E}) (Version: 64.12.10377 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM-x32\...\{fb8f4657-2b60-4298-b83e-aaccb07ef793}) (Version: 8.0.3.33416 - Microsoft Corporation)
Mobirise 5.9.13 (HKLM-x32\...\a651c295-23f6-5815-8016-69ff822d3275) (Version: 5.9.13 - Mobirise.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x64 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0.2 - Mozilla)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.80.5.1004 - BlueStack Systems, Inc.)
MSI companion (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Overwolf_ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd) (Version: 2.0.39 - Overwolf app)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
Node.js (HKLM\...\{A5930352-39BC-48D0-9F6D-38B984914E5D}) (Version: 14.18.0 - Node.js Foundation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 6.1.40 (HKLM\...\{43A0F3F1-1A26-43F3-ABD6-30E8A54D407E}) (Version: 6.1.40 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.242.1.6 - Overwolf Ltd.)
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM\...\{14EEF044-2FC6-40AA-9285-F430B3D90EF6}) (Version: 17.10.2.5049 - Paragon Software) Hidden
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM-x32\...\{f541ba6a-92bf-466b-b956-5efa58ffe017}) (Version: 17.10.2.5049 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{06B4D67B-9ECB-41E5-B4C1-92F529BB703D}) (Version: 24.65.0.487 - Paragon Software) Hidden
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 3.0.1 - Vaclav Slavik)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8931.1 - Realtek Semiconductor Corp.)
SecondLifeViewer (HKLM\...\SecondLifeViewer) (Version: 6.4.22.561752 - Linden Research, Inc.)
Služba Xperia Companion (HKLM\...\{0BFCDF65-FA11-431A-B059-4F58984C0D80}) (Version: 2.12.4.0 - Sony) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 11.0.0.5 - Stellar Information Technology Pvt Ltd.)
Telegram Desktop (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.11.1 - Telegram FZ-LLC)
Transmission 3.00 (bb6b5a062e) (HKLM-x32\...\{E98621B6-AA42-4390-93AF-4C3D2C557258}) (Version: 3.00.0 - Transmission Project)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinToUSB verze 5.8 (HKLM\...\WinToUSB_is1) (Version: 5.8 - Hasleo Software.)
WonderFox DVD Video Converter 25.8 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 25.8 - WonderFox Soft, Inc.)
Xperia Companion (HKLM-x32\...\{8CE04ADB-E536-480B-B61F-9D16C6392A0D}) (Version: 2.12.4.0 - Sony) Hidden

Chrome apps:
============
Google Password Manager (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\0e3d311605493bd78ad4c7dcd1baa0c3) (Version: 1.0 - Google\Chrome)

Packages:
=========

7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2022-12-30] (Hauke Hasselberg)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.21.269.0_x64__rz1tebttyb220 [2024-03-21] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-10-28] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2023-10-21] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
GEDCOM Validator -> C:\Program Files\WindowsApps\5864ChronoplexSoftware.GEDCOMValidator_10.0.2.0_x64__cfn0exghkdxkm [2024-03-17] (Chronoplex Software)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt [2024-03-16] (Meta) [Startup Task]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.7.1181.0_x86__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.5.2130.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Studios) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-10-21] (Microsoft Corporation)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.9.2291.0_x64__8wekyb3d8bbwe [2024-03-11] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2023-10-21] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm [2023-10-21] (A-Volute)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-21] (NVIDIA Corp.)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-10-21] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.617.655.0_x64__55nm5eh3cm0pr [2024-03-24] (Roblox Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-22] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2024-02-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{FD848478-65F5-4F01-ACD9-69195EC3631F}\localserver32 -> C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH -> cFos Software GmbH)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\nvshext.dll [2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\zelen\Desktop\David - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\Desktop\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\Desktop\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Authy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\WavesLiteApp.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kfmcaklajknfekomaflnhkjjkcjabogm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Web Server for Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofhbbkphhbklhfoeikjpcbhemlocgigb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c8d89645c188b327\Instant Data Scraper.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofaokhiedipichpaobibbnahnkdoiiah
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6ddfdda7e648aa1f\MetaMask.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn

==================== Loaded Modules (Whitelisted) =============

2020-06-04 20:28 - 2005-07-19 04:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Support\unrar.dll
2020-06-04 20:31 - 2018-11-23 07:01 - 000344576 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\YooMixCOM.dll
2024-03-12 19:05 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2023-11-20 15:14 - 2023-11-20 15:14 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2022-07-15 18:00 - 2022-07-15 18:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2024-03-12 19:05 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2024-03-12 19:05 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-02-07 21:16 - 2023-10-17 17:48 - 000000526 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
0 606
192.168.137.1 DESKTOP-2K8AIVB.mshome.net # 2028 10 0 15 16 48 45 925

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\nodejs\;C:\Program Files\dotnet\
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zelen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaper_msi.jpg
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "SharewareOnSale Notifier"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "Software Informer"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{A7F94DF6-8AAD-4DC6-84DF-DD94640F1D24}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [TCP Query User{2016545F-F445-4436-A8B9-0488AB8B1B29}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [{783FBF56-AA5D-41E1-B3DF-E506462E35AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BC007AE8-B798-4DCB-B46D-8ABF06EE1E81}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [UDP Query User{417B87DF-C840-49D0-B781-B482097B2D99}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [TCP Query User{4CBB2619-B8EE-4A0E-B035-48B0988DEB0F}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [UDP Query User{7D7F53D1-5BBE-4CDB-BACC-C6BFDC601242}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [TCP Query User{25671E71-F1CD-42D1-91B4-14D49A2D23F9}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [{DF4C2535-A077-4BD4-9E1C-C427F953431D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07579DC1-996F-4F94-B404-93D3CFEFA65D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B656C835-D43D-4332-A195-5A56E2A1A687}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3EF97105-8594-422A-AB76-8E5731A7B2FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6EA658D7-F5C6-4670-90FE-AAF469D1E3FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F83FE58E-28BA-4912-9A6D-290338C3EF2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{9B465E64-FA8F-49D2-8ED5-0BD3718EB7DF}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A25DD1A-57A7-420F-BEFD-ADDA4A8073BA}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A1D5291-8B49-434F-A587-94725127E2EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{1D8A7CE9-0F20-4F46-9657-33C6C73E8807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{ACAD00D9-DCF8-4F2C-817C-895F2E3F77C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{7A0D71B3-33B9-46D7-992A-1F43AD135D0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{F4004CF2-5A1E-45CC-9749-DC4923AF4F18}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1878C184-556A-4A24-B637-95474C5B4901}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{165A4F64-AC5A-4E14-AE75-901C6F208A5F}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{91FB25C6-6480-4D95-AC4E-AB6D475B9F1D}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A1100A26-8604-4347-A6B2-2A37B577CC06}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{9D489F3E-ACFC-43B1-B8F2-A6FE631E4F7A}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{A71D04B6-26BF-4FDF-8DC5-C2A0BB14D056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{9A6DD132-7919-407D-A3D6-BCB2F7B2D4A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{8AB27AE7-AC22-4F41-8762-C195EC48E72B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{7B82B96C-2C01-4822-8097-483A8137AD9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{8CAA30C7-E97F-4B6D-8612-13F6AB7E2306}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{E4B6CDE3-7C8A-445D-A400-ECBBAE819603}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95A72FAE-CF06-41DA-BEBC-71960F746594}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8BB518A9-3BDC-4481-9820-6EE157FE760C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED0F7D20-2308-47D1-BB44-32833E019320}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B56FB99-3E30-4A32-A7CD-8EE8B0E6B616}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1147E0FD-8EA4-4C4C-98E0-8EE9CE1CD427}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5339570B-3507-415C-9D7C-CB4B2DC87CCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B80191B-5B6C-4E98-8153-187B86C47DF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AA35A439-9D89-4C9B-B596-63A244F93635}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{B832FCEC-1B2E-4AF7-878D-C64F8A460A34}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AEA9A86B-6786-4F45-8244-1AD21640FEF4}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6DB1BBC4-2EEE-4125-8777-741DCDDD2102}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8B09D785-FFB7-47A7-836B-B53D691FD319}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7C478DA-8BA1-4DA8-B273-63199A45ED60}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{3548183A-C0E0-445F-9961-0EC1F5B54F89}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6DF90F74-C0D7-4A74-AFEA-E043F1960462}] => (Allow) LPort=32682
FirewallRules: [{D1DD1A97-4048-4AC9-BA47-98D014239516}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D20C8D57-BEF9-4436-A814-A82F4820622B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D83D4E71-1B0F-4046-A9C2-28A422EA6860}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D1B32A3-3B05-46F0-B803-6A57A02F390E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D25786FC-038B-4D14-964C-ECAB1B92A1D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AB46ED76-7DF9-4D4C-829A-7F2A4DC9D52D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{897DB355-727E-40CF-ABE0-230FB13C643C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF533279-0CD3-4FD8-AB85-C1086A5FCCF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4A56CCF-BCB8-4C5B-9E93-E023D66104FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5317C6E4-1B0A-471D-887B-28DF43CBC615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{81A92194-8567-4830-9DFE-441215A9EC6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E8E77AC-E8EC-40FC-9036-4B3DE433C47E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B644E846-A863-4202-8542-428ED7BF565B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D56932E4-D6F6-4ED8-9D01-C3A2E1288FD4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/22/2024 03:38:53 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.

Error: (03/22/2024 03:38:53 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (03/21/2024 07:00:33 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.

Error: (03/21/2024 07:00:33 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (03/21/2024 06:59:02 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-2K8AIVB)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (03/21/2024 06:18:03 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-2K8AIVB)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/20/2024 03:14:49 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.

Error: (03/20/2024 03:14:49 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.


System errors:
=============
Error: (03/25/2024 03:00:13 PM) (Source: iaStorAC) (EventID: 4102) (User: )
Description: Error log: Smart event occured on disk :S266J90BA13291

Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2024-03-25 17:01:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 8.00 06/15/2020
Motherboard: Micro-Star International Co., Ltd. MS-B9331
Processor: Intel(R) Core(TM) i5-10400F CPU @ 2.90GHz
Percentage of memory in use: 40%
Total physical RAM: 16314.08 MB
Available physical RAM: 9732.8 MB
Total Virtual: 22458.08 MB
Available Virtual: 11242.86 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:286.16 GB) (Free:17.32 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive d: (Data) (Fixed) (Total:167.39 GB) (Free:105.96 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive h: (CCCOMA_X86FRE_CS-CZ_DV9) (Fixed) (Total:931.51 GB) (Free:393.5 GB) (Model: TOSHIBA MQ04ABF100 USB Device) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{631221af-abf1-4d6c-bd93-de9beb888025}\ (WINRE) (Fixed) (Total:0.78 GB) (Free:0.23 GB) NTFS
\\?\Volume{5356a5cb-377a-49ac-a83a-4eb5d0f3e331}\ (BIOS_RVY) (Fixed) (Total:22.37 GB) (Free:0.69 GB) NTFS
\\?\Volume{944a7564-3713-4d76-942c-e40bd8995cf5}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
\\?\Volume{d6ecec97-76b8-4b1d-a1ac-c64506e9d8d6}\ () (Fixed) (Total:0.5 GB) (Free:0.49 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C03A8003)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 596.2 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 18BBE804)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-25-2024
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.4170)
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Tuneup

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1496 octets] - [25/03/2024 18:14:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Zdá se, že je po problému. Procesor už neběží na plno a ventilátor se netočí stále hlučně na plno. Ohromný rozdíl, děkuji. Přikládám logy

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by zelen (administrator) on DESKTOP-2K8AIVB (Micro-Star International Co., Ltd. MAG H410 Infinite S (MS-B933)) (25-03-2024 19:09:17)
Running from C:\Users\zelen\Desktop\FRST64.exe
Loaded Profiles: zelen
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(A-Volute SAS -> A-Volute) C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\zelen\AppData\Local\Overwolf\ProcessCache\0.242.1.6\ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd\MSI companion.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupUI.exe <4>
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2402.1001.29.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_e43ec0fd38c7d43c\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Speed Up\StorageMonitor.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\Old\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196264 2024-01-24] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [9849280 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-03-10] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [com.messenger] => "C:\Users\zelen\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [MicrosoftEdgeAutoLaunch_9D9C8361A4AB7D74294FA7EB59596A99] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.131\Installer\chrmstp.exe [2024-03-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\Installer\chrmstp.exe [2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {D1133895-E698-40E6-AF19-4AB92230F36A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {35EACF95-4684-497B-9C6B-73B5894268F2} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4979128 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\TuneUp\log" --guid 9a95d750-5df1-45af-9069-5 (the data entry has 11 more characters).
Task: {BF749130-D176-4C79-B1B6-3D1A55B54F52} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [7811512 2024-03-14] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {5A137660-8A4E-4D02-9229-8449C1961AAA} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CF408C2F-E0BB-4541-BF7B-B97111114BCB} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BF505F7F-2365-4B38-9E82-DAB2AE064EEF} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files\google\chrome\application\chrome.exe [2772256 2024-03-12] (Google LLC -> Google LLC) -> "hxxp://localhost:1487/cfosspeed/console.htm"
Task: {BE98D0DD-9660-4959-A455-0F69778063CB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5610344 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {9E27517C-4189-4CA1-BDA7-811F1E3F2A67} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2064744 2021-01-19] (Intel(R) Production Software -> Intel Corporation)
Task: {8997FA2E-6D7D-4CFD-910A-A0F8AB5E66D6} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2023-06-09] () [File not signed]
Task: {2A298CEE-C204-4B5A-81F5-3E796DC5637D} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Users\zelen\AppData\Local\Programs\Messenger\MessengerHelper.exe [2158328 2023-03-10] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {FC998AE5-FDD7-4AFC-A20A-71C0D4286589} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2169080 2024-03-16] (6E08453F-9BA7-4311-999C-D22FBA2FB1B8 -> Meta Platforms, Inc.)
Task: {69BF3700-02D6-4DE7-933D-26D785B12151} - System32\Tasks\MSI Task Host - ControlVoiceBoost => C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe [30384 2019-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {6C5D4572-F19C-46D3-A7DE-B23DF6219C58} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {4C21F9B7-417E-4B30-8EA9-681C24C1B462} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {1C7D70BC-CAE9-4B06-8BCB-9910D12D3C0D} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1822824 2023-10-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5368F08C-AE42-4CAE-ABBD-5FAED2CC7A06} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {22CA00AB-FE5F-4529-8968-AFEB662D5535} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1117352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {A1A9E40D-2563-4DFD-9509-93D22886E5C7} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1437352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {7860EE96-2C65-44E4-91AC-6B29512FE2E2} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1117352 ] (A-Volute SAS -> Nahimic)
Task: {DDFDA32B-3577-4B49-BA43-4BBCA1C46257} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1437352 ] (A-Volute SAS -> Nahimic)
Task: {C29C609A-5AC2-42B3-BB2E-AEC20DC6DD93} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {86F38328-B421-41FF-B035-C73C93D4ABC8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AAE73B7E-F25D-4FF7-A998-CF7F8803FD82} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {40B3AB93-D2CD-4435-9A89-C2BAFF56AE82} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CC16CD5-9A97-4B53-A03F-98CB08AAB346} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD74F803-73AA-4D39-A009-A5B3B5E64C8D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B96474D-7710-47F9-A1D1-31B4784808ED} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {256FDCB8-8DC5-48A5-87E8-481290ABF7FF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AFAF0F7-9648-4E3A-8D9C-840C3BD00E8D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {6675C27F-3096-47DC-A842-6A30CFB9D681} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpDomain] home
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-03]
Edge Notifications: Default -> hxxps://freebitco.in
Edge Extension: (Avast Online Security & Privacy) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2023-06-16]
Edge Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2023-11-30]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: jyeb1nyy.default
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\jyeb1nyy.default [2021-08-25]
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release [2024-03-25]
FF Extension: (Tampermonkey) - C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release\Extensions\firefox@tampermonkey.net.xpi [2021-12-13]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-25]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default [2024-03-25]
CHR Notifications: Default -> hxxps://app.ens.domains; hxxps://drive.google.com; hxxps://freebitco.in; hxxps://mail.google.com; hxxps://twitter.com; hxxps://www.aliexpress.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.lidl.cz; hxxps://www.netflix.com; hxxps://zaletsi.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
CHR Extension: (DuckDuckGo) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-03-13]
CHR Extension: (uBlock Origin) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-24]
CHR Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-12]
CHR Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-03]
CHR Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-13]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2024-01-15]
CHR Extension: (Wayback Machine) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpnmgdkabkmnadcjpehmlllkndpkmiak [2023-11-22]
CHR Extension: (Authy) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2021-02-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (Wappalyzer - Technology profiler) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2024-02-21]
CHR Extension: (feedly) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2021-02-03]
CHR Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-09-11]
CHR Extension: (SEMOR) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-03]
CHR Extension: (WavesLiteApp) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2021-02-03]
CHR Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2022-05-30]
CHR Extension: (Morpheon Dark) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Ghostery Tracker Ad Blocker - Privacy AdBlock) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-03-10]
CHR Extension: (MetaMask) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2024-01-18]
CHR Extension: (Instant Data Scraper) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaokhiedipichpaobibbnahnkdoiiah [2024-01-31]
CHR Extension: (Web Server for Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhbbkphhbklhfoeikjpcbhemlocgigb [2021-04-07]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-13]
CHR Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-13]
CHR Extension: (Hlídač Shopů) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-15]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-15]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-12]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-25]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-11-10]
BRA Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-11-10]
BRA Extension: (Authenticator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2023-11-10]
BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-10]
BRA Extension: (Pushbullet) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-11-10]
BRA Extension: (Plasma Integration) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cimiefiiaegbelhefglklhhakcgmhkai [2023-11-10]
BRA Extension: (Simple Auto Scroll) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dccjkemhmffnljlnnoffljpkhkfpldff [2021-02-05]
BRA Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-11-10]
BRA Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-05]
BRA Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-10]
BRA Extension: (Dark Reader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-11-10]
BRA Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2023-11-10]
BRA Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-11-10]
BRA Extension: (SEMOR) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-05]
BRA Extension: (Bandzone Downloader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kdolellaicjnehmfidkjkkehmkkapngp [2021-02-05]
BRA Extension: (Social Book Post Manager) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2021-02-05]
BRA Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2023-11-10]
BRA Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-11-10]
BRA Extension: (Givee.Club - Get games for free!) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\modkgipgommbdobanfinadelfafeiadk [2023-11-10]
BRA Extension: (MetaMask) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-11-10]
BRA Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2023-11-10]
BRA Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-10]
BRA Extension: (SEOInfo) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ppbdklaincgliegpfolkjjfncpgobneb [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-11-10]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-11-10]
BRA Extension: (Brave NTP background images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-11-10]
BRA Extension: (Wallet Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-11-06]
BRA Extension: (Brave NTP sponsored images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-10]
BRA Extension: (Brave Ads Resources) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-11-10]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-11-06]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-11-10]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-11-06]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-11-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\elevation_service.exe [2671128 2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [18727360 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2539384 2024-01-24] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9423680 2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe [39224 2021-04-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3595776 2021-06-09] (Microsoft Corporation) [File not signed]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [749640 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-03-12] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-07-07] (Avast Software s.r.o. -> WireGuard LLC)
S3 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv.sys [313112 2019-05-29] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29208 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-11-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-11-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55528 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 EneTechIo; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\EneIo64.sys [32504 2022-07-10] (ENE TECHNOLOGY INC. -> )
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-11-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-11-28] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_skl.inf_amd64_2a35efc43f1a612e\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [32592 2024-01-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [32488 2023-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [242632 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [252536 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1082080 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-02-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-25 18:27 - 2024-03-25 18:27 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-03-25 18:13 - 2024-03-25 18:14 - 000000000 ____D C:\AdwCleaner
2024-03-25 18:13 - 2024-03-25 18:13 - 008790880 _____ (Malwarebytes) C:\Users\zelen\Desktop\adwcleaner(1).exe
2024-03-25 18:12 - 2024-03-25 18:13 - 008791352 _____ (Malwarebytes) C:\Users\zelen\Desktop\AdwCleaner.exe
2024-03-25 18:04 - 2024-03-25 18:27 - 000000000 ____D C:\Users\zelen\AppData\LocalLow\IGDump
2024-03-25 18:03 - 2024-03-25 19:02 - 000000000 ____D C:\Users\zelen\AppData\Local\Malwarebytes
2024-03-25 18:03 - 2024-03-25 18:03 - 000002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-25 18:03 - 2024-03-25 18:03 - 000002048 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-03-25 18:02 - 2024-03-25 18:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-25 18:02 - 2024-03-25 18:02 - 000000000 ____D C:\Program Files\Malwarebytes
2024-03-25 18:01 - 2024-03-25 18:01 - 002589624 _____ (Malwarebytes) C:\Users\zelen\Desktop\MBSetup.exe
2024-03-25 17:57 - 2024-03-25 17:57 - 000005249 _____ C:\Users\zelen\AppData\Local\recently-used.xbel
2024-03-25 17:33 - 2024-03-25 17:36 - 000063824 _____ C:\Users\zelen\Desktop\Addition.txt
2024-03-25 17:32 - 2024-03-25 19:09 - 000048856 _____ C:\Users\zelen\Desktop\FRST.txt
2024-03-25 17:32 - 2024-03-25 19:09 - 000000000 ____D C:\FRST
2024-03-25 17:28 - 2024-03-25 17:31 - 002391552 _____ (Farbar) C:\Users\zelen\Desktop\FRST64.exe
2024-03-21 17:07 - 2024-03-21 17:07 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001488008 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000670344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001543176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001199624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 002174072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001626760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001024136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 000841840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-03-21 16:54 - 2024-03-13 18:26 - 000787592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 016034440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 012929144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-03-21 16:54 - 2024-03-13 18:24 - 005913096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-03-21 16:54 - 2024-03-13 18:24 - 005773344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-03-21 16:54 - 2024-03-13 18:23 - 000853104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-03-21 16:54 - 2024-03-13 06:29 - 000119399 _____ C:\WINDOWS\system32\nvinfo.pb
2024-03-17 15:45 - 2024-03-17 15:45 - 000000000 ____D C:\Program Files\dotnet
2024-03-13 18:30 - 2024-03-13 18:30 - 000015882 _____ C:\Users\zelen\README.md
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 04:38 - 2024-03-13 04:38 - 000000000 ___HD C:\$WinREAgent
2024-03-13 04:33 - 2024-03-13 04:33 - 000003236 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - ControlVoiceBoost
2024-03-12 19:05 - 2024-03-12 19:05 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2024-03-12 19:05 - 2024-03-12 19:05 - 000000000 ____D C:\Program Files\ENE
2024-03-12 19:04 - 2024-03-12 19:04 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2024-03-12 19:04 - 2024-03-12 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2024-03-10 17:26 - 2024-03-10 17:26 - 000000000 ___HD C:\$Windows.~WS
2024-03-09 22:37 - 2024-03-09 22:37 - 000031414 _____ C:\Users\zelen\Downloads\65ec0bf85e355.webp
2024-03-09 11:49 - 2024-03-09 11:49 - 419594592 _____ C:\Users\zelen\Downloads\MOV_0334.mp4
2024-03-09 07:29 - 2024-03-09 07:29 - 000054660 _____ C:\Users\zelen\Downloads\hcdMvnn.jpeg
2024-03-08 05:24 - 2024-03-08 05:24 - 000167537 _____ C:\Users\zelen\Downloads\9238227.pdf
2024-03-06 17:22 - 2024-03-06 17:22 - 000043380 _____ C:\Users\zelen\Downloads\1643672604_1_DF_e65gg31uh8367591.ged
2024-03-06 15:27 - 2024-03-11 04:30 - 000000000 ____D C:\WINDOWS\Panther
2024-03-04 18:47 - 2024-03-04 18:47 - 000685384 _____ (Mobirise.com) C:\Users\zelen\Downloads\MobiriseSetup.exe
2024-03-04 18:43 - 2024-03-06 18:37 - 000000000 ____D C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs
2024-03-04 18:32 - 2024-03-04 18:32 - 005234364 _____ C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs.zip
2024-03-04 05:26 - 2024-03-04 05:26 - 000000000 ____D C:\WINDOWS\InboxApps
2024-03-04 05:25 - 2024-03-04 05:25 - 000000270 __RSH C:\ProgramData\ntuser.pol
2024-03-03 15:09 - 2024-03-03 15:09 - 000019035 _____ C:\Users\zelen\Downloads\[SkT]Windows_8.1_(64bit)(CZ).torrent
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Tasks.BackupByDriver Booster
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Roaming\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\LocalLow\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Local\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\ProductData
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\IObit
2024-03-03 09:03 - 2024-03-25 18:08 - 000000000 ____D C:\Users\zelen\Downloads\KMSAuto Lite Portable v1.6.5
2024-03-01 11:43 - 2024-03-01 11:43 - 002498035 _____ C:\Users\zelen\Downloads\Radosovice1.pdf
2024-03-01 10:43 - 2024-03-01 10:43 - 002236790 _____ C:\Users\zelen\Downloads\Radosovice.pdf
2024-03-01 04:04 - 2024-03-01 04:04 - 051062649 _____ C:\Users\zelen\Desktop\SDR Scan ,pá bře 1 2024 04-04-07.DAT
2024-02-29 19:24 - 2024-02-29 19:24 - 000000000 ____D C:\Users\zelen\Downloads\Windows 7 4v1 x86 9.2015 cz-sk
2024-02-29 15:22 - 2024-03-01 04:05 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2024-02-29 15:22 - 2024-03-01 04:05 - 000001854 _____ C:\Users\Public\Desktop\Stellar Data Recovery.lnk
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Data Recovery
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2024-02-29 15:21 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files\Stellar Data Recovery
2024-02-29 13:14 - 2024-02-29 13:14 - 000020072 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_SP1_4v1_(x86)(9_2015)(CZ_SK).torrent
2024-02-29 12:59 - 2024-02-29 12:59 - 000038460 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_32-bit_a_64-bit_-_Activated_DVD5.torrent
2024-02-29 10:23 - 2024-02-29 10:23 - 001432648 _____ (Akeo Consulting) C:\Users\zelen\Downloads\rufus-4.4.exe
2024-02-26 22:57 - 2024-02-26 22:57 - 000070612 _____ C:\Users\zelen\Downloads\101129_talkcmmntillu_p886.webp
2024-02-26 09:32 - 2024-02-26 09:32 - 000007110 _____ C:\Users\zelen\Downloads\1000126076-usedlost včetně valů a bývalého tvrziště.xlsx
2024-02-26 09:32 - 2024-02-26 09:32 - 000000000 ____D C:\Users\zelen\AppData\Roaming\NVIDIA
2024-02-25 18:10 - 2024-02-25 18:12 - 000000000 ____D C:\Users\zelen\Downloads\autodraha
2024-02-25 14:15 - 2024-02-25 14:15 - 000015478 _____ C:\Users\zelen\Downloads\[SkT]Windows_10Pro_2009.630_Lite.SE_ML_oprekin.com.iso.torrent
2024-02-24 16:27 - 2024-02-15 17:42 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-02-24 16:25 - 2024-03-13 18:21 - 006033568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-24 14:58 - 2024-02-24 14:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-02-24 14:55 - 2024-03-13 18:22 - 006946400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-25 18:58 - 2021-02-03 17:21 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-25 18:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-25 18:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-25 18:33 - 2022-05-11 17:41 - 000659932 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-25 18:33 - 2022-05-11 17:41 - 000136202 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-25 18:33 - 2021-02-27 19:28 - 001562480 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-25 18:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-25 18:27 - 2023-04-27 19:58 - 000000000 ____D C:\Users\zelen\AppData\Local\LogiBolt
2024-03-25 18:27 - 2022-03-19 08:33 - 000000000 ____D C:\ProgramData\AVG
2024-03-25 18:27 - 2021-05-19 08:18 - 000003108 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2024-03-25 18:27 - 2021-05-19 08:18 - 000003088 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2024-03-25 18:27 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Messenger
2024-03-25 18:27 - 2021-03-26 01:09 - 000002328 _____ C:\Users\zelen\Desktop\MSI companion.lnk
2024-03-25 18:27 - 2021-03-26 01:08 - 000000000 ____D C:\Users\zelen\AppData\Local\Overwolf
2024-03-25 18:27 - 2021-02-27 19:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-25 18:27 - 2021-02-27 18:15 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-25 18:27 - 2021-02-03 18:23 - 000000000 ____D C:\Users\zelen\AppData\Local\CrashDumps
2024-03-25 18:27 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-25 18:26 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-03-25 18:03 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-25 18:02 - 2021-03-10 20:51 - 000000000 ____D C:\Users\zelen\AppData\Local\babl-0.1
2024-03-25 17:02 - 2021-02-27 19:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-25 02:58 - 2021-03-03 03:34 - 000000000 ____D C:\Users\zelen\AppData\Roaming\FileZilla
2024-03-24 19:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-23 04:36 - 2022-02-18 00:11 - 000000000 ____D C:\Program Files\RUXIM
2024-03-21 21:24 - 2021-12-17 20:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-21 21:24 - 2021-02-03 16:08 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-21 21:24 - 2021-02-03 16:08 - 000002173 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-21 17:07 - 2021-02-03 16:48 - 000000000 ____D C:\Users\zelen\AppData\Local\NVIDIA
2024-03-20 20:19 - 2021-02-05 14:16 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-03-20 20:19 - 2021-02-05 14:16 - 000002290 _____ C:\Users\Public\Desktop\Brave.lnk
2024-03-19 19:15 - 2021-02-03 19:00 - 000000000 ____D C:\Users\zelen\AppData\Roaming\vlc
2024-03-19 19:10 - 2021-02-03 18:59 - 000000883 _____ C:\Users\Public\Desktop\VLC media player.lnk
2024-03-18 19:05 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Local\Messenger
2024-03-18 19:05 - 2021-02-03 15:55 - 000000000 ___SD C:\Users\zelen\AppData\Roaming\Microsoft\Credentials
2024-03-18 15:00 - 2021-02-03 17:22 - 000000000 ____D C:\Users\zelen\AppData\Local\Steam
2024-03-17 15:45 - 2021-02-03 16:01 - 000000000 ____D C:\Users\zelen\AppData\Local\Packages
2024-03-17 15:45 - 2020-06-04 20:08 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-17 15:45 - 2019-10-30 14:46 - 000000000 ____D C:\ProgramData\Packages
2024-03-17 15:44 - 2021-02-03 16:05 - 000000000 ____D C:\Users\zelen\AppData\Local\PlaceholderTileLogoFolder
2024-03-17 09:54 - 2021-02-03 18:10 - 000000000 ____D C:\Users\zelen\AppData\Local\D3DSCache
2024-03-16 09:28 - 2022-09-18 05:44 - 000000000 ____D C:\Users\zelen\.VirtualBox
2024-03-16 01:29 - 2021-02-03 15:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-16 01:29 - 2021-02-03 15:50 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-15 19:57 - 2024-02-17 02:58 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-03-15 19:57 - 2022-10-22 20:36 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-03-15 19:57 - 2022-10-22 20:36 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-03-15 19:57 - 2021-11-19 05:11 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-03-15 19:57 - 2021-02-03 16:22 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 002709096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000706152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-03-15 19:45 - 2022-09-18 05:44 - 000000000 ____D C:\ProgramData\VirtualBox
2024-03-14 15:11 - 2021-03-26 01:09 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-03-13 18:30 - 2021-03-06 10:50 - 000000000 ____D C:\Users\zelen\.bluefish
2024-03-13 18:30 - 2021-02-27 19:21 - 000000000 ____D C:\Users\zelen
2024-03-13 15:19 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\Intel
2024-03-13 05:30 - 2023-03-16 03:54 - 000644104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-13 05:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-13 04:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-13 04:33 - 2021-02-04 09:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 04:33 - 2020-06-04 20:28 - 000000000 ____D C:\MSI
2024-03-13 04:27 - 2021-02-04 09:07 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-12 19:06 - 2020-06-04 20:31 - 000000000 ____D C:\ProgramData\MSI
2024-03-12 19:04 - 2021-02-27 19:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2024-03-12 19:04 - 2020-06-04 20:08 - 000000000 ____D C:\Program Files\Intel
2024-03-11 04:30 - 2021-09-04 10:38 - 000000000 ____D C:\ESD
2024-03-08 17:19 - 2021-03-10 20:57 - 000000000 ____D C:\Users\zelen\AppData\Local\gtk-2.0
2024-03-07 19:10 - 2021-05-14 21:36 - 000000000 ____D C:\Users\zelen\AppData\Local\ElevatedDiagnostics
2024-03-06 18:33 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Mobirise
2024-03-05 15:24 - 2021-02-27 19:24 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 15:24 - 2021-02-27 19:24 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-04 23:17 - 2021-02-21 20:14 - 000000000 ____D C:\ProgramData\Transmission
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\Users\Public\Desktop\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Local\mobirise-updater
2024-03-04 05:27 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-03-04 01:11 - 2019-12-07 15:44 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-03-04 01:11 - 2019-12-07 15:44 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-03-04 01:11 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-03-04 01:11 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CodeIntegrityAggregator.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AutomaticAppSignInPolicy.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000034112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticDataSettings.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000849280 _____ C:\WINDOWS\system32\aemarebackup.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccount.TokenProvider.Core.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000225280 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000104448 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AutomaticAppSignInPolicy.dll
2024-03-03 23:36 - 2021-02-21 20:13 - 000000000 ____D C:\Users\zelen\AppData\Local\transmission
2024-03-03 18:10 - 2022-09-17 05:05 - 000000000 ____D C:\Users\zelen\AppData\Local\Bluestacks
2024-03-03 18:10 - 2021-03-26 01:09 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-03-03 15:51 - 2023-02-07 06:22 - 000000206 _____ C:\Users\zelen\Downloads\rufus.ini
2024-02-29 13:44 - 2023-02-07 06:40 - 000000000 ____D C:\Users\zelen\Downloads\Rufus
2024-02-24 16:29 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

==================== Files in the root of some directories ========

2022-03-20 17:01 - 2022-03-20 17:04 - 000108928 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-05 10:29 - 2022-05-07 08:07 - 000034269 _____ () C:\Program Files (x86)\DiskPlayer Setup Log.txt
2022-02-05 10:30 - 2022-02-05 10:30 - 000007597 _____ () C:\Program Files (x86)\DiskPlayer Uninstall Log.txt
2021-08-04 15:16 - 2021-08-04 18:04 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
2021-08-04 15:28 - 2021-08-04 15:28 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
2023-08-07 17:34 - 2023-09-11 14:58 - 000000016 _____ () C:\Users\zelen\AppData\Roaming\msregsvv.dll
2021-03-06 10:21 - 2021-03-06 10:21 - 000000128 _____ () C:\Users\zelen\AppData\Local\PUTTY.RND
2024-03-25 17:57 - 2024-03-25 17:57 - 000005249 _____ () C:\Users\zelen\AppData\Local\recently-used.xbel
2021-03-25 01:01 - 2021-03-25 01:01 - 000000017 _____ () C:\Users\zelen\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by zelen (25-03-2024 19:10:28)
Running from C:\Users\zelen\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2021-02-27 18:24:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2953557184-4198598645-1749663361-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2953557184-4198598645-1749663361-503 - Limited - Disabled)
Guest (S-1-5-21-2953557184-4198598645-1749663361-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2953557184-4198598645-1749663361-504 - Limited - Disabled)
Zedko (S-1-5-21-2953557184-4198598645-1749663361-1002 - Limited - Enabled) => C:\Users\Zedko
zelen (S-1-5-21-2953557184-4198598645-1749663361-1001 - Administrator - Enabled) => C:\Users\zelen

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3StepIcon version 1.0.0 (HKLM-x32\...\{44F8E787-21B1-4EED-83A7-37C6998D6F6D}_is1) (Version: 1.0.0 - )
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
AmpliTube 5 version 5.7.0 (HKLM\...\{D831D61F-EBF5-4158-AEE1-F58A7B8C04C8}_is1) (Version: 5.7.0 - IK Multimedia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
balenaEtcher 1.10.6 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.10.6 - Balena Inc.)
Bluefish 2.2.12 (HKLM-x32\...\Bluefish) (Version: 2.2.12 - The Bluefish Developers)
BlueStacks X (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\BlueStacks X) (Version: 0.18.30.9 - BlueStack Systems, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 123.1.64.109 - Autoři prohlížeče Brave)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
CMS (HKLM-x32\...\CMS) (Version: - )
DiskPlayer (HKLM-x32\...\DiskPlayer) (Version: - )
Documentation Manager (HKLM\...\{ECFBCE39-F4EE-43C7-8EE7-D28EE703617D}) (Version: 21.90.0.9 - Intel Corporation) Hidden
Dogecoin (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Dogecoin) (Version: 1.5.1.0 - Dogecoin)
Dynamic Application Loader Host Interface Service (HKLM\...\{9958AC82-2FDD-4124-9A9E-6699BBD044CC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EmbeddedIQ Searchmonkey version 3.2.0 (HKLM\...\{89CAA77F-6F11-476C-BA53-3AEA14214E1E}_is1) (Version: 3.2.0 - EmbeddedIQ)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{7c1089bb-6d30-4461-a52c-65839a41d745}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 17.0.16.0 - ESET, spol. s r.o.)
FileZilla 3.66.5 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\FileZilla Client) (Version: 3.66.5 - Tim Kosse)
G-EXTRACTOR V.18 INBUILT BROWSER (HKLM-x32\...\{5E64E6DF-BD28-4FCA-B6A1-C795994ADC21}) (Version: 18.0.0 - Tiger Vikram)
GIMP 2.10.32 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.131 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
HDR projects 5 (64-Bit) (HKLM\...\HDR_PROJECTS_5_2_3BF7CE82_is1) (Version: 5.52 - Franzis Verlag GmbH)
honestech VHS to DVD 3.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 3.0 - honestech)
iDealshare VideoGo 6.5.0.7675 (HKLM-x32\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD850}_is1) (Version: - iDealshare Corporation)
IK Product Manager 1.0.5 (HKLM\...\a401809f-3509-5ed7-a6dc-34dc618bf372) (Version: 1.0.5 - IK Multimedia)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{96d90b75-794d-49b2-9c6a-fb35a86c32a1}) (Version: 7.3.0.33 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{9796DAAB-D3AD-4FA4-B8F3-6061DBBE1352}) (Version: 10.1.18295.8201 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{b666e502-9089-483b-9816-0774ccc9cb61}) (Version: 10.1.18295.8201 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{8A72FDBD-8AD3-4C27-9A60-FF2837337B71}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{5DD7767A-9935-45D3-A012-5F4707E93AC5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2007.14.0.1488 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{80C61169-91EF-4104-BECD-CF58486979A3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{DA32477F-B10F-4028-A351-98B464F34A2F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3C4E6ADF-F07E-4B2B-A674-959EE7CFB887}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.80.0.3 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{71e5eda7-14f9-4a67-b930-17e31afe19be}) (Version: 21.90.0.9 - Intel Corporation) Hidden
IPCam Admin 3.0.4 (HKLM-x32\...\IPCam Admin Utility_is1) (Version: - OvisLink Technologies Corp.)
IPCam Surveillance Software 3.0.0.8 (HKLM-x32\...\IPCam Surveillance Software_is1) (Version: - OvisLink Technologies Corp.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java(TM) SE Development Kit 11.0.11 (64-bit) (HKLM\...\{7383FAC9-7481-5A92-A58B-85830D7B2AD3}) (Version: 11.0.11.0 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
K-Lite Codec Pack 17.6.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.6.6 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.3.7.2 (HKLM\...\{1CC94CCB-0957-4A62-8B29-D215EDF8D483}) (Version: 7.3.7.2 - The Document Foundation)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Malwarebytes version 5.1.0.102 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.0.102 - Malwarebytes)
Messenger (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 182.0.455264854 - Facebook, Inc.)
Microsoft .NET Host - 8.0.3 (x64) (HKLM\...\{0511E062-77E0-4F80-ABA3-0F99B9EF8C4B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.3 (x64) (HKLM\...\{E79D3B29-C9A2-42D5-8703-85B73C452D8B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.3 (x64) (HKLM\...\{D98088DE-EDA4-4E1A-BF0F-ED9A9145CC70}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\OneDriveSetup.exe) (Version: 24.015.0121.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM\...\{CE0906F2-6C11-4A2B-880B-AFB92474B13E}) (Version: 64.12.10377 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM-x32\...\{fb8f4657-2b60-4298-b83e-aaccb07ef793}) (Version: 8.0.3.33416 - Microsoft Corporation)
Mobirise 5.9.13 (HKLM-x32\...\a651c295-23f6-5815-8016-69ff822d3275) (Version: 5.9.13 - Mobirise.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x64 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0.2 - Mozilla)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.80.5.1004 - BlueStack Systems, Inc.)
MSI companion (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Overwolf_ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd) (Version: 2.0.39 - Overwolf app)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
Node.js (HKLM\...\{A5930352-39BC-48D0-9F6D-38B984914E5D}) (Version: 14.18.0 - Node.js Foundation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 6.1.40 (HKLM\...\{43A0F3F1-1A26-43F3-ABD6-30E8A54D407E}) (Version: 6.1.40 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.242.1.6 - Overwolf Ltd.)
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM\...\{14EEF044-2FC6-40AA-9285-F430B3D90EF6}) (Version: 17.10.2.5049 - Paragon Software) Hidden
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM-x32\...\{f541ba6a-92bf-466b-b956-5efa58ffe017}) (Version: 17.10.2.5049 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{06B4D67B-9ECB-41E5-B4C1-92F529BB703D}) (Version: 24.65.0.487 - Paragon Software) Hidden
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 3.0.1 - Vaclav Slavik)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8931.1 - Realtek Semiconductor Corp.)
SecondLifeViewer (HKLM\...\SecondLifeViewer) (Version: 6.4.22.561752 - Linden Research, Inc.)
Služba Xperia Companion (HKLM\...\{0BFCDF65-FA11-431A-B059-4F58984C0D80}) (Version: 2.12.4.0 - Sony) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 11.0.0.5 - Stellar Information Technology Pvt Ltd.)
Telegram Desktop (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.11.1 - Telegram FZ-LLC)
Transmission 3.00 (bb6b5a062e) (HKLM-x32\...\{E98621B6-AA42-4390-93AF-4C3D2C557258}) (Version: 3.00.0 - Transmission Project)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinToUSB verze 5.8 (HKLM\...\WinToUSB_is1) (Version: 5.8 - Hasleo Software.)
WonderFox DVD Video Converter 25.8 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 25.8 - WonderFox Soft, Inc.)
Xperia Companion (HKLM-x32\...\{8CE04ADB-E536-480B-B61F-9D16C6392A0D}) (Version: 2.12.4.0 - Sony) Hidden

Chrome apps:
============
Google Password Manager (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\0e3d311605493bd78ad4c7dcd1baa0c3) (Version: 1.0 - Google\Chrome)

Packages:
=========

7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2022-12-30] (Hauke Hasselberg)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.21.269.0_x64__rz1tebttyb220 [2024-03-21] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-10-28] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2023-10-21] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
GEDCOM Validator -> C:\Program Files\WindowsApps\5864ChronoplexSoftware.GEDCOMValidator_10.0.2.0_x64__cfn0exghkdxkm [2024-03-17] (Chronoplex Software)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt [2024-03-16] (Meta) [Startup Task]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.7.1181.0_x86__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.5.2130.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Studios) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-10-21] (Microsoft Corporation)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.9.2291.0_x64__8wekyb3d8bbwe [2024-03-11] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2023-10-21] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm [2023-10-21] (A-Volute)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-21] (NVIDIA Corp.)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-10-21] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.617.655.0_x64__55nm5eh3cm0pr [2024-03-24] (Roblox Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-22] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2024-02-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{FD848478-65F5-4F01-ACD9-69195EC3631F}\localserver32 -> C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH -> cFos Software GmbH)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\nvshext.dll [2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-25] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\zelen\Desktop\David - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\Desktop\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\Desktop\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Authy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\WavesLiteApp.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kfmcaklajknfekomaflnhkjjkcjabogm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Web Server for Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofhbbkphhbklhfoeikjpcbhemlocgigb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c8d89645c188b327\Instant Data Scraper.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofaokhiedipichpaobibbnahnkdoiiah
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6ddfdda7e648aa1f\MetaMask.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn

==================== Loaded Modules (Whitelisted) =============

2020-06-04 20:31 - 2018-11-23 07:01 - 000344576 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\YooMixCOM.dll
2024-03-12 19:05 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2023-11-20 15:14 - 2023-11-20 15:14 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2022-07-15 18:00 - 2022-07-15 18:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2024-03-12 19:05 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2024-03-12 19:05 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\zelen\Desktop\AdwCleaner.exe:MBAM.Zone.Identifier [229]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-02-07 21:16 - 2023-10-17 17:48 - 000000526 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
0 606
192.168.137.1 DESKTOP-2K8AIVB.mshome.net # 2028 10 0 15 16 48 45 925

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\nodejs\;C:\Program Files\dotnet\
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zelen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaper_msi.jpg
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "SharewareOnSale Notifier"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "Software Informer"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{A7F94DF6-8AAD-4DC6-84DF-DD94640F1D24}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [TCP Query User{2016545F-F445-4436-A8B9-0488AB8B1B29}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [{783FBF56-AA5D-41E1-B3DF-E506462E35AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BC007AE8-B798-4DCB-B46D-8ABF06EE1E81}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [UDP Query User{417B87DF-C840-49D0-B781-B482097B2D99}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [TCP Query User{4CBB2619-B8EE-4A0E-B035-48B0988DEB0F}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [UDP Query User{7D7F53D1-5BBE-4CDB-BACC-C6BFDC601242}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [TCP Query User{25671E71-F1CD-42D1-91B4-14D49A2D23F9}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [{DF4C2535-A077-4BD4-9E1C-C427F953431D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07579DC1-996F-4F94-B404-93D3CFEFA65D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B656C835-D43D-4332-A195-5A56E2A1A687}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3EF97105-8594-422A-AB76-8E5731A7B2FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6EA658D7-F5C6-4670-90FE-AAF469D1E3FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F83FE58E-28BA-4912-9A6D-290338C3EF2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{9B465E64-FA8F-49D2-8ED5-0BD3718EB7DF}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A25DD1A-57A7-420F-BEFD-ADDA4A8073BA}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A1D5291-8B49-434F-A587-94725127E2EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{1D8A7CE9-0F20-4F46-9657-33C6C73E8807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{ACAD00D9-DCF8-4F2C-817C-895F2E3F77C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{7A0D71B3-33B9-46D7-992A-1F43AD135D0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{F4004CF2-5A1E-45CC-9749-DC4923AF4F18}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1878C184-556A-4A24-B637-95474C5B4901}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{165A4F64-AC5A-4E14-AE75-901C6F208A5F}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{91FB25C6-6480-4D95-AC4E-AB6D475B9F1D}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A1100A26-8604-4347-A6B2-2A37B577CC06}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{9D489F3E-ACFC-43B1-B8F2-A6FE631E4F7A}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{A71D04B6-26BF-4FDF-8DC5-C2A0BB14D056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{9A6DD132-7919-407D-A3D6-BCB2F7B2D4A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{8AB27AE7-AC22-4F41-8762-C195EC48E72B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{7B82B96C-2C01-4822-8097-483A8137AD9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{8CAA30C7-E97F-4B6D-8612-13F6AB7E2306}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{E4B6CDE3-7C8A-445D-A400-ECBBAE819603}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95A72FAE-CF06-41DA-BEBC-71960F746594}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8BB518A9-3BDC-4481-9820-6EE157FE760C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED0F7D20-2308-47D1-BB44-32833E019320}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B56FB99-3E30-4A32-A7CD-8EE8B0E6B616}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1147E0FD-8EA4-4C4C-98E0-8EE9CE1CD427}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5339570B-3507-415C-9D7C-CB4B2DC87CCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B80191B-5B6C-4E98-8153-187B86C47DF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AA35A439-9D89-4C9B-B596-63A244F93635}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{B832FCEC-1B2E-4AF7-878D-C64F8A460A34}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AEA9A86B-6786-4F45-8244-1AD21640FEF4}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6DB1BBC4-2EEE-4125-8777-741DCDDD2102}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8B09D785-FFB7-47A7-836B-B53D691FD319}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7C478DA-8BA1-4DA8-B273-63199A45ED60}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{3548183A-C0E0-445F-9961-0EC1F5B54F89}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D1DD1A97-4048-4AC9-BA47-98D014239516}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D20C8D57-BEF9-4436-A814-A82F4820622B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D83D4E71-1B0F-4046-A9C2-28A422EA6860}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D1B32A3-3B05-46F0-B803-6A57A02F390E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D25786FC-038B-4D14-964C-ECAB1B92A1D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AB46ED76-7DF9-4D4C-829A-7F2A4DC9D52D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{897DB355-727E-40CF-ABE0-230FB13C643C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF533279-0CD3-4FD8-AB85-C1086A5FCCF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4A56CCF-BCB8-4C5B-9E93-E023D66104FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5317C6E4-1B0A-471D-887B-28DF43CBC615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{81A92194-8567-4830-9DFE-441215A9EC6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E8E77AC-E8EC-40FC-9036-4B3DE433C47E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B644E846-A863-4202-8542-428ED7BF565B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D56932E4-D6F6-4ED8-9D01-C3A2E1288FD4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{561C3B9E-2122-4D91-81C8-507E032A04B9}] => (Allow) LPort=32682

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/25/2024 06:29:13 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.

Error: (03/25/2024 06:29:13 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (03/25/2024 06:27:42 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-2K8AIVB)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (03/25/2024 06:27:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.19041.3636, časové razítko: 0xe9186526
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d952
ID chybujícího procesu: 0x2d38
Čas spuštění chybující aplikace: 0x01da7ed9ab1793f1
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a3abc357-30eb-4ae6-a96b-71c46a73846e
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.24021.105.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (03/25/2024 06:26:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (03/25/2024 06:10:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Malwarebytes.exe, verze: 5.0.0.752, časové razítko: 0x64b073ea
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x4714
Čas spuštění chybující aplikace: 0x01da7ed65faf06d4
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8c56dcbf-462a-4daf-b1a7-09e980b2b570
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2024 06:10:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Malwarebytes.exe
CoreCLR Version: 6.0.2523.51912
.NET Version: 6.0.25
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.ExternalException (0x800401D0): Požadovaná operace se schránkou se nezdařila.
at System.Windows.Forms.Clipboard.SetDataObject(Object data, Boolean copy, Int32 retryTimes, Int32 retryDelay)
at System.Windows.Forms.Clipboard.SetText(String text, TextDataFormat format)
at System.Windows.Forms.Clipboard.SetText(String text)
at MbamUI.ViewModels.ScanReportViewModel.OnCopyToClipboard()
at Prism.Commands.DelegateCommand.Execute()
at Prism.Commands.DelegateCommand.Execute(Object parameter)
at Prism.Commands.DelegateCommandBase.System.Windows.Input.ICommand.Execute(Object parameter)
at Prism.Interactivity.InvokeCommandAction.Invoke(Object parameter)
at Microsoft.Xaml.Behaviors.TriggerBase.InvokeActions(Object parameter)
at Microsoft.Xaml.Behaviors.EventTriggerBase.OnEvent(EventArgs eventArgs)
at Microsoft.Xaml.Behaviors.EventTriggerBase.OnEventImpl(Object sender, EventArgs eventArgs)
at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target)
at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args)
at System.Windows.UIElement.RaiseTrustedEvent(RoutedEventArgs args)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.InputProviderSite.ReportInput(InputReport inputReport)
at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr hwnd, InputMode mode, Int32 timestamp, RawMouseActions actions, Int32 x, Int32 y, Int32 wheel)
at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr hwnd, WindowMessage msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Int32 numArgs, Delegate catchHandler)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG& msg)
at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
at System.Windows.Threading.Dispatcher.PushFrame(DispatcherFrame frame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(Object ignore)
at System.Windows.Application.RunInternal(Window window)
at System.Windows.Application.Run()
at MbamUI.App.Main()

Error: (03/22/2024 03:38:53 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.


System errors:
=============
Error: (03/25/2024 06:29:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/25/2024 06:29:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (120000 ms).

Error: (03/25/2024 06:27:14 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1033) (User: NT AUTHORITY)
Description: Potentially revoked boot manager was detected in EFI partition. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (03/25/2024 06:27:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/25/2024 06:27:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.

Error: (03/25/2024 06:26:56 PM) (Source: iaStorAC) (EventID: 4102) (User: )
Description: Error log: Smart event occured on disk :S266J90BA13291

Error: (03/25/2024 06:19:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/25/2024 06:19:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AVG TuneUp byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.


CodeIntegrity:
===============
Date: 2024-03-25 19:08:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-03-25 19:01:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 8.00 06/15/2020
Motherboard: Micro-Star International Co., Ltd. MS-B9331
Processor: Intel(R) Core(TM) i5-10400F CPU @ 2.90GHz
Percentage of memory in use: 38%
Total physical RAM: 16314.08 MB
Available physical RAM: 10091.68 MB
Total Virtual: 21946.08 MB
Available Virtual: 13497.43 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:286.16 GB) (Free:10.87 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive d: (Data) (Fixed) (Total:167.39 GB) (Free:111.96 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive h: (CCCOMA_X86FRE_CS-CZ_DV9) (Fixed) (Total:931.51 GB) (Free:393.5 GB) (Model: TOSHIBA MQ04ABF100 USB Device) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{631221af-abf1-4d6c-bd93-de9beb888025}\ (WINRE) (Fixed) (Total:0.78 GB) (Free:0.23 GB) NTFS
\\?\Volume{5356a5cb-377a-49ac-a83a-4eb5d0f3e331}\ (BIOS_RVY) (Fixed) (Total:22.37 GB) (Free:0.69 GB) NTFS
\\?\Volume{944a7564-3713-4d76-942c-e40bd8995cf5}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
\\?\Volume{d6ecec97-76b8-4b1d-a1ac-c64506e9d8d6}\ () (Fixed) (Total:0.5 GB) (Free:0.49 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C03A8003)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 596.2 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 18BBE804)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\Users\zelen\Desktop\AdwCleaner.exe:MBAM.Zone.Identifier [229]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. V systému jsou 2 plně funkční antiviry ESET a MBAM. Jeden z nich vypněte, nebo odinstalujte. Dochází k sw kolizi, která rovněž zpomaluje chod PC.

MBAM jsem odinstaloval, ten jsem nainstaloval dnes omylem. Eset mám zakoupeno.

Fix result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by zelen (25-03-2024 20:21:45) Run:1
Running from C:\Users\zelen\Desktop
Loaded Profiles: zelen & Zedko
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\Users\zelen\Desktop\AdwCleaner.exe:MBAM.Zone.Identifier [229]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2043a99b-d507-11eb-823c-2cf05d80969f} => removed successfully
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce4afd11-cabd-11ee-83c5-2cf05d80969f} => removed successfully

"C:\WINDOWS\system32\GroupPolicy\Machine" Folder move:

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0251ccb3-1cd7-46a9-b500-fb733c63a7f5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02e2d798-e0e3-40b7-84c4-e48b26eeaf9d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08a42eef-a93f-4148-9aad-c83e67deeb5d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1e342d9e-bef8-4262-8f82-8a6767b97756}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4c047d5f-5cba-465e-96d0-533e73d4fc83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6245ac21-cb31-4f51-9751-cfd92f12638f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b306eafe-fc6d-48ef-b00f-2cada2f7cc39}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{da77dee6-1414-4f1a-b087-3db1da4ed5d3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{dc6ad5f1-b019-4536-9280-2fd13c433b12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e8a3206a-f36f-4be6-8028-7ee0eead1ee0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f77872c3-d259-4237-b6b5-b653e0fceec9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BD1E27DE-F9AA-40D1-BD56-F9397F21936B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD1E27DE-F9AA-40D1-BD56-F9397F21936B}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Emergency Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Emergency Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{98074E30-AE19-4820-AB82-C7026512D553}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98074E30-AE19-4820-AB82-C7026512D553}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24B4EE1E-3100-4B35-A82C-8ADBD3301449}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24B4EE1E-3100-4B35-A82C-8ADBD3301449}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8CCCACD-63C3-421C-B272-8BACEC08855F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8CCCACD-63C3-421C-B272-8BACEC08855F}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500" => removed successfully
C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f => moved successfully
C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\Users\zelen\Desktop\AdwCleaner.exe => ":MBAM.Zone.Identifier" ADS removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5A1D52C7-4FE7-4767-8087-2D82AFE80702} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CEE77283-FE72-47BF-A2CD-AE08086E2654}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFCC9E9D-2493-4780-B5E8-EB694098797F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1876F77-1677-463E-AF35-986A75BADE88}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C048214A-89D8-42B2-9011-EA213F0DD198}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F93317B-8970-49A3-B685-83A5F1794CAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC639165-1E19-47BE-8559-63422BEFF31D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1A60BF8-3687-4421-B91C-68E7E13259B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE982B74-1D68-4373-84EE-3F8DA7F29025}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63988F87-1F05-4392-9F38-22A4D8D9B478}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9FD47D40-2148-440D-AC2D-415E35FEDA3F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A293FCE-D369-433B-9A1A-8A45854B57E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29055C62-DB32-4522-897E-9AB522E923F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36BE4E23-1370-482D-ABEA-4A7292763FA4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76FE24A5-4694-4216-840E-690DDE3A43D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{000B342C-81F1-41A5-B704-45809AA7F5C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BCFD9621-95A2-4DEF-92A3-1894F76C9143}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9EBF7898-9377-4DE0-9216-FC324E806EB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B17498B-834B-4C4C-9D82-1DA023A6D11B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E221EE32-9F52-4F12-89F7-88DFF3072D77}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EDABE47-1673-4F65-ACDD-794C13EB47DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB7D0A2F-3962-4852-9880-01539C6DDF16}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63322923 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 249767220 B
Windows/system/drivers => 23722809 B
Edge => 0 B
Chrome => 684905131 B
Brave => 98332398 B
Firefox => 58112593 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 20413099 B
LocalService => 22944373 B
NetworkService => 22944373 B
zelen => 348081908 B
Zedko => 810656140 B

RecycleBin => 35954785 B
EmptyTemp: => 2.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:24:28 ====

OK. Bylo smazáno. Nastala změna k lepšímu?

Paráda, super. Podstatné zlepšení. Procesor už neběží stále na 100% ale proměnlivě a teplota CPU spadla z 90+ st. C na cca 58. Ohromný rozdíl, děkuji moc. Jste u mě jednička v řešení. Moc děkuji a klobouk dolů před Vámi upřímně. Ještě jednou moc děkuji a přeji příjemný večer a krásné dny

Tak to jsem rád. Nemáte zač a také přeji hezký den!