Prosím o kontrolu logu

[red]

Pěkný den,

chtěl bych poprosit o kontrolu logu. PC se chová divně - nejde zvuk v reprácích, nejde spustit CCcleaner - mění se velikost volné pamět na disku - jednou je 5GB volné, pak během chvíle tam je jen 100 MB - přitom žádné ne paměť náročné věci na pc nedělám. Klasika outlook, prohlížeč, YT.

předem moc díky - logy přikládám

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by red (administrator) on RED (MSI MS-7756) (03-10-2024 16:30:39)
Running from C:\Users\red\Downloads\FRST64.exe
Loaded Profiles: red
Platform: Microsoft Windows 10 Home Version 22H2 19045.4894 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneAgent.exe
(C:\Program Files\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.65\msedgewebview2.exe <12>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> com.logitech) C:\Program Files\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(explorer.exe ->) (Greenshot) [File not signed] C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\red\AppData\Roaming\Telegram Desktop\Telegram.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Logitech Inc -> Logitech) C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <40>
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2405.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2020-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1792256 2023-06-23] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-02-10] (Adobe Inc. -> )
HKLM-x32\...\Run: [Logi Tune] => C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe [138838416 2023-07-03] (Logitech Inc -> Logitech)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" [82427432 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45120304 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\red\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [MicrosoftEdgeAutoLaunch_8B4B69D160AA12BA5821F85CAB2F1CEB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3794984 2024-09-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Run: [GoogleChromeAutoLaunch_16ED7BFD1EED139D2EE228272905FC2D] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2762856 2024-10-01] (Google LLC -> Google LLC)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\MountPoints2: {81ece5c3-14a2-11ef-9dca-e8fb1cd3d138} - "G:\Setup.exe"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\MountPoints2: {8c6e99f0-c368-11eb-9d1c-d43d7e9c209f} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [155136 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\...\Run: [MicrosoftEdgeAutoLaunch_5D8FF3C57F3750D6A930A5DAC7C2A886] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3794984 2024-09-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\...\MountPoints2: {81ece5c3-14a2-11ef-9dca-e8fb1cd3d138} - "G:\Setup.exe"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\...\MountPoints2: {8c6e99f0-c368-11eb-9d1c-d43d7e9c209f} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [155136 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2021-04-08] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.89\Installer\chrmstp.exe [2024-10-02] (Google LLC -> Google LLC)
Startup: C:\Users\red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-02-04]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy-Firefox: Restriction <==== ATTENTION
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {89670105-03C4-44BD-95DF-49302B416971} - System32\Tasks\{4687D069-BA72-421F-93B0-A47858BEA53A} => C:\Windows\System32\pcalua.exe [88064 2024-08-14] (Microsoft Windows -> Microsoft Corporation) -> -a "F:\Instal\ACDSee Pro photo manager 8.1.99 cz\Czech.exe" -d "F:\Instal\ACDSee Pro photo manager 8.1.99 cz"
Task: {CBD1214A-3339-4343-BCC5-7F31615253BD} - System32\Tasks\{E44AD98E-3E3C-49A2-85AF-764F3C88CA27} => C:\Windows\System32\pcalua.exe [88064 2024-08-14] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\InstallShield Installation Information\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}\setup.exe" -c -runfromtemp -l0x0009 -removeonly DriverOnly
Task: {194CAE79-2C07-42D6-B558-75184A7BA799} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {355AA4B4-923F-4F84-9BEB-1BCE2A52772A} - System32\Tasks\AMD Updater => "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN (No File)
Task: {960FD5B8-A08A-4727-A223-84626E8CD0DF} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\System32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {34CA2741-1D6C-42CB-80BA-E0ACD90FA9B7} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {34CA2741-1D6C-42CB-80BA-E0ACD90FA9B7} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {34CA2741-1D6C-42CB-80BA-E0ACD90FA9B7} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {B47303DA-C61C-437C-AEB2-3F44D3D1D4F1} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259944 2024-09-20] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {B2E60979-AA1F-45B9-AE15-75C86A0A20E7} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1775464 2024-09-20] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {C3B7B599-FBE9-4F97-9506-06C9E07B5819} - System32\Tasks\Avira_Security_Update => C:\Windows\System32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {04E5E542-ED06-4C20-AD22-F57E6F5A97B4} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [36795696 2024-07-29] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {D6E102D6-B4AF-42F0-8944-C17D47D9E241} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-08-16] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {274C0DE1-69DA-447A-BF0B-20F57B5573A7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5075248 2024-08-16] (Gen Digital Inc. -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "f0478c76-f886-4f10-ac70-de71b48116ae" --version "6.27.11214" --silent
Task: {1D0D4BB4-1A12-45C6-A01D-BE713506B51C} - System32\Tasks\CCleanerSkipUAC - red => C:\Program Files\CCleaner\CCleaner.exe [33931264 2024-09-18] (Piriform Software Ltd) [File not signed]
Task: {BA85FA3E-6C63-4526-8977-E03DF5D95355} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{EA76F4D6-E1CC-415C-B293-200AE396C19B} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {02B8B6F4-AA0B-4CA7-8EBF-D6BEDEB885DE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A66B05D-DC52-49DD-BB3D-5963B187C6B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADE56257-32DF-4CBD-A859-3FFAB415FABD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {23BB44D5-3282-4A1D-9B96-A99EF5F5E9F3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {08477B0B-19F2-4AF8-92B4-B51A95BF29A8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1F98367-513F-43D4-9CF7-4904B08E184B} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [672328 2024-09-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {84A83941-0ABD-448A-99AF-FD136BA203C8} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4021570292-3320076861-2236006042-1006 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [672328 2024-09-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {80EE7B80-1023-4A2B-9DFB-FC526D301761} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34376 2024-09-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {3BA399C9-5F28-49C4-9928-77C5DE5C3295} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E53CCF52-15EE-4531-9A67-40BBFFCE4923} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {041F7734-6D86-4CCA-A29B-FD4A163473EA} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E86824F3-F897-4092-B479-69F2F5A5F418} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F86CC42-4C32-4F50-9DE7-6912EF079225} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{3d1dc618-8bc2-4c66-b217-bc8a5882ec32}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{658d8550-ff20-4297-9f7d-0b0144964b1c}: [NameServer] 217.77.165.81,217.77.165.211
Tcpip\..\Interfaces\{841e4486-813a-4688-b268-f7418fab6769}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-24]
Edge Extension: (Dokumenty Google offline) - C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-05]
Edge Extension: (Edge relevant text changes) - C:\Users\red\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]

FireFox:
========
FF DefaultProfile: 9ax8sbf2.default
FF ProfilePath: C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default [2024-10-03]
FF Homepage: Mozilla\Firefox\Profiles\9ax8sbf2.default -> seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\9ax8sbf2.default -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\9ax8sbf2.default -> autoconfig_url", "localhost, 127.0.0.1"
FF Extension: (Avira Browser Safety) - C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default\Extensions\abs@avira.com.xpi [2022-05-30]
FF Extension: (Password Exporter) - C:\Users\red\AppData\Roaming\Mozilla\Firefox\Profiles\9ax8sbf2.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-07-09] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\red\AppData\Local\Google\Chrome\User Data\Default [2024-10-03]
CHR Extension: (Avira Browser Safety) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-08-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-07]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-02]
CHR Extension: (Hangouts Google) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2022-06-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\red\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6738360 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [398816 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265936 2024-09-20] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [296656 2024-09-20] (Avira Operations GmbH -> Avira Operations GmbH)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1086256 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861048 2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11799776 2024-09-09] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11799776 2024-09-09] (Avira Operations GmbH -> Avira Operations GmbH)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncHelper.exe [3522976 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
S2 GlUsbFltService; C:\WINDOWS\system32\GlHubFltService.exe [192848 2023-11-23] (GENESYS LOGIC, INC. -> Genesys Logic, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-12] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10759936 2023-12-08] (Logitech Inc -> Logitech, Inc.)
S2 LogiTuneUpdaterService; C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe [5804432 2023-07-03] (Logitech Inc -> Logitech, Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.180.0905.0001\OneDriveUpdaterService.exe [3864496 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [19287448 2024-09-11] (Logitech Inc -> Logitech, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] (NETGEAR -> )

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-03-13] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-05-26] (Avira Operations GmbH -> Avira Operations GmbH)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-02-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 glusbflt; C:\WINDOWS\system32\drivers\glusbflt.sys [57288 2023-11-23] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-10-05] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-10-05] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-10-05] (Logitech Inc -> Logitech)
R3 MTKBTFilterx64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [347016 2022-06-12] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
S3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1591192 2022-06-12] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2020-08-11] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [430280 2024-08-20] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [430280 2024-08-20] (Avira Operations GmbH -> Avira Operations GmbH)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28768 2024-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [25312 2007-01-19] (NETGEAR -> Windows (R) Codename Longhorn DDK provider)
R2 speedfan; C:\WINDOWS\SysWoW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2023-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2016-02-03] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2023-01-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-31] (Microsoft Windows -> Microsoft Corporation)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-10-03 16:29 - 2024-10-03 16:29 - 002397696 _____ (Farbar) C:\Users\red\Downloads\FRST64.exe
2024-10-01 09:43 - 2024-10-01 09:43 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-09-29 01:06 - 2024-09-29 01:06 - 008790880 _____ (Malwarebytes) C:\Users\red\Desktop\adwcleaner(1).exe
2024-09-28 19:09 - 2024-09-28 19:09 - 000000000 ____D C:\WINDOWS\Panther
2024-09-26 15:14 - 2024-09-26 15:14 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2024-09-26 15:14 - 2024-09-26 15:14 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2024-09-26 15:14 - 2024-09-26 15:14 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2024-09-25 00:33 - 2024-09-25 00:33 - 000111466 _____ C:\Users\red\Downloads\IMG_3985.jpeg
2024-09-18 02:39 - 2024-09-18 02:39 - 000000000 ____D C:\WINDOWS\nswF4DF.tmp
2024-09-15 17:19 - 2024-09-15 17:50 - 000000000 ____D C:\Users\eu91\Desktop\domecek
2024-09-13 00:03 - 2024-09-13 00:03 - 000329549 _____ C:\Users\red\Downloads\stejnopis-nz-876-2023_el.pdf
2024-09-13 00:01 - 2024-09-13 00:01 - 000120173 _____ C:\Users\red\Downloads\uz-461100065286-20240726-105606.pdf
2024-09-13 00:00 - 2024-09-13 00:00 - 000385229 _____ C:\Users\red\Downloads\stejnopis-nz-603-2023.pdf
2024-09-12 23:51 - 2024-09-12 23:51 - 006690114 _____ C:\Users\red\Downloads\vyrocni zprava 2022,ucetni zaverka 2022, zprava o vztazich-1.pdf
2024-09-12 20:19 - 2024-09-12 20:19 - 006649042 _____ C:\Users\red\Downloads\ucetni zaverka [2023], vyrocni zprava [2023], zprava o vztazich [2023], zprava auditora.pdf
2024-09-12 20:18 - 2024-09-12 20:18 - 006690114 _____ C:\Users\red\Downloads\vyrocni zprava 2022,ucetni zaverka 2022, zprava o vztazich.pdf
2024-09-12 20:17 - 2024-09-12 20:17 - 000340696 _____ C:\Users\red\Downloads\stejnopis-nz-850-2023_el.pdf
2024-09-11 23:33 - 2024-09-11 23:33 - 000000000 ___HD C:\$WinREAgent
2024-09-11 22:44 - 2024-09-11 22:45 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2024-09-11 22:44 - 2024-09-11 22:44 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2024-09-11 00:34 - 2024-09-11 00:34 - 000062333 _____ C:\Users\red\Downloads\faktura9241054968.pdf
2024-09-03 21:19 - 2024-09-03 21:19 - 001039708 _____ C:\Users\red\Downloads\Performance 1-8 2024.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-10-03 16:33 - 2016-02-04 04:19 - 000000000 ____D C:\Users\red\Documents\Soubory aplikace Outlook
2024-10-03 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-03 16:31 - 2024-01-29 13:50 - 000030164 _____ C:\Users\red\Downloads\FRST.txt
2024-10-03 16:31 - 2016-10-02 13:13 - 000000000 ____D C:\FRST
2024-10-03 16:23 - 2023-10-04 17:34 - 000000000 ____D C:\Users\red\AppData\Local\LogiOptionsPlus
2024-10-03 16:22 - 2016-02-04 04:21 - 000000000 ____D C:\Users\red\AppData\Roaming\Microsoft\Excel
2024-10-03 15:57 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-10-03 15:53 - 2016-02-04 04:20 - 000000000 ____D C:\Users\red\AppData\Roaming\Microsoft\Word
2024-10-03 15:51 - 2021-04-08 02:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-03 14:45 - 2016-02-03 00:31 - 000000000 ____D C:\Users\red\AppData\Roaming\vlc
2024-10-03 13:38 - 2024-01-20 21:22 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1006
2024-10-03 13:38 - 2023-09-21 03:15 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-03 13:38 - 2023-09-21 03:15 - 000002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-03 13:38 - 2023-09-21 03:15 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-10-03 13:38 - 2022-02-28 16:15 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4021570292-3320076861-2236006042-1001
2024-10-03 13:38 - 2016-03-02 21:24 - 000000000 ___RD C:\Users\red\OneDrive
2024-10-03 12:18 - 2023-06-21 20:00 - 000000000 ____D C:\Users\red\AppData\Roaming\Telegram Desktop
2024-10-03 09:48 - 2018-05-29 22:48 - 000000000 ____D C:\Users\red\AppData\Local\D3DSCache
2024-10-03 09:44 - 2022-02-28 16:45 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-03 09:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-03 09:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-03 09:39 - 2024-01-31 17:55 - 000000000 ____D C:\Users\red\AppData\Roaming\logitune
2024-10-03 00:35 - 2023-09-21 23:10 - 001848392 _____ C:\Users\red\Downloads\uzavrene fondy11.xlsx
2024-10-03 00:00 - 2022-06-09 08:37 - 000000000 ____D C:\Users\red\Documents\Práce + finance
2024-10-02 22:53 - 2022-05-31 02:27 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-02 22:53 - 2020-06-16 20:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-02 21:45 - 2017-10-14 01:09 - 000000000 ____D C:\Users\red\AppData\Local\CrashDumps
2024-10-02 17:49 - 2024-01-20 21:20 - 000000000 ____D C:\Users\eu91\AppData\Local\LogiOptionsPlus
2024-10-02 17:49 - 2016-02-19 21:36 - 000000000 ____D C:\Program Files\CCleaner
2024-10-01 12:17 - 2024-01-20 21:22 - 000000000 ____D C:\Users\eu91\AppData\Roaming\logitune
2024-10-01 12:16 - 2024-02-09 00:47 - 000000000 ____D C:\Users\eu91\AppData\Local\CrashDumps
2024-10-01 09:44 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-10-01 09:44 - 2016-02-04 03:18 - 000000000 ____D C:\Program Files\Microsoft Office
2024-10-01 09:03 - 2024-01-20 21:20 - 000000000 ____D C:\Users\eu91\AppData\Local\D3DSCache
2024-09-30 13:49 - 2024-01-20 21:20 - 000000000 ___RD C:\Users\eu91\OneDrive
2024-09-29 17:09 - 2020-07-24 18:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-29 01:09 - 2021-04-08 02:38 - 001605812 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-09-29 01:09 - 2019-12-07 16:41 - 000682204 _____ C:\WINDOWS\system32\perfh005.dat
2024-09-29 01:09 - 2019-12-07 16:41 - 000137020 _____ C:\WINDOWS\system32\perfc005.dat
2024-09-29 01:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-09-29 01:04 - 2023-02-16 02:40 - 013211648 _____ C:\WINDOWS\system32\rtp.db
2024-09-29 01:04 - 2021-04-08 02:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-09-29 01:04 - 2021-04-08 02:37 - 000000000 ____D C:\Users\red
2024-09-29 01:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-09-29 01:04 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-09-29 01:04 - 2017-09-18 12:02 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-09-28 09:12 - 2024-01-20 21:20 - 000000000 ____D C:\Users\eu91
2024-09-26 21:36 - 2021-04-08 02:42 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-26 21:36 - 2021-04-08 02:42 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-26 15:14 - 2021-05-07 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2024-09-26 15:14 - 2021-04-08 02:42 - 000003478 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2024-09-23 21:08 - 2016-03-19 13:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-09-23 21:08 - 2016-02-02 22:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-20 12:45 - 2016-02-02 22:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-09-17 02:38 - 2024-01-20 21:32 - 000000000 ____D C:\Users\eu91\AppData\Roaming\com.adobe.dunamis
2024-09-17 02:38 - 2024-01-20 21:32 - 000000000 ____D C:\Users\eu91\AppData\Local\Adobe
2024-09-17 02:38 - 2024-01-20 21:20 - 000000000 ____D C:\Users\eu91\AppData\Roaming\Adobe
2024-09-17 01:09 - 2022-09-13 20:23 - 000000000 ____D C:\Users\red\AppData\Roaming\com.adobe.dunamis
2024-09-17 01:09 - 2016-02-03 02:02 - 000000000 ____D C:\Users\red\AppData\Local\Adobe
2024-09-17 01:09 - 2016-02-02 21:35 - 000000000 ____D C:\Users\red\AppData\Roaming\Adobe
2024-09-16 22:29 - 2022-10-14 17:48 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-09-16 22:29 - 2022-10-14 17:48 - 000002021 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-09-16 22:29 - 2021-04-08 02:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-09-13 00:03 - 2017-12-19 19:59 - 000000000 ____D C:\Users\red\AppData\Local\Packages
2024-09-12 00:32 - 2021-04-08 02:35 - 000440624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-12 00:31 - 2024-02-02 09:34 - 000000000 ____D C:\Users\red\AppData\Roaming\discord
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-09-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-11 23:44 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-11 23:43 - 2023-10-26 18:32 - 000000000 ____D C:\Users\red\AppData\Local\Discord
2024-09-11 23:41 - 2021-04-08 02:37 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-09-11 22:44 - 2023-10-04 17:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-09-11 22:44 - 2016-02-03 08:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-11 22:43 - 2023-10-26 18:32 - 000002270 _____ C:\Users\red\Desktop\Discord.lnk
2024-09-11 22:42 - 2016-02-03 08:25 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-10 08:23 - 2024-01-20 21:22 - 000000000 ____D C:\Users\eu91\AppData\Local\Greenshot
2024-09-10 08:23 - 2016-04-03 12:34 - 000000000 ____D C:\Users\red\AppData\Local\Greenshot
2024-09-08 19:47 - 2024-07-22 00:07 - 007577771 _____ C:\Users\red\Downloads\Lithopsy.xlsx
2024-09-07 23:40 - 2019-12-12 05:23 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-09-07 23:37 - 2020-03-28 12:09 - 000000000 ____D C:\ProgramData\Apple
2024-09-04 08:47 - 2023-03-23 12:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-09-04 08:47 - 2016-02-02 22:19 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== Files in the root of some directories ========

2023-08-07 02:04 - 2023-08-07 02:04 - 000000017 _____ () C:\Users\red\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by red (03-10-2024 16:33:24)
Running from C:\Users\red\Downloads
Microsoft Windows 10 Home Version 22H2 19045.4894 (X64) (2021-04-08 00:43:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4021570292-3320076861-2236006042-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4021570292-3320076861-2236006042-503 - Limited - Disabled)
eu91 (S-1-5-21-4021570292-3320076861-2236006042-1006 - Limited - Enabled) => C:\Users\eu91
Guest (S-1-5-21-4021570292-3320076861-2236006042-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4021570292-3320076861-2236006042-1003 - Limited - Enabled)
red (S-1-5-21-4021570292-3320076861-2236006042-1001 - Administrator - Enabled) => C:\Users\red
WDAGUtilityAccount (S-1-5-21-4021570292-3320076861-2236006042-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Security (Enabled - Up to date) {4C413022-CD14-1794-9EDE-74904041925B}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}
FW: Avira Security (Enabled) {71EC0A3F-391C-0E33-A103-0C8A6DF0EBF0}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}
FW: Avira Security (Enabled) {12CE3622-C811-64DE-1773-AA1774F2B8E1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Pro (HKLM-x32\...\{F99F74B4-972B-4B06-B893-6B3B0DB0128B}) (Version: 8.1.99 - ACD Systems Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20112 - Adobe)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2019.0816.1152.21357 - Advanced Micro Devices, Inc.)
ASUS AXE5400 Bluetooth Driver (HKLM-x32\...\{F80392A6-68E0-409A-B8B7-D434B204EC71}) (Version: 1.926.0.197 - ASUS)
ASUS AXE5400 Tri-Band PCIe WiFi Adapter (HKLM-x32\...\{C180DF90-0CDF-40F3-B9C7-0F36973BBEF7}) (Version: 3.3.0.564 - ASUS)
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.44.1.19908 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.104.1294 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 7.3.0.502 - Avira Operations GmbH) Hidden
Balíček ovladače systému Windows - Panasonic Corporation (WUDFRd) Lumix (01/25/2017 1.0.0.1) (HKLM\...\C1796EE2B699AE60ED2EE6EC9E7797A930C410FB) (Version: 01/25/2017 1.0.0.1 - Panasonic Corporation)
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.3 a 6.3_is1) (Version: 1.1 - )
CCleaner (HKLM\...\CCleaner) (Version: 6.27 - Piriform)
Discord (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Discord) (Version: 1.0.9020 - Discord Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2206.2990 - Avira Operations GmbH & Co. KG) Hidden
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.89 - Google LLC)
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
Hugin (HKLM\...\{4D4D36E4-0BFF-4D51-B745-FF2401C501D8}) (Version: 20.18.0 - Hugin developer team)
Infovox Desktop 2.2 (HKLM-x32\...\{52C32940-C538-40CF-8DE9-B91090F49938}) (Version: 2.220.3 - Acapela Group)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Ledger Live 2.60.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.60.0 - Ledger Live Team)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.82.618412 - Logitech)
Logi Tune 3.3.32 (HKLM-x32\...\{638159C5-38C0-4F10-A218-F2CE4CBCF833}) (Version: 3.3.32.0 - Logitech) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.10.493246 - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 10.10.58 - Logitech)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.180.0905.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\Teams) (Version: 1.5.00.17656 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\...\Mozilla Firefox 130.0.1 (x64 cs)) (Version: 130.0.1 - Mozilla)
Mozilla Firefox 45.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 45.0.1 (x64 cs)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 130.0.1.967 - Mozilla)
MSVCRT Redists (HKLM\...\{FD01461E-5788-11EB-9E8B-00155D51A912}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{FDB647E1-FA63-11EB-80FB-00155DEA5CED}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Panasonic USB Audio Driver (HKLM\...\{BDD817D3-FEE3-4932-A49B-7B137FBFF474}) (Version: 1.0.0 - Panasonic Corporation)
PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH)
Plex (HKLM-x32\...\Plex) (Version: 1.59.1 - Plex, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Return to Castle Wolfenstein (HKLM-x32\...\Return to Castle Wolfenstein) (Version: 1.0 - Activision, Inc.)
SmartControl (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\eaf31a0e-c98a-5e6e-9883-2a487a3337a1) (Version: 6.18.0 - Philips)
Telegram Desktop (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.5.5 - Telegram FZ-LLC)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vysor (HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\vysor) (Version: 5.0.7 - Vysor Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-18] ()
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa [2024-09-12] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2409.21001.0_x64__8wekyb3d8bbwe [2024-09-26] (Microsoft Corporation) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2024-05-19] (Twitter Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2438.6.0_x64__cv1g1gvanyjgm [2024-10-01] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4021570292-3320076861-2236006042-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4021570292-3320076861-2236006042-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\red\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22147.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4021570292-3320076861-2236006042-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [File not signed]
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-07-23] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-09-20] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-09-20] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-07-23] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-07-23] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\SysWOW64\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]
HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\SysWOW64\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl

==================== Loaded Modules (Whitelisted) =============

2023-07-03 20:29 - 2023-07-03 20:29 - 002577408 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\ffmpeg.dll
2023-07-03 20:29 - 2023-07-03 20:29 - 000380416 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\libegl.dll
2023-07-03 20:29 - 2023-07-03 20:29 - 006685184 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\libglesv2.dll
2023-07-03 20:29 - 2023-07-03 20:29 - 004691456 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\vk_swiftshader.dll
2023-07-03 20:29 - 2023-07-03 20:29 - 000804864 _____ () [File not signed] C:\Program Files (x86)\Logitech\LogiTune\vulkan-1.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-06-28 18:32 - 2019-06-28 18:32 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2013-08-07 15:24 - 2013-08-07 15:24 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-07 15:24 - 2013-08-07 15:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2016-02-04 03:19 - 2021-05-28 00:07 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-04-20 17:06 - 2020-04-20 17:06 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2016-02-04 03:19 - 2021-05-28 00:07 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Client\C2R64.dll
2020-04-20 17:06 - 2020-04-20 17:06 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2024-07-26 08:40 - 2024-07-26 08:40 - 003092992 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\2f071795c7a0b6298db219f85899af0a\Newtonsoft.Json.ni.dll
2021-04-08 00:53 - 2021-04-08 00:53 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-16 12:49 - 2019-08-16 12:49 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-06-28 18:32 - 2019-06-28 18:32 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-06-28 18:33 - 2019-06-28 18:33 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-06-28 18:33 - 2019-06-28 18:33 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-06-28 18:33 - 2019-06-28 18:33 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-06-28 18:33 - 2019-06-28 18:33 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-06-28 18:33 - 2019-06-28 18:33 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-06-28 18:33 - 2019-06-28 18:33 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-06-28 18:33 - 2019-06-28 18:33 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-06-28 18:33 - 2019-06-28 18:33 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2024-01-31 16:06 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-05-30 19:23 - 2018-05-30 19:23 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\Control Panel\Desktop\\Wallpaper -> c:\users\red\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\img0.jpg
HKU\S-1-5-21-4021570292-3320076861-2236006042-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\eu91\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\2470913422583615529\133720191273039292.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is enabled.

Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi 2: MediaTek Wi-Fi 6E MT7922 160MHz Wireless LAN Card -> mtkwl6ex.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Připojení k místní síti: Phantom TAP-Windows Adapter V9 -> phantomtap.sys

SCM_NDISPROT: General NDIS Protocol Driver

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: SessionEnv => 3
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Device Detector"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4021570292-3320076861-2236006042-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8B4B69D160AA12BA5821F85CAB2F1CEB"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D3F9A346-E22B-452D-9C7C-C7909B652B18}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D637D14E-66FF-4861-8683-F83861580180}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F9EEDE23-D9F3-4ACB-8526-12A54EF7B3AB}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D05BD312-42D7-40AF-8A0A-0F4FE67E797C}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{8922B494-ED9C-4DB0-A840-79CE4DEAD033}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{B564B9B3-A3B3-4BCB-A4DE-CE3DED8AB45E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{82AF924E-8CD3-43A5-89DD-DB05D3335680}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Block) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe () [File not signed]
FirewallRules: [TCP Query User{C5453C22-2B7A-4063-A10A-AEEABB8A41AC}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Block) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe () [File not signed]
FirewallRules: [{86AB537D-3D86-451B-90DA-693A703BF1C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7CE15EA9-4B6E-46A2-8451-E9B9E331CF17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5C83F783-D06F-4523-81F1-FB003DCAD466}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{FA6A2FED-8C64-48FA-A880-F0289D081F54}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{6956AB22-63D1-492E-854C-C5C1F6F979BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F2F54032-0E2C-473A-B4C0-CBD98A0612F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EAED52A0-1531-432B-8F5E-3518F0246F36}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{12DC5BDC-DA5D-4335-841B-1D794FB3F8CC}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{15D6DB3B-8ED6-4534-8861-EBC1FF8879DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{47597B18-B52A-4A19-B51F-3584F917D15F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [TCP Query User{1F537970-4883-4B89-9203-B87686F8F4D1}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{987CEA3B-7EA5-4176-B2E8-BA1BF89F7472}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AAA04367-88B3-4829-A542-8B00819669F5}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C6D8BBD5-140B-466E-969E-52E8D7523DDE}C:\users\red\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\red\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A71705C7-EE16-412A-AECA-08883BDA26B2}C:\program files\plex\plex\plex.exe] => (Block) C:\program files\plex\plex\plex.exe (Plex, Inc. -> )
FirewallRules: [UDP Query User{9E895220-C99E-4C32-8887-B6EA90FB3AE4}C:\program files\plex\plex\plex.exe] => (Block) C:\program files\plex\plex\plex.exe (Plex, Inc. -> )
FirewallRules: [{0CE4D99C-EDCE-4ED9-964D-922135614E41}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{77C5EB99-C729-4256-AB30-6BB832B923B2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40DD684B-3496-4FEB-B12C-2B074383E095}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{AE759D8F-5638-4C7C-A2FF-794CB0BF060F}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{2F5EEBE9-640F-4F17-A8D2-83903C39AE77}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E80EE683-78E2-4568-BD09-78AD7C6BAC84}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{74F2947B-F87C-4790-992C-B3C54D0D3991}C:\smartcontrol\smartcontrol.exe] => (Allow) C:\smartcontrol\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [UDP Query User{FFC0E1E4-3689-4CFB-AB8A-7D2F503A48AC}C:\smartcontrol\smartcontrol.exe] => (Allow) C:\smartcontrol\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [TCP Query User{8EEEC27D-C76E-4344-AEED-496DC333C3C4}C:\smartcontrol\resources\bin\smartcontrol.exe] => (Allow) C:\smartcontrol\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [UDP Query User{4D19BD0C-B873-4BCE-A4F6-A406C6FD32A2}C:\smartcontrol\resources\bin\smartcontrol.exe] => (Allow) C:\smartcontrol\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [{5B4B6E93-89E3-4EBF-9350-D65E78B0EABB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB0D7748-251B-4C43-96A6-5627953EBB15}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{DDAC49F0-C2F2-401A-AB97-24D59998F2F2}C:\users\red\appdata\local\vysor\app-5.0.7\vysor.exe] => (Block) C:\users\red\appdata\local\vysor\app-5.0.7\vysor.exe (Vysor, Inc -> Vysor Inc.)
FirewallRules: [UDP Query User{B69695D1-D4DB-4AAB-98CC-F83DD78D0CA5}C:\users\red\appdata\local\vysor\app-5.0.7\vysor.exe] => (Block) C:\users\red\appdata\local\vysor\app-5.0.7\vysor.exe (Vysor, Inc -> Vysor Inc.)
FirewallRules: [{BBA9BADD-776C-475C-90FC-0883A2DEC592}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{05A28DC2-27FD-4163-AF9D-04AA2E14210B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{68F6034A-F344-4663-8F02-C8D053BB30EB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BF658723-8E15-4D2E-8051-49D17926600D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{43F3D7A7-CA34-43A0-8A05-4C8220D77242}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8058777A-85EF-40CF-A709-D4CC8F3D6C5B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F14992D6-11F2-441D-A33E-A850EC8847BE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{39DB6BD4-FFCF-4977-B75E-CFEDEE9EB706}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12133.2.3006.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7DB9ECCB-3747-4329-B463-8E5F4F40F706}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8328FCC5-6E37-41C2-A66A-364239A934BB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AA465F6E-88B6-4483-9026-33C6062E7078}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B592443-8672-4EE9-83DB-660F475DDBB3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{41FA3E7D-9263-4403-8EEA-8C90B3E0DB7B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94C57C5E-8721-44F5-B0E3-1D0B2CB677C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: MediaTek Wi-Fi 6E MT7922 160MHz Wireless LAN Card
Description: MediaTek Wi-Fi 6E MT7922 160MHz Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: MediaTek, Inc.
Service: mtkwlex
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AMD Radeon HD 7700 Series
Description: AMD Radeon HD 7700 Series
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdkmdag
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/02/2024 11:41:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.4355, časové razítko: 0x6564cf4e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4842, časové razítko: 0xe6d00f33
Kód výjimky: 0xc00001ad
Posun chyby: 0x0000000000132f62
ID chybujícího procesu: 0x2b20
Čas spuštění chybující aplikace: 0x01db1513cf4d4b8f
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 998b7b92-1e78-4898-80aa-459bb7559980
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/02/2024 11:41:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.4355, časové razítko: 0x6564cf4e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4842, časové razítko: 0xe6d00f33
Kód výjimky: 0xc00001ad
Posun chyby: 0x0000000000132f62
ID chybujícího procesu: 0x45b4
Čas spuštění chybující aplikace: 0x01db1513ce5a591e
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 0d3cb361-7eb0-4fc6-9caa-8b8f6ec9ae7a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/02/2024 11:41:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.4355, časové razítko: 0x6564cf4e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4842, časové razítko: 0xe6d00f33
Kód výjimky: 0xc00001ad
Posun chyby: 0x0000000000132f62
ID chybujícího procesu: 0x4984
Čas spuštění chybující aplikace: 0x01db1513cd544cba
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3ee8a20e-c66f-43f6-8d1c-66da096ff157
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/02/2024 11:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.4355, časové razítko: 0x6564cf4e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4842, časové razítko: 0xe6d00f33
Kód výjimky: 0xc00001ad
Posun chyby: 0x0000000000132f62
ID chybujícího procesu: 0x328
Čas spuštění chybující aplikace: 0x01db1513cc4f14d7
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 093c2ed4-dc96-4a81-874c-f605fa0ef441
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/02/2024 11:41:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.4355, časové razítko: 0x6564cf4e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4842, časové razítko: 0xe6d00f33
Kód výjimky: 0xc00001ad
Posun chyby: 0x0000000000132f62
ID chybujícího procesu: 0x580c
Čas spuštění chybující aplikace: 0x01db1513cb058738
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 86457a53-cdaa-4fb8-b846-f81b762a5a71
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/02/2024 11:41:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.4355, časové razítko: 0x6564cf4e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4842, časové razítko: 0xe6d00f33
Kód výjimky: 0xc00001ad
Posun chyby: 0x0000000000132f62
ID chybujícího procesu: 0x5190
Čas spuštění chybující aplikace: 0x01db1513c9b82ab0
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c7ab3a69-2911-4c8d-8b8a-755487455ad5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/02/2024 11:41:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.4355, časové razítko: 0x6564cf4e
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4842, časové razítko: 0xe6d00f33
Kód výjimky: 0xc00001ad
Posun chyby: 0x0000000000132f62
ID chybujícího procesu: 0x4d48
Čas spuštění chybující aplikace: 0x01db14e2c103f147
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: eea8cda4-20dd-40d9-80eb-a7cc5bfa04fd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/02/2024 09:45:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 129.0.6668.60, časové razítko: 0x66e881ec
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4842, časové razítko: 0xe6d00f33
Kód výjimky: 0xe0000008
Posun chyby: 0x000000000003b699
ID chybujícího procesu: 0xd40
Čas spuštění chybující aplikace: 0x01db14e2d3cf1731
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3f5f588c-1fef-4b19-9dde-144150bb6586
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/03/2024 09:38:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_971beba byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (10/02/2024 09:45:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Zasílání zpráv o chybách systému Windows byla ukončena s následující chybou:
Proces inicializace dynamicky připojované knihovny (DLL) se nezdařil.

Error: (10/02/2024 05:50:21 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/02/2024 05:50:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_5155a90 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (10/02/2024 05:49:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_5048097 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (10/01/2024 12:18:07 PM) (Source: DCOM) (EventID: 10010) (User: RED)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/30/2024 01:49:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_40c69d7 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (09/30/2024 12:15:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_3e219cc byla ukončena s následující chybou:
Zařízení není připraveno.


Windows Defender:
================Event[0]:

Date: 2024-08-19 22:01:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-08-27 23:59:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-08-01 15:49:10
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-06-08 10:40:05
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.98.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-02-16 13:18:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.383.70.0
Předchozí verze bezpečnostních informací: 1.379.1233.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.20000.2
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80004004
Popis chyby: Operace přerušena

CodeIntegrity:
===============
Date: 2024-10-03 16:14:24
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.18B1 08/19/2013
Motherboard: MSI H77MA-G43 (MS-7756)
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 57%
Total physical RAM: 16332.43 MB
Available physical RAM: 6868.05 MB
Total Virtual: 16332.43 MB
Available Virtual: 5599.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.47 GB) (Free:3.18 GB) (Model: INTEL SSDSC2CW120A3) NTFS
Drive d: (WD RED) (Fixed) (Total:3726.01 GB) (Free:3243.84 GB) (Model: WDC WD40EFPX-68C6CN0) NTFS
Drive e: (WD 5T) (Fixed) (Total:4657.4 GB) (Free:2930.94 GB) (Model: WDC WD50EZRX-00MVLB1) NTFS

\\?\Volume{aa1ad076-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{aa1ad076-0000-0000-0000-30bd1b000000}\ () (Fixed) (Total:0.83 GB) (Free:0.26 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: AA1AD076)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=852 MB) - (Type=27)

==========================================================
Disk: 1 (Protective MBR) (Size: 4657.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[JaRon]

Ahoj,
pouzi fixlist s obsahom:

Start

S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]

EmptyTemp:

End

[red]

Adoj, děkuji a tady to je:

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by red (03-10-2024 17:34:13) Run:2
Running from C:\Users\red\Downloads\FRST
Loaded Profiles: red & eu91
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]

EmptyTemp:

End

*****************

HKLM\System\CurrentControlSet\Services\netprotection_network_filter2 => could not remove. Access Denied.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 56958765 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 163478044 B
Windows/system/drivers => 1407631232 B
Edge => 0 B
Chrome => 235711641 B
Firefox => 201911765 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 24204 B
NetworkService => 24204 B
red => 237250888 B
eu91 => 244224441 B

RecycleBin => 17205264 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-10-2024 17:42:42)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\netprotection_network_filter2 => could not remove. Access Denied.

==== End of Fixlog 17:42:42 ====

[JaRon]

Rextartuj PC
S prikazoveho riadku spusteneho ako spravca spust
Sfc /scannow

Potom pozri kolko volneho miesta masna disku c:

[red]

Mám teď cca 4,82 CB - to se zlepšilo. Mám tu dát i ten log? Je brutálně dlouhý

[JaRon]

Log netreba
Pokial by sa Ti este podarilo nieco z disku c: odstranit akebo premiestnit bolo by fajn
Pokial sa tento systemovy disk zaplna generuje to rozne problemy
Mozes napr. obmedzit swapovanie na tento disk

[red]

Já mám nový disk už pár měsíců, ale nějak nemám čas to přeinstalovat.

Moc díky za pomoc

[JaRon]

Rado sastalo