Prosim o kontrolu...seka se mi notas a hodne zpomalil

[Interista]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31.07.2024
Ran by zdena (11-10-2024 13:23:32)
Running from C:\Users\zdena\OneDrive\Desktop
Microsoft Windows 11 Pro Version 23H2 22631.4317 (X64) (2023-10-06 07:37:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-883310175-2301833618-3775178469-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-883310175-2301833618-3775178469-503 - Limited - Disabled)
Guest (S-1-5-21-883310175-2301833618-3775178469-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-883310175-2301833618-3775178469-504 - Limited - Disabled)
zdena (S-1-5-21-883310175-2301833618-3775178469-1001 - Administrator - Enabled) => C:\Users\zdena

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ace Stream Media 3.2.6 (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\AceStream) (Version: 3.2.6 - Ace Stream Media) <==== ATTENTION
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.286 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 27.0.20.105 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 27.1.2.1 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 6.28 - Piriform)
Czechwealth Market Profit Pack (1.0.231208) pro NinjaTrader 8 verze 1.0.231208 (HKLM-x32\...\{c8bc5b41-4acd-464f-a152-1340f381b3ef}_is1) (Version: 1.0.231208 - CZECHWEALTH)
Czechwealth Pack (1.1.240201) pro NinjaTrader 8 verze 1.1.240201 (HKLM-x32\...\{316B3186-406A-44DD-BD5B-072E3CCDAB12}_is1) (Version: 1.1.240201 - CZECHWEALTH)
Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Discord) (Version: 1.0.9020 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.301.0.5814 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{86d1aaaf-ecb8-4d85-be92-7db221c394d7}) (Version: 13.301.0.5814 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
Fallout 4 - Čeština (HKLM-x32\...\{42505231-68D1-4F96-92B8-20248DE22F10}) (Version: 1.0.3 - prekladyher.eu)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.90 - Google LLC)
GoTo 4.11.0 (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\b5746384-3503-4fbf-824a-0a42d1bd0639) (Version: 4.11.0 - GoTo Group, Inc.)
GoTo Opener (HKLM-x32\...\{89D08BC3-F9FF-480C-B172-AA1E3643CE60}) (Version: 1.0.568 - LogMeIn, Inc.)
GoToMeeting 10.20.0.19992 (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\GoToMeeting) (Version: 10.20.0.19992 - LogMeIn, Inc.)
IC Markets (EU) Ltd cTrader 4.9.1.22076 (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\362be1be0d8dc2cb587c1c6753135785) (Version: 4.9.1.22076 - Spotware Systems Ltd.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legion Accessory Central (HKLM-x32\...\{36136AB2-8565-4A03-90DD-197DD5AEA090}_is1) (Version: 2.0.6.06161 - Lenovo)
Lenovo Now (HKLM-x32\...\Lenovo Now) (Version: 3.11.0.15 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
MetaTrader 4 Terminal ICMarketsEU (HKLM-x32\...\MetaTrader 4 Terminal ICMarketsEU) (Version: 4.00 - MetaQuotes Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.79 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.79 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.25503 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
MKVToolNix 79.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 79.0.0 - Moritz Bunkus)
NinjaTrader (HKLM\...\{2713A76E-E7D1-4E39-84CF-43497D900DC1}) (Version: 8.1.1.7 - NinjaTrader, LLC)
NVIDIA Broadcast 1.4.0.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.4.0.29 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 561.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 561.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
NVIDIA USBC Driver 1.52.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.52.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20150 - Microsoft Corporation) Hidden
OpenOffice 4.1.9 (HKLM-x32\...\{AF1550B8-D3D6-425E-A6C1-F21C157DF754}) (Version: 4.19.9805 - Apache Software Foundation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
tastytrade (HKLM\...\{9C7B9257-A33A-35D9-AD2B-7D99799FF79F}) (Version: 2.4.1 - tastyworks, inc.)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Tobii Experience Software For Windows (HKLM\...\{50584CC5-E289-4591-8091-25AF533AE85A}) (Version: 4.74.0.32957 - Tobii AB)
Tobii Experience Software For Windows (LenovoYX80) (HKLM\...\{267FC4F8-7110-4AB7-831C-3B77BCEB9C59}) (Version: 4.182.0.29391 - Tobii AB)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 148.1.10975 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Wondershare Filmora 13(Build 13.5.1.7566) (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.1) (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
X-Rite Color Assistant 2.24.2 (HKLM-x32\...\{6DCFB107-4604-4AA8-BEA6-CC80BCF0B3E4}_is1) (Version: 2.24.2 - X-Rite, Inc)

Chrome apps:
============
Disk Google (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\77cba70a21a4f73b609477df1b54e967) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\ae42edfb9a5e12f4170ada661654732a) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\2168857ee0e04b740183345f0d189c9d) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\c3d73951481892f0379f3b39cf4fb106) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\283ea8b5123772634db42ece4b1240a8) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\25fd998453124bf1695d30fd5b0b64f6) (Version: 1.0 - Google\Chrome)

Packages:
=========

AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt [2024-09-14] (INTEL CORP) [Startup Task]
aText -> C:\Program Files\WindowsApps\63996TranKyNam.aText_1.41.0.0_neutral__wfd09jcz50d5g [2024-09-19] (Tran Ky Nam) [Startup Task]
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2024-10-11] (Bitdefender)
Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.20400.722.0_x64__rz1tebttyb220 [2024-09-23] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2024-08-02] (Dropbox Inc.)
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-08-02] (Microsoft Corporation) [Startup Task]
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.23306.1292.0_x64__8wekyb3d8bbwe [2024-09-26] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2409.29.0_x64__k1h2ywk1493x8 [2024-10-07] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-03] (LENOVO INC) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2409.21002.0_x64__8wekyb3d8bbwe [2024-10-07] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-10-08] (Microsoft Corp.)
Microsoft Jenny (Natural) - English (United States) -> C:\Program Files\WindowsApps\MicrosoftWindows.Voice.en-US.Jenny.1_1.0.8.0_x64__cw5n1h2txyewy [2024-01-23] (Microsoft Windows)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24243.1309.3132.617_x64__8wekyb3d8bbwe [2024-10-02] (Microsoft) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-27] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.2331.0_x64__8wekyb3d8bbwe [2024-09-12] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-08-02] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-10-08] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.168.0_x64__8wekyb3d8bbwe [2024-09-25] (Microsoft Corporation) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24091.30.0_x64__cw5n1h2txyewy [2024-10-10] (Microsoft Windows) [Startup Task]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.1.0_x64__w2gh52qy24etm [2024-04-27] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2409.203.0_x64__8wekyb3d8bbwe [2024-09-27] (Microsoft Corporation) [Startup Task]
Speech Pack - English (United States) -> C:\Program Files\WindowsApps\MicrosoftWindows.Speech.en-US.1_1.0.16.0_x64__cw5n1h2txyewy [2024-01-23] (Microsoft Windows)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0 [2024-10-11] (Spotify AB) [Startup Task]
Tobii Experience -> C:\Program Files\WindowsApps\TobiiAB.TobiiEyeTrackingPortal_1.71.32957.0_x64__j9ea20k37yd2w [2024-04-03] (Tobii AB) [Startup Task]
TradingView -> C:\Program Files\WindowsApps\TradingView.Desktop_2.9.2.6491_x64__n534cwy3pjxzj [2024-09-04] (TradingView, Inc.) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2439.7.0_x64__cv1g1gvanyjgm [2024-10-08] (WhatsApp Inc.) [Startup Task]
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-09-23] (Microsoft Corporation)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.275.500.0_x64__8wekyb3d8bbwe [2024-10-10] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.266.2241.0_x64__8wekyb3d8bbwe [2024-10-02] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-10-10] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-10-10] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-10-10] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\LKG\MicrosoftWindows.LKG.TwinSxS_cw5n1h2txyewy [2024-10-10] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2023-12-06] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-883310175-2301833618-3775178469-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\zdena\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-883310175-2301833618-3775178469-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\zdena\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.25503\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-883310175-2301833618-3775178469-1001_Classes\CLSID\{4EC1DC1A-D44C-44D8-9C88-B2C957A53583}\localserver32 -> C:\Users\zdena\AppData\Local\Programs\goto\GoTo.exe (LogMeIn, Inc. -> GoTo Group, Inc.)
CustomCLSID: HKU\S-1-5-21-883310175-2301833618-3775178469-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\zdena\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-883310175-2301833618-3775178469-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\zdena\AppData\Local\GoToMeeting\19992\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_d4bea506394bce7a\nvshext.dll [2024-09-06] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_agimnkijcaahngcdmfeangaknmldooml\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\zdena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\zdena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\zdena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\zdena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\zdena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\zdena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\zdena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\zdena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3d8d51fdee5be7f7\Screen Recorder.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jdopnakmnlnccgpfpmjmdjjohmcdgabp

==================== Loaded Modules (Whitelisted) =============

2023-10-19 13:45 - 2023-01-27 10:39 - 000147456 _____ () [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Interop.UIAutomationClient.dll
2024-06-25 23:51 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2024-06-25 23:51 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2024-02-24 12:52 - 2024-02-24 12:52 - 000155136 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\_cffi_backend.pyd
2024-06-22 19:50 - 2024-07-09 13:55 - 000732672 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
2024-06-22 20:00 - 2024-07-09 13:55 - 011361792 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
2024-06-22 19:49 - 2024-07-09 13:55 - 006696448 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000303722 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pysegmenter.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 002382336 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pywebrtc.pyd
2024-02-24 12:52 - 2024-02-24 12:52 - 000046592 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\aiohttp._helpers.pyd
2024-02-24 12:52 - 2024-02-24 12:52 - 000231424 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\aiohttp._http_parser.pyd
2024-02-24 12:52 - 2024-02-24 12:52 - 000041984 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\aiohttp._http_writer.pyd
2024-02-24 12:52 - 2024-02-24 12:52 - 000029696 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\aiohttp._websocket.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 001532416 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\apsw.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000045056 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
2024-02-24 12:52 - 2024-02-24 12:52 - 000072192 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\frozenlist._frozenlist.pyd
2019-07-10 20:56 - 2019-07-10 20:56 - 000112142 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\libgcc_s_dw2-1.dll
2021-09-10 11:23 - 2021-09-10 11:23 - 027957202 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\libopenblas.U35RT5X5BPDSH5ZTF276YADQR2KDU6PR.gfortran-win32.dll
2021-09-10 11:23 - 2021-09-10 11:23 - 000128512 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\lxml._elementpath.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 003355648 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\lxml.etree.pyd
2024-02-24 12:52 - 2024-02-24 12:52 - 000013824 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\markupsafe._speedups.pyd
2024-02-24 12:52 - 2024-02-24 12:52 - 000035840 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\multidict._multidict.pyd
2024-02-24 12:52 - 2024-02-24 12:52 - 000315392 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\nacl._sodium.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000019456 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\netifaces.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000102400 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.core._multiarray_tests.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 002159616 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.core._multiarray_umath.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000075776 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.fft._pocketfft_internal.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000129536 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.linalg._umath_linalg.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000015360 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.linalg.lapack_lite.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000223744 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.random._bounded_integers.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000163328 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.random._common.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000590848 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.random._generator.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000064000 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.random._mt19937.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000059392 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.random._pcg64.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000060928 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.random._philox.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000044032 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.random._sfc64.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000124928 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.random.bit_generator.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000519680 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\numpy.random.mtrand.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000065536 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\psutil._psutil_windows.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000423936 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\pythoncom38.dll
2021-09-10 11:23 - 2021-09-10 11:23 - 000114688 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\pywintypes38.dll
2021-09-10 11:23 - 2021-09-10 11:23 - 000103424 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000403456 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\win32com.shell.shell.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000124928 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000175104 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\win32gui.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000028160 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000043520 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\win32process.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000930816 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\wx._adv.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 005868032 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\wx._core.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000100352 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\wx.siplib.pyd
2024-02-24 12:52 - 2024-02-24 12:52 - 000081920 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\yarl._quoting_c.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000009728 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_ARC4.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000031232 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_aes.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000012800 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_aesni.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000010752 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_cbc.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000011264 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_cfb.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000011264 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_ctr.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000051200 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_des.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000051200 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_des3.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000009216 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_ecb.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000011776 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_ocb.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000010240 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_raw_ofb.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000011776 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Cipher\_Salsa20.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000012288 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Hash\_BLAKE2s.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000011264 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Hash\_ghash_clmul.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000011264 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Hash\_ghash_portable.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000013312 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Hash\_MD5.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000016384 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Hash\_SHA1.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000018944 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Hash\_SHA256.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000029696 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Math\_modexp.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000010240 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Protocol\_scrypt.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000009216 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Util\_cpuid_c.cp38-win32.pyd
2020-11-10 13:36 - 2020-11-10 13:36 - 000009216 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\Crypto\Util\_strxor.cp38-win32.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000393728 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\M2Crypto\_m2crypto.cp38-win32.pyd
2021-09-10 11:23 - 2021-09-10 11:23 - 000046592 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\miniupnpc.cp38-win32.pyd
2016-12-17 19:44 - 2016-12-17 19:44 - 000091648 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\_ctypes.pyd
2016-12-17 19:46 - 2016-12-17 19:46 - 001016832 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
2016-12-17 19:45 - 2016-12-17 19:45 - 000046592 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
2016-12-17 19:45 - 2016-12-17 19:45 - 001410048 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
2011-01-18 22:56 - 2011-01-18 22:56 - 000334336 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
2016-12-17 19:44 - 2016-12-17 19:44 - 000136704 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
2012-02-07 18:38 - 2012-02-07 18:38 - 000358912 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
2012-02-07 18:35 - 2012-02-07 18:35 - 000110080 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
2016-12-17 19:44 - 2016-12-17 19:44 - 000010240 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\select.pyd
2012-02-07 18:37 - 2012-02-07 18:37 - 000098816 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
2012-02-07 18:36 - 2012-02-07 18:36 - 000111616 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
2012-02-07 18:36 - 2012-02-07 18:36 - 000024064 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 000966144 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
2011-07-15 20:37 - 2011-07-15 20:37 - 000981504 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 000746496 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 000674816 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 000670720 _____ () [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
2023-10-19 13:45 - 2020-05-11 17:14 - 000251904 _____ (Autofac) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Autofac.dll
2019-07-10 20:56 - 2019-07-10 20:56 - 020468224 _____ (FFmpeg Project) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\avcodec-56.dll
2019-07-10 20:56 - 2019-07-10 20:56 - 005897216 _____ (FFmpeg Project) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\avformat-56.dll
2019-07-10 20:56 - 2019-07-10 20:56 - 000481280 _____ (FFmpeg Project) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\avutil-54.dll
2019-07-10 20:56 - 2019-07-10 20:56 - 000279552 _____ (FFmpeg Project) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\swresample-1.dll
2023-10-19 13:45 - 2019-12-30 15:06 - 000613376 _____ (ic#code) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\ICSharpCode.AvalonEdit.dll
2023-10-19 13:45 - 2022-03-11 11:41 - 000442880 _____ (Jeremy Skinner) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\FluentValidation.dll
2023-10-19 13:45 - 2023-02-20 16:36 - 000282624 _____ (Marc Gravell) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\protobuf-net.Core.dll
2023-10-19 13:45 - 2023-02-20 16:37 - 000279552 _____ (Marc Gravell) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\protobuf-net.dll
2023-10-19 13:45 - 2013-03-09 20:25 - 000091648 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Microsoft.Expression.Interactions.dll
2023-10-19 13:45 - 2013-03-09 20:25 - 000039936 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\System.Windows.Interactivity.dll
2023-10-19 13:45 - 2020-01-27 15:10 - 000223232 _____ (Newtonsoft) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Newtonsoft.Json.Schema.dll
2023-10-19 13:45 - 2021-05-14 14:27 - 000821248 _____ (NLog) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\NLog.dll
2016-12-17 19:43 - 2016-12-17 19:43 - 002639872 _____ (Python Software Foundation) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\PYTHON27.DLL
2020-09-02 13:40 - 2020-09-02 13:40 - 000006144 _____ (pythonnet) [File not signed] [File is in use] C:\Users\zdena\AppData\Roaming\ACEStream\engine\python-libs\clr.pyd
2023-10-19 13:45 - 2023-06-01 09:36 - 000155136 _____ (RoslynPad.Editor.Windows) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\RoslynPad.Editor.Windows.dll
2023-10-19 13:45 - 2023-06-01 09:36 - 000210432 _____ (RoslynPad.Roslyn) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\RoslynPad.Roslyn.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000327168 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\ar-SA\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000092672 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Common.Connection.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000420352 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Common.Domain.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000657920 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Common.Domain.LocalizedStrings.dll
2023-10-19 13:45 - 2023-07-19 11:05 - 000095744 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.AlgoFormat.dll
2023-10-19 13:45 - 2023-07-19 11:05 - 000024576 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.AlgoFormat.Reader.dll
2023-10-19 13:45 - 2022-03-28 10:19 - 000020992 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Autofac.Extension.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000032256 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.cBraltar.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000106496 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Configuration.dll
2023-10-19 13:45 - 2023-08-21 14:26 - 001114624 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Connection.Protobuf.CId.dll
2023-10-19 13:45 - 2023-08-21 14:26 - 000038400 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Connection.Protobuf.Common.dll
2023-10-19 13:45 - 2023-08-21 14:26 - 000012800 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Connection.Protobuf.DataStore.dll
2023-10-19 13:45 - 2023-08-21 14:26 - 000644096 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Connection.Protobuf.JavaMirror.dll
2023-10-19 13:45 - 2023-08-21 14:26 - 001511424 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Connection.Protobuf.Server.dll
2023-10-19 13:45 - 2023-08-21 14:26 - 000177152 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Connection.Protobuf.Social.dll
2023-10-19 13:45 - 2022-11-25 10:55 - 000028672 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Domain.Primitives.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000278016 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Framework.Extension.dll
2023-10-19 13:45 - 2022-09-07 11:01 - 000079872 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.GuiSettings.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000061952 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Charts.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000033280 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Mapper.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000214528 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Core.Presentation.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000283136 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cs-CZ\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 001185792 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Automate.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000139264 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Automate.Domain.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000655360 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Automate.Domain.Shared.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000059392 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Automate.Infrastructure.Common.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000014848 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Automate.Infrastructure.InProc.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000014336 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Automate.Infrastructure.Shared.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000095744 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Automate.Infrastructure.Windows.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000056832 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Common.Windows.Infrastructure.dll
2023-10-19 13:45 - 2023-10-13 14:22 - 000767488 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Controls.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000690688 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Domain.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000094720 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Chart.Domain.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000182784 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Chart.Infrastructure.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000286720 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Images.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000229888 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Infrastructure.Connection.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000033280 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Infrastructure.Desktop.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000490496 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Infrastructure.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000105984 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Infrastructure.GuiSettings.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000961536 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Infrastructure.Server.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000173568 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.MarketReplay.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000333824 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Memento.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000792576 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Setup.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 004925952 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.ViewModels.dll
2023-10-19 13:45 - 2023-10-13 14:21 - 000036864 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.ViewModels.Reporting.dll
2023-10-19 13:45 - 2023-10-13 14:23 - 010654720 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\cTrader.Views.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000289792 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\de-DE\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000344576 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\el-GR\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000296448 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\es-ES\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000297984 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\fr-FR\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-08-28 10:47 - 000010240 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\Html2Xaml.Wpf.Autofac.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000293888 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\hu-HU\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000282624 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\id-ID\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000290304 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\it-IT\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000325120 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\ja-JP\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000293888 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\ko-KR\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000282112 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\ms-MY\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000294400 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\pl-PL\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000293376 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\pt-PT\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000363520 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\ru-RU\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000284672 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\sk-SK\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000283648 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\sl-SI\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000285184 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\sr-Latn-RS\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000407040 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\th-TH\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000287232 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\tr-TR\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000316928 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\vi-VN\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000273920 _____ (Spotware Systems Ltd.) [File not signed] [File is in use] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\zh-Hans\Common.Domain.LocalizedStrings.resources.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000075264 _____ (Spotware Systems Ltd.) [File not signed] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\algohost.netcore\cTrader.Automate.Build.Simplified.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000494080 _____ (Spotware Systems Ltd.) [File not signed] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\algohost.netcore\cTrader.Automate.Host.dll
2023-10-19 13:45 - 2023-10-13 14:20 - 000211456 _____ (Spotware Systems Ltd.) [File not signed] C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\app_4.9.1.22076\algohost.netcore\cTrader.Automate.Indicators.dll
2019-12-21 12:55 - 2019-12-21 12:55 - 001380864 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\LIBEAY32.dll
2019-12-21 12:55 - 2019-12-21 12:55 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\SSLEAY32.dll
2024-06-25 23:51 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2021-09-10 11:23 - 2021-09-10 11:23 - 000166400 _____ (wxWidgets development team) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\wxbase314u_net_vc140.dll
2021-09-10 11:23 - 2021-09-10 11:23 - 002287616 _____ (wxWidgets development team) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\wxbase314u_vc140.dll
2021-09-10 11:23 - 2021-09-10 11:23 - 007031808 _____ (wxWidgets development team) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\engine\lib\wxmsw314u_core_vc140.dll
2011-07-15 20:33 - 2011-07-15 20:33 - 000122368 _____ (wxWidgets development team) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wxbase28uh_net_vc.dll
2011-07-15 20:33 - 2011-07-15 20:33 - 001300992 _____ (wxWidgets development team) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wxbase28uh_vc.dll
2011-07-15 20:34 - 2011-07-15 20:34 - 000730112 _____ (wxWidgets development team) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wxmsw28uh_adv_vc.dll
2011-07-15 20:34 - 2011-07-15 20:34 - 003165184 _____ (wxWidgets development team) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wxmsw28uh_core_vc.dll
2011-07-15 20:34 - 2011-07-15 20:34 - 000479744 _____ (wxWidgets development team) [File not signed] C:\Users\zdena\AppData\Roaming\ACEStream\updater\lib\wxmsw28uh_html_vc.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5126]
AlternateDataStreams: C:\Users\zdena\OneDrive\Desktop\FRST64.exe:BDU [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackerstbie.dll [2024-10-09] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\antispam32\bdtrackerstbie.dll [2024-10-09] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2024-07-01 20:52 - 2024-07-01 20:52 - 000000927 _____ C:\Windows\system32\drivers\etc\hosts
54.70.76.77 geoip.pango-paas.co
3.161.119.99 1uzxr3b3jraw5nlmnvbsikiioud2vilw5.web-networking.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-883310175-2301833618-3775178469-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\blue_nature.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Intel(R) Wi-Fi 6E AX211 160MHz -> Netwtw14.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_winvfp: Microsoft Azure VFP Switch Filter Extension
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Leonvo Legion Startup"
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\StartupApproved\Run: => "LenovoVantageToolbar"
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\StartupApproved\Run: => "EADM"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A7A229E3-453F-4CFE-B419-A27746F42547}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C93B2620-AAF7-459A-BCDA-BA0A942BAE37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3626A231-9AB8-48CB-9886-F633352B134D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{44412741-8018-42D4-9544-02C2D5A1FFF4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{974071A5-6B4E-455A-9C02-76D30649F14C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{38966C86-0D8F-46FF-B0FB-22C829426203}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BA109632-9AF6-441F-8456-CFFF9686ED3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{4F947A10-B2BC-42D3-A42D-9BB85F4C8B40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{73AE1590-68BD-41C9-A6D6-DB328868C5D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{93816819-55A7-4D96-9817-1A820340750E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{ECFB596B-9B4C-460A-8765-A0271194FAA3}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [TCP Query User{551FAA35-F868-43B0-A06A-C90AE4021C66}C:\games\diablo iv\diablo iv.exe] => (Allow) C:\games\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{075A30CF-A2EE-4E81-8725-E41245CDA217}C:\games\diablo iv\diablo iv.exe] => (Allow) C:\games\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{67F4FFF5-0F60-42AF-B6ED-862FD2304F0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farthest Frontier\Farthest Frontier.exe () [File not signed]
FirewallRules: [{86B6D944-DBE8-401D-996D-A0D665A42004}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farthest Frontier\Farthest Frontier.exe () [File not signed]
FirewallRules: [TCP Query User{45D53749-C0D4-4233-BF39-33B5674FE494}C:\program files\ninjatrader 8\bin\ninjatrader.exe] => (Allow) C:\program files\ninjatrader 8\bin\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [UDP Query User{EF563D72-3E92-409C-A499-6BAA36AF392E}C:\program files\ninjatrader 8\bin\ninjatrader.exe] => (Allow) C:\program files\ninjatrader 8\bin\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [TCP Query User{62CC27E3-CCBE-4116-A25E-0DE0956D8874}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
FirewallRules: [UDP Query User{F1D18039-21AE-4424-84DB-CBCDB01FD211}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe => No File
FirewallRules: [{7EBA00DC-3071-4437-A3D9-0833F4EBA654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{F67D7E09-F495-4376-BC60-5F7B4362ACEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [TCP Query User{90E18148-86DC-43AB-9136-5764584720C2}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C231167B-8F94-4381-AF99-D4BE1AC339D8}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [{9BC034C9-ECCF-45DB-9C23-BD281880315F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{EF73B0D9-599A-4896-9DE9-9F0D9D5E5066}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{D4A990AD-FADD-4890-862C-7D69F261CA4F}C:\trading\strategie - ludva\anydesk.exe] => (Allow) C:\trading\strategie - ludva\anydesk.exe => No File
FirewallRules: [UDP Query User{D06C4E30-4497-4D53-B3DE-785E3A5D27C1}C:\trading\strategie - ludva\anydesk.exe] => (Allow) C:\trading\strategie - ludva\anydesk.exe => No File
FirewallRules: [TCP Query User{34548366-4F40-420A-994D-304AAA34B93E}C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe] => (Allow) C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe => No File
FirewallRules: [UDP Query User{C50BD535-EFB9-429A-99F4-8DA42F97D66A}C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe] => (Allow) C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe => No File
FirewallRules: [{4A0F6B8B-66F4-41AB-87CB-AE6FFC902A02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{880AF151-1F9A-43E8-9EA8-F1EF442E44A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{3F7618F4-0FC4-492D-9B1D-3B9D5DFD65FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{BFEEECB2-649D-48C4-AAAD-D710C33B6548}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F189053F-58F4-418F-BDBE-EB276E7E3709}] => (Allow) C:\Users\zdena\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{33794E6F-BA64-4E36-9F1C-3822E01671AA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1303.2943.2110_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A1E3544-0B2E-4B90-AFF7-8BF2A6E9FD1E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1303.2943.2110_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F91E8F9C-B4C0-4399-89A4-85F3041BB66C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A51E2329-3127-4F71-BDAF-60C84852D29F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3BC7552A-CAEE-4FB4-9226-5E288CCC9AFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0D0708FA-B373-4C33-AC9D-B590CC8B9A9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5DD19AA3-E4BC-4639-894B-B26FFAE2436E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9C6AE09F-8187-461E-8166-08F25783F68A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6C84A2D1-0DB7-43EF-9D0C-66756EFCADC1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3D5DC080-1A68-44E3-B143-0A9AE282603B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F1194EF8-1061-4A3C-8B1A-BFB3400103D9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3A283F9E-B537-43E0-927B-ED5A7544E5E2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9110E2ED-570C-44A5-99DD-202AE118396B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0FB5AA5C-A773-4509-9A05-3F4255B6D2CB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{12887D5C-4DB3-4298-9FFB-33C7B65C26EE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{14D8F82C-550E-4326-B59A-21BF1EC5FB25}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F10EFCA5-9249-4030-9CCB-5EAC813611F0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F553EC5C-1E9C-4466-8C37-4FAF3DA20D6B}] => (Allow) C:\Users\zdena\AppData\Roaming\ACEStream\engine\ace_engine.exe (Innovative Digital Technologies, LLC -> Innovative Digital Technologies, LLC)
FirewallRules: [{903EF35E-277A-44DC-BA41-64F03884CA29}] => (Allow) C:\Users\zdena\AppData\Roaming\ACEStream\engine\ace_engine.exe (Innovative Digital Technologies, LLC -> Innovative Digital Technologies, LLC)
FirewallRules: [{92E34A19-8067-4CB2-8C44-7F2A4BFC0549}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24243.1309.3132.617_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{320BAC25-B6C6-4559-9FB0-7253BB87A474}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24243.1309.3132.617_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDCC9318-016E-4C5C-ABE9-480C61C1659F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thronefall\Thronefall.exe () [File not signed]
FirewallRules: [{49C5C2BE-486D-45E5-BEFB-5AEBDA9A79EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thronefall\Thronefall.exe () [File not signed]
FirewallRules: [{7B355DED-EC83-4A46-8005-A05E172C6BEF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1F192128-4C08-467B-BE09-511F678ABDBD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BD9905B6-DFEE-4066-9A2E-85A372102D8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D607ED2A-54F2-4275-B8CD-8FBF3598B1A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2108C7C3-1F08-4BDF-9C1B-EEDD99407F63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DC6EFCC1-5D18-4DD4-88D1-B9C9F7D98694}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C59B6D6F-F8D5-4C2B-965A-1300B362B283}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2B088582-AD56-4AED-8EA9-99382AD783AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BAAE2637-824A-4A08-BF02-63182226F2FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{90ECEADE-AD84-415C-8635-07BA7C836D21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{233FE32C-6352-4F57-A863-3D2D3F693B14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B0EE9580-5034-4B51-90C0-E3122735D2BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.248.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

04-10-2024 11:11:34 Windows Update
07-10-2024 13:55:01 Windows Update
11-10-2024 11:53:54 Windows Update
11-10-2024 11:53:57 Windows Update

==================== Faulty Device Manager Devices ============

Name: Lenovo UEFI System Firmware 1.34
Description: Lenovo UEFI System Firmware 1.34
Class Guid: {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
Manufacturer: Lenovo Ltd.
Service:
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Universal Device Client Device
Description: Universal Device Client Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (10/06/2024 04:39:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (10/06/2024 04:39:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (10/06/2024 04:39:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (10/06/2024 04:39:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (10/01/2024 11:15:28 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 1.5.2.57673 programu Diablo IV.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (09/12/2024 10:37:31 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (09/12/2024 10:37:31 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (09/10/2024 10:39:56 PM) (Source: Application Error) (EventID: 1000) (User: INTERISTA)
Description: Název chybující aplikace: NahimicSvc64.exe, verze: 2.7.14.0, časové razítko: 0x650aa6cf
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.3733, časové razítko: 0x67ca8829
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000037d00
ID chybujícího procesu: 0x0x9028
Čas spuštění chybující aplikace: 0x0x1db03c196ce3f4e
Cesta k chybující aplikaci: C:\Windows\system32\NahimicSvc64.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 125ba4d3-2bd1-46b7-b9ca-64ded8a085ea
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/11/2024 12:14:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NKSQGP7F2NH-5319275A.WhatsAppDesktop.

Error: (10/10/2024 02:09:40 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby TrustedInstaller s argumenty Není k dispozici za účelem spuštění serveru:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (10/10/2024 12:42:58 PM) (Source: DCOM) (EventID: 10010) (User: INTERISTA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/09/2024 07:30:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.

Error: (10/08/2024 01:36:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NKSQGP7F2NH-5319275A.WhatsAppDesktop.

Error: (10/08/2024 11:10:45 AM) (Source: DCOM) (EventID: 10010) (User: INTERISTA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/08/2024 08:38:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (10/06/2024 05:12:11 PM) (Source: DCOM) (EventID: 10010) (User: INTERISTA)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================Event[0]

Date: 2023-10-05 21:16:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

Date: 2023-10-05 21:16:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

Date: 2023-10-05 21:16:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80090305
Popis chyby: Požadovaný balíček zabezpečení neexistuje.

Date: 2023-10-05 21:16:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2023-10-05 21:16:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

CodeIntegrity:
===============
Date: 2024-10-11 13:18:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267086177026850363\antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2024-10-11 12:15:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267086177026850363\antimalware_provider64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO M0CN33WW 08/07/2023
Motherboard: LENOVO LNVNB161216
Processor: 13th Gen Intel(R) Core(TM) i9-13900H
Percentage of memory in use: 51%
Total physical RAM: 32492.05 MB
Available physical RAM: 15866 MB
Total Virtual: 34540.05 MB
Available Virtual: 12304.64 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:951.65 GB) (Free:306.75 GB) (Model: SKHynix_HFS001TEJ9X115N) NTFS

\\?\Volume{3e140a03-1fa1-4eea-b8e0-d51e977df4be}\ (WINRE_DRV) (Fixed) (Total:1.95 GB) (Free:1.22 GB) NTFS
\\?\Volume{14aaad43-0351-48a4-8a50-298f8a54f833}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 061D73D3)

Partition: GPT.

==================== End of Addition.txt =======================




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31.07.2024
Ran by zdena (administrator) on INTERISTA (LENOVO 82Y3) (11-10-2024 13:17:53)
Running from C:\Users\zdena\OneDrive\Desktop\FRST64.exe
Loaded Profiles: zdena
Platform: Microsoft Windows 11 Pro Version 23H2 22631.4317 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Users\zdena\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.286\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\odscanui.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <2>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24091.88.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24091.88.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\MSTeams_24243.1309.3132.617_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.79\msedgewebview2.exe <12>
(C:\Users\zdena\AppData\Local\Discord\app-1.0.9166\Discord.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <85>
(C:\Users\zdena\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\zdena\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(C:\Users\zdena\AppData\Roaming\ACEStream\engine\ace_engine.exe ->) (Innovative Digital Technologies, LLC -> ) C:\Users\zdena\AppData\Roaming\ACEStream\updater\ace_update.exe
(Discord Inc. -> Discord Inc.) C:\Users\zdena\AppData\Local\Discord\app-1.0.9166\Discord.exe <6>
(DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_helper.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\FnHotkeyUtility.exe
(explorer.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe
(explorer.exe ->) (Innovative Digital Technologies, LLC -> Innovative Digital Technologies, LLC) C:\Users\zdena\AppData\Roaming\ACEStream\engine\ace_engine.exe
(explorer.exe ->) (SPOTWARE SYSTEMS LTD -> Spotware Systems Ltd.) C:\Users\zdena\AppData\Local\Spotware\cTrader\362be1be0d8dc2cb587c1c6753135785\cTrader.exe
(explorer.exe ->) (TradingView, Inc. -> TradingView, Inc.) C:\Program Files\WindowsApps\TradingView.Desktop_2.9.2.6491_x64__n534cwy3pjxzj\TradingView.exe <18>
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24243.1309.3132.617_x64__8wekyb3d8bbwe\ms-teams.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Get Aura Inc -> AnchorFree Inc.) C:\Program Files\Bitdefender\Bitdefender VPN\UnifiedSDK.Service\UnifiedSDK.Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_4a0efaf978352e5b\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dff0a14340935a1d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\AS\IAS\IntelAudioService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\lenovo\UDC\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\LenovoUtilityService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_d4bea506394bce7a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_8b8f1bcdf16553b6\RtkAudUService64.exe <2>
(services.exe ->) (Sunplus Innovation Technology Inc. -> Sunplus Innovation Technology Inc.) C:\Windows\System32\SpitCamSrv.exe
(services.exe ->) (Tobii AB -> ) C:\Windows\System32\DriverStore\FileRepository\lenovoyxx0.inf_amd64_295e04613a160957\platform_runtime_RGB_service.exe
(services.exe ->) (Tobii AB -> Tobii AB) C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\zdena\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24091.30.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.1.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2439.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_8b8f1bcdf16553b6\RtkAudUService64.exe [1643360 2023-02-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088232 2024-10-09] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [498592 2024-08-08] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [Leonvo Legion Startup] => C:\Program Files (x86)\Lenovo\Legion Accessory Central\legion_haw.exe [1264208 2022-06-16] (Lenovo -> Lenovo)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45125936 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Run: [Discord] => C:\Users\zdena\AppData\Local\Discord\Update.exe [1525016 2023-10-16] (Discord Inc. -> GitHub)
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36770792 2024-10-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3383912 2024-09-23] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Run: [MicrosoftEdgeAutoLaunch_9EE5D48440338D52526AFA83F727220C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3795008 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Run: [AceStream] => C:\Users\zdena\AppData\Roaming\ACEStream\engine\ace_engine.exe [96192 2024-07-09] (Innovative Digital Technologies, LLC -> Innovative Digital Technologies, LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-04] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {CB489BE7-BC74-44C1-ACD1-F3A292D0A35F} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.286\WatchDog.exe [1155888 2024-08-23] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.0.1.286\repair
Task: {EFB25175-998E-4A2B-869C-1F245FA45751} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {24FB846B-18C3-4AD9-AA8B-F638F11EC7C6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5937456 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "244f0ed9-a324-4d1b-bffa-d8299b24c33a" --version "6.28.11297" --silent
Task: {5F6197DE-20B9-489B-83CA-72D4B72AB26E} - System32\Tasks\CCleanerSkipUAC - zdena => C:\Program Files\CCleaner\CCleaner.exe [39012144 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {3C6AA9F4-EBD3-4F61-BEEF-AF718C098BB1} - System32\Tasks\G2MUpdateTask-S-1-5-21-883310175-2301833618-3775178469-1001 => C:\Users\zdena\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-05-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {D7A02CBC-310C-4CC8-8A91-0E4527653075} - System32\Tasks\G2MUploadTask-S-1-5-21-883310175-2301833618-3775178469-1001 => C:\Users\zdena\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-05-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3DC86D5A-92D1-48A3-AB73-A1407729CAEB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{F94C9B65-BB06-4326-B0F8-3C35D1E2476D} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {F312804C-3A3F-4919-BD1E-DA0A114CE014} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {33CA22C8-39E5-4120-BCCC-074F0BB455DA} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {09D0DCBC-B64C-49B3-936D-0684946B4CD4} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\Windows\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {4B13A43B-A167-468E-B9C6-1B37C8A4E043} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\449abe16-15b4-45c2-bf7f-6371a7b9fb29 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {D60E163C-B52B-401D-B6B7-A1F9D70E4F1A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\91b5e6a1-70f5-4343-b005-b34913004ea0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {69C1FB32-2053-4CDE-A48D-05F8B192AAE1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9dbc57c2-609c-4f60-be8d-af910ae08325 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {DAEF5344-74DF-4F2A-A380-8197E0836A35} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac9a0d24-6554-409d-a449-0a87aec1ede1 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {BA551981-808D-4938-9ADD-4F3C9B2F9C07} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\eed69f29-f689-4a0a-8e57-3cd9475371e6 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {B9B6185E-B539-4B2F-8373-622E59CDCBA1} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [1616808 2023-09-19] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {6C272D69-7D9E-48D3-8667-C4374C419747} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1548200 2023-09-19] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/QuarterlyLaunch
Task: {715AFBFC-A08A-4832-B3BB-8AD6F00E91F8} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1548200 2023-09-19] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {4852D5BE-B7C6-4DE1-B8E5-7A98D1D19F55} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {F97BC2F9-715C-4870-9303-D0498051D199} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\Windows\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [188656 2024-04-07] (Lenovo -> Lenovo Group Ltd.)
Task: {224A04EB-D379-4C31-9EE1-88194B9D9556} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {81C169DC-4BE0-474C-8288-02C0B3A90B61} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {2B38BC14-1AC5-4A45-A969-E50323331113} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {03A65B25-F6DC-4532-A5FC-CAA64DF93541} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {6B084317-207A-4813-9E00-05C77FBDE2B0} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {98D66E1E-F1C9-48B1-8821-6FEE4C0807CB} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {E7E90C54-F76D-4C09-A3E7-E4610F720955} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {32428504-ECE5-4F41-ADC3-675C75EEC6B7} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {4BED942F-D37C-4E8B-B3FB-EE8A7CDC0A81} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {D5D8B26B-9DBC-4932-BEF7-1DE916498E3C} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {A5BEF298-79FE-462C-9A2E-1234A756F0DF} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {2D59ECBA-0B52-4334-A663-98090302B4A4} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {A383EFAC-D630-4A32-B922-6F0EFE05E4F1} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {C3A780F4-AFB0-4147-8E8F-FCC70DC385D0} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {E119B4AB-DE73-4E88-A419-9AD57FB6B982} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {67E582D8-F501-4F6A-A0F9-85722B0E88E2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B67FD331-C5E8-4DBD-B94A-9796E1F4EEBD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA9BA0BF-9B15-4306-81AE-99D235E0BDDE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBC78B75-81D6-4ED5-8BA0-204B6E5CCBFF} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169656 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {D79709BF-C21E-467A-A6C2-28DBF30FF696} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1117352 ] (A-Volute SAS -> Nahimic)
Task: {57D8E5F6-3F16-41A1-B47A-C7613BFA4726} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1437352 ] (A-Volute SAS -> Nahimic)
Task: {0ABB82BE-15F5-444A-95CD-EE4D4E9F2641} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-15] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\-minimized
Task: {D0AFAFBD-50FC-47C3-8A0F-8270DF854355} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4BD60622-FDA9-4E01-BC28-DBAEF94F297D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {599126E5-1B7D-4C79-95B4-C7F0B25C649B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {3102663D-AD2B-4B8D-A985-3FD1FB79E90C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D726DF9F-A084-43AD-8179-6881AC2FB111} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {73485B4B-AC4E-442E-B528-537B1F6D386E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C7AF4F6-6E3C-4963-AA36-657FC472BF24} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91C1E53F-2A91-444C-AA07-5C0A6B04CD8B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17F887B2-87D0-48B4-A420-D3BFC3EB8443} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {459DAC5E-245D-4468-B839-F151CA26BC05} - System32\Tasks\XRiteColorAssistantStartup => C:\Program Files (x86)\X-Rite Color Assistant\XRiteColorAssistant.exe [7588408 2022-10-28] (X-Rite, Incorporated -> X-Rite, Inc)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-883310175-2301833618-3775178469-1001.job => C:\Users\zdena\AppData\Local\GoToMeeting\19992\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-883310175-2301833618-3775178469-1001.job => C:\Users\zdena\AppData\Local\GoToMeeting\19992\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ad044d97-50a9-49e3-9179-d6c7b6399c51}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ad044d97-50a9-49e3-9179-d6c7b6399c51}\94E647562796374716: [DhcpNameServer] 192.168.27.96

Edge:
=======
Edge Profile: C:\Users\zdena\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-11]
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\zdena\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2024-07-19]
Edge Extension: (Dokumenty Google offline) - C:\Users\zdena\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-06]
Edge Extension: (Edge relevant text changes) - C:\Users\zdena\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKU\S-1-5-21-883310175-2301833618-3775178469-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\zdena\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\zdena\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-10-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-883310175-2301833618-3775178469-1001: @acestream.net/acestreamplugin,version=3.2.6 -> C:\Users\zdena\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-883310175-2301833618-3775178469-1001: tdameritrade.com/thinkorswim -> C:\Users\zdena\AppData\Local\thinkorswim\npthinkorswim.dll [2023-10-19] (TD Ameritrade, Inc -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-883310175-2301833618-3775178469-1001: tdameritrade.com/tossc -> C:\Users\zdena\AppData\Local\thinkorswim\nptossc.dll [2023-10-19] (TD Ameritrade, Inc -> TD Ameritrade)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default [2024-10-11]
CHR DownloadDir: C:\Users\zdena\Downloads
CHR Notifications: Default -> hxxps://my.tastytrade.com; hxxps://www.fcinter1908.it; hxxps://www.tradingview.com; hxxps://www.youtube.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-07]
CHR Extension: (Wistia Video Downloader) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\acbiaofoeebeinacmcknopaikmecdehl [2024-07-30]
CHR Extension: (Video Downloader Professional) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2024-06-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-09]
CHR Extension: (Screen Recorder) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdopnakmnlnccgpfpmjmdjjohmcdgabp [2023-11-11]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2024-07-18]
CHR Extension: (Ace Script) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2024-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-05]
CHR Extension: (Video Downloader for vimeo.com - iVim) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohkbimokmodmcohpdliihfmhgclbmlcn [2024-09-12]
CHR Extension: (Vimeo™ Video Downloader Pro) - C:\Users\zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\penndbmahnpapepljikkjmakcobdahne [2024-07-01]
CHR HKU\S-1-5-21-883310175-2301833618-3775178469-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\UnifiedSDK.Service\UnifiedSDK.Service.exe [69128688 2024-06-14] (Get Aura Inc -> AnchorFree Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2573448 2024-09-28] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851648 2024-10-09] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851648 2024-10-09] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851648 2024-10-09] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2574864 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [851648 2024-10-09] (Bitdefender SRL -> Bitdefender)
R2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [512016 2024-08-08] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2024-01-10] (BattlEye Innovations e.K. -> )
R2 CameraEventService; C:\Windows\system32\SpitCamSrv.exe [206776 2023-10-17] (Sunplus Innovation Technology Inc. -> Sunplus Innovation Technology Inc.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
R2 dptftcs; C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_4a0efaf978352e5b\ipfsvc.exe [545432 2022-10-27] (Intel Corporation -> Intel Corporation)
S4 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [13960296 2024-09-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2024-01-09] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [990136 2023-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\AS\IAS\IntelAudioService.exe [530424 2023-08-31] (Intel Corporation -> Intel)
R2 ipfsvc; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe [3002464 2023-10-25] (Intel Corporation -> Intel Corporation)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\LenovoUtilityService.exe [178656 2024-08-21] (Lenovo -> Lenovo)
S4 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1909528 2024-05-16] (A-Volute SAS -> Nahimic)
R2 NativePushService; C:\Users\zdena\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595864 2024-03-20] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_d4bea506394bce7a\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [701808 2024-08-23] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530448 2024-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Tobii Service; C:\Program Files\Tobii\Tobii EyeX\Tobii.Service.exe [210856 2023-09-19] (Tobii AB -> Tobii AB)
R2 TobiiRGB; C:\Windows\System32\DriverStore\FileRepository\lenovoyxx0.inf_amd64_295e04613a160957\platform_runtime_RGB_service.exe [79259128 2023-10-15] (Tobii AB -> )
R2 UDCService; C:\Windows\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72432 2024-04-07] (Lenovo -> Lenovo Group Ltd.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291232 2024-10-09] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851648 2024-10-09] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\Windows\System32\DRIVERS\atc.sys [7505856 2024-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\Windows\system32\DRIVERS\bddci4.sys [933424 2024-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [24568 2023-11-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\Windows\system32\DRIVERS\bdprivmon.sys [49200 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [42432 2024-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 bdvpn_netfilter; C:\Windows\System32\drivers\bdvpn_netfilter.sys [94600 2021-09-16] (Pango Inc. -> Pango Inc)
R3 csaudio; C:\Windows\System32\DriverStore\FileRepository\csaudio.inf_amd64_9e9402676b564cdc\csaudio.sys [350672 2023-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 FBNetFilter; C:\Windows\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
R0 fse; C:\Windows\System32\drivers\fse.sys [218488 2024-09-12] (Microsoft Windows -> Microsoft Corporation)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1490896 2024-09-07] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-17] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-17] (Intel Corporation -> Intel Corporation)
S3 Ignisv2; C:\Windows\system32\DRIVERS\ignisv2.sys [849968 2024-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 ipf_acpi; C:\Windows\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_0bbfb278918dfdd5\ipf_acpi.sys [88160 2023-10-25] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_cpu.sys [85600 2023-10-25] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_lf.sys [484448 2023-10-25] (Intel Corporation -> Intel Corporation)
S3 logi_generic_hid_filter; C:\Windows\system32\drivers\logi_generic_hid_filter.sys [62288 2023-10-21] (Logitech Inc -> Logitech)
S3 logi_joy_hid_filter; C:\Windows\system32\drivers\logi_joy_hid_filter.sys [63824 2023-10-21] (Logitech Inc -> Logitech)
S3 logi_joy_hid_lo; C:\Windows\system32\drivers\logi_joy_hid_lo.sys [51536 2023-10-21] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2023-10-21] (Logitech Inc -> Logitech)
R3 NahimicBTLink; C:\Windows\System32\drivers\NahimicBTLink.sys [86200 2022-08-18] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NahimicXVAD; C:\Windows\System32\drivers\NahimicXVAD.sys [86216 2022-08-18] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-18] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [236696 2024-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rtux64w10; C:\Windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [629184 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [1403448 2024-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2023-11-16] (Microsoft Windows -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2024-07-01] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-10-11 13:17 - 2024-10-11 13:19 - 000044190 _____ C:\Users\zdena\OneDrive\Desktop\FRST.txt
2024-10-11 13:17 - 2024-10-11 13:18 - 000000000 ____D C:\FRST
2024-10-11 13:16 - 2024-10-11 13:16 - 002397184 _____ (Farbar) C:\Users\zdena\OneDrive\Desktop\FRST64.exe
2024-10-11 11:51 - 2024-10-11 11:51 - 000728588 _____ C:\Windows\system32\perfh005.dat
2024-10-11 11:51 - 2024-10-11 11:51 - 000152398 _____ C:\Windows\system32\perfc005.dat
2024-10-08 10:42 - 2024-10-08 10:42 - 000067700 _____ C:\Users\zdena\OneDrive\Desktop\fw8ben.pdf
2024-10-02 09:50 - 2024-10-02 09:50 - 000000000 ____D C:\Users\zdena\AppData\LocalLow\Grizzly Games
2024-10-02 09:48 - 2024-10-02 09:48 - 000000223 _____ C:\Users\zdena\OneDrive\Desktop\Thronefall.url
2024-10-01 21:24 - 2024-10-01 22:53 - 000000000 ___HD C:\_acestream_cache_
2024-10-01 21:24 - 2024-10-01 21:24 - 000000000 ____D C:\Users\zdena\AppData\Local\IDT
2024-10-01 21:23 - 2024-10-11 11:44 - 000000000 ____D C:\Users\zdena\AppData\Roaming\.ACEStream
2024-10-01 21:23 - 2024-10-01 21:23 - 000000000 ____D C:\Users\zdena\AppData\Local\pywebview
2024-10-01 21:22 - 2024-10-01 21:22 - 000000000 ____D C:\Users\zdena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
2024-10-01 21:22 - 2024-10-01 21:22 - 000000000 ____D C:\Users\zdena\AppData\LocalLow\.ACEStream
2024-10-01 21:21 - 2024-10-01 21:24 - 000000000 ____D C:\Users\zdena\AppData\Roaming\ACEStream
2024-10-01 08:38 - 2024-10-01 08:38 - 000000000 ____D C:\Users\zdena\AppData\Local\GoTo Opener
2024-09-23 13:17 - 2024-09-23 13:17 - 000000000 _____ C:\Users\zdena\OneDrive\Desktop\ZKOUSKA.txt
2024-09-19 21:18 - 2024-09-19 21:18 - 000090920 _____ C:\ProgramData\agent.update.1726773525.bdinstall.v2.bin
2024-09-19 19:29 - 2024-09-25 11:42 - 000000040 _____ C:\Users\zdena\OneDrive\Desktop\Nový Textový dokument.txt
2024-09-12 08:45 - 2024-09-06 05:43 - 000236696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpcf.sys
2024-09-12 08:45 - 2024-09-06 05:43 - 000121872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-09-12 08:42 - 2024-09-06 14:59 - 025312776 _____ C:\Windows\system32\nvidia-pcc.exe
2024-09-12 08:42 - 2024-09-06 14:59 - 002040680 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-09-12 08:42 - 2024-09-06 14:59 - 002040680 _____ C:\Windows\system32\vulkaninfo.exe
2024-09-12 08:42 - 2024-09-06 14:59 - 001584008 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-09-12 08:42 - 2024-09-06 14:59 - 001584008 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-09-12 08:42 - 2024-09-06 14:59 - 001446760 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-09-12 08:42 - 2024-09-06 14:59 - 001446760 _____ C:\Windows\system32\vulkan-1.dll
2024-09-12 08:42 - 2024-09-06 14:59 - 001296744 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-09-12 08:42 - 2024-09-06 14:59 - 001296744 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-09-12 08:42 - 2024-09-06 14:59 - 000477840 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-09-12 08:42 - 2024-09-06 14:59 - 000374280 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-09-12 08:42 - 2024-09-06 14:56 - 001079432 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-09-12 08:42 - 2024-09-06 14:56 - 000669816 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-09-12 08:42 - 2024-09-06 14:56 - 000505992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-09-12 08:42 - 2024-09-06 14:55 - 002178728 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-09-12 08:42 - 2024-09-06 14:55 - 001629304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-09-12 08:42 - 2024-09-06 14:55 - 001546896 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-09-12 08:42 - 2024-09-06 14:55 - 001202800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-09-12 08:42 - 2024-09-06 14:55 - 001034888 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-09-12 08:42 - 2024-09-06 14:55 - 000856696 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-09-12 08:42 - 2024-09-06 14:55 - 000797216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-09-12 08:42 - 2024-09-06 14:54 - 016199824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-09-12 08:42 - 2024-09-06 14:54 - 014270496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-09-12 08:42 - 2024-09-06 14:54 - 006914056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-09-12 08:42 - 2024-09-06 14:54 - 005349512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-09-12 08:42 - 2024-09-06 14:54 - 003788960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-09-12 08:42 - 2024-09-06 14:54 - 000461456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-09-12 08:42 - 2024-09-06 14:53 - 005910136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-09-12 08:42 - 2024-09-06 14:53 - 000853536 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-09-12 08:42 - 2024-09-06 14:52 - 007133648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-09-12 08:42 - 2024-09-06 14:52 - 006212848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-09-12 08:42 - 2024-09-06 05:43 - 000127247 _____ C:\Windows\system32\nvinfo.pb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-10-11 13:22 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-11 12:44 - 2023-10-23 13:49 - 000000000 ____D C:\Users\zdena\AppData\Local\Discord
2024-10-11 12:25 - 2023-06-29 00:03 - 000000000 ____D C:\ProgramData\NVIDIA
2024-10-11 12:14 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-11 12:14 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-10-11 11:52 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-10-11 11:51 - 2023-06-28 23:59 - 001719922 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-11 11:51 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-10-11 11:47 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2024-10-11 11:45 - 2023-10-23 13:49 - 000000000 ____D C:\Users\zdena\AppData\Roaming\discord
2024-10-11 11:44 - 2023-10-07 21:03 - 000000000 ____D C:\Program Files\CCleaner
2024-10-11 11:43 - 2023-10-06 09:37 - 000003108 _____ C:\Windows\system32\Tasks\NahimicTask32
2024-10-11 11:43 - 2023-10-06 09:37 - 000003088 _____ C:\Windows\system32\Tasks\NahimicTask64
2024-10-11 11:43 - 2022-05-25 21:05 - 000012288 ___SH C:\DumpStack.log.tmp
2024-10-11 11:43 - 2022-05-25 21:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-11 11:43 - 2022-05-25 21:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-11 11:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-10-10 14:09 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-10-10 14:08 - 2023-06-28 23:51 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-10-10 14:08 - 2022-05-25 21:05 - 000515256 _____ C:\Windows\system32\FNTCACHE.DAT
2024-10-10 14:07 - 2023-10-11 13:03 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-10-10 14:07 - 2022-05-07 08:10 - 000000000 ____D C:\Windows\system32\OpenSSH
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemApps
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\IME
2024-10-10 14:07 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-10-10 14:07 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-10-10 14:06 - 2023-10-05 21:38 - 000000000 ____D C:\Users\zdena\AppData\Local\Battle.net
2024-10-10 12:56 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-10-10 12:52 - 2022-05-25 21:08 - 003213312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-10-10 12:39 - 2023-10-05 21:37 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-10-10 12:21 - 2023-10-05 23:36 - 000000000 ____D C:\Windows\system32\MRT
2024-10-10 12:16 - 2023-10-05 23:36 - 201324920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-10-10 12:16 - 2023-10-05 19:13 - 000000000 ____D C:\Users\zdena\AppData\Local\D3DSCache
2024-10-09 21:41 - 2023-10-05 19:13 - 000000000 ____D C:\Users\zdena\AppData\Local\Packages
2024-10-09 19:21 - 2022-05-25 21:06 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-09 19:21 - 2022-05-25 21:06 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-08 10:30 - 2023-10-10 21:37 - 000000000 ____D C:\Users\zdena\AppData\Local\JxBrowser
2024-10-06 16:40 - 2022-05-07 07:17 - 000131072 _____ C:\Windows\system32\config\ELAM
2024-10-06 16:39 - 2023-10-07 21:04 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-10-06 16:33 - 2023-10-05 20:14 - 000000000 ____D C:\Program Files (x86)\Steam
2024-10-05 17:42 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-10-05 15:38 - 2022-05-25 21:06 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-04 08:39 - 2023-10-05 19:20 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-01 21:24 - 2024-05-18 11:30 - 000000000 ____D C:\Users\zdena\AppData\Local\cache
2024-10-01 11:09 - 2023-10-05 23:16 - 000000000 ____D C:\Users\zdena\OneDrive\Dokumenty\Diablo IV
2024-10-01 09:20 - 2024-05-13 09:30 - 000002235 _____ C:\Users\zdena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoTo.lnk
2024-10-01 09:19 - 2024-05-13 09:30 - 000000000 ____D C:\Users\zdena\AppData\Roaming\GoTo
2024-09-24 13:46 - 2024-07-20 09:50 - 000933424 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci4.sys
2024-09-24 13:46 - 2023-11-04 13:36 - 007505856 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2024-09-23 21:42 - 2024-05-18 11:29 - 000000000 ____D C:\ProgramData\EA Desktop
2024-09-23 10:36 - 2023-10-05 19:14 - 000000000 ____D C:\Users\zdena\AppData\Local\PlaceholderTileLogoFolder
2024-09-19 21:18 - 2023-11-04 13:31 - 000003846 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2024-09-19 21:18 - 2023-11-04 13:29 - 000000000 ____D C:\Program Files\Bitdefender Agent
2024-09-19 21:04 - 2023-10-25 21:44 - 000000000 ____D C:\Trading
2024-09-19 21:01 - 2023-10-07 21:04 - 000003380 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-09-19 21:01 - 2023-10-07 21:03 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-09-19 19:27 - 2022-05-25 21:06 - 000000000 ____D C:\ProgramData\Packages
2024-09-12 10:53 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-09-12 10:36 - 2023-06-29 00:42 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2024-09-12 10:36 - 2023-06-29 00:42 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-09-12 10:36 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-09-12 10:36 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\F12
2024-09-12 10:36 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\WUModels
2024-09-12 10:36 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-09-12 10:36 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-09-12 10:36 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2024-09-12 08:54 - 2023-10-05 19:13 - 000000000 ____D C:\Users\zdena\AppData\Local\NVIDIA
2024-09-12 08:53 - 2023-06-29 00:02 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5126]
AlternateDataStreams: C:\Users\zdena\OneDrive\Desktop\FRST64.exe:BDU [0]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FirewallRules: [{7EBA00DC-3071-4437-A3D9-0833F4EBA654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{F67D7E09-F495-4376-BC60-5F7B4362ACEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [TCP Query User{D4A990AD-FADD-4890-862C-7D69F261CA4F}C:\trading\strategie - ludva\anydesk.exe] => (Allow) C:\trading\strategie - ludva\anydesk.exe => No File
FirewallRules: [UDP Query User{D06C4E30-4497-4D53-B3DE-785E3A5D27C1}C:\trading\strategie - ludva\anydesk.exe] => (Allow) C:\trading\strategie - ludva\anydesk.exe => No File
FirewallRules: [TCP Query User{34548366-4F40-420A-994D-304AAA34B93E}C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe] => (Allow) C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe => No File
FirewallRules: [UDP Query User{C50BD535-EFB9-429A-99F4-8DA42F97D66A}C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe] => (Allow) C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {3DC86D5A-92D1-48A3-AB73-A1407729CAEB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{F94C9B65-BB06-4326-B0F8-3C35D1E2476D} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
ask: {D5D8B26B-9DBC-4932-BEF7-1DE916498E3C} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte do C:\Users\zdena\OneDrive\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Interista]

Fix result of Farbar Recovery Scan Tool (x64) Version: 31.07.2024
Ran by zdena (11-10-2024 17:14:05) Run:1
Running from C:\Users\zdena\OneDrive\Desktop
Loaded Profiles: zdena
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5126]
AlternateDataStreams: C:\Users\zdena\OneDrive\Desktop\FRST64.exe:BDU [0]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FirewallRules: [{7EBA00DC-3071-4437-A3D9-0833F4EBA654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{F67D7E09-F495-4376-BC60-5F7B4362ACEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [TCP Query User{D4A990AD-FADD-4890-862C-7D69F261CA4F}C:\trading\strategie - ludva\anydesk.exe] => (Allow) C:\trading\strategie - ludva\anydesk.exe => No File
FirewallRules: [UDP Query User{D06C4E30-4497-4D53-B3DE-785E3A5D27C1}C:\trading\strategie - ludva\anydesk.exe] => (Allow) C:\trading\strategie - ludva\anydesk.exe => No File
FirewallRules: [TCP Query User{34548366-4F40-420A-994D-304AAA34B93E}C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe] => (Allow) C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe => No File
FirewallRules: [UDP Query User{C50BD535-EFB9-429A-99F4-8DA42F97D66A}C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe] => (Allow) C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {3DC86D5A-92D1-48A3-AB73-A1407729CAEB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{F94C9B65-BB06-4326-B0F8-3C35D1E2476D} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
ask: {D5D8B26B-9DBC-4932-BEF7-1DE916498E3C} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\zdena\OneDrive\Desktop\FRST64.exe => ":BDU" ADS removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7EBA00DC-3071-4437-A3D9-0833F4EBA654}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F67D7E09-F495-4376-BC60-5F7B4362ACEC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D4A990AD-FADD-4890-862C-7D69F261CA4F}C:\trading\strategie - ludva\anydesk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D06C4E30-4497-4D53-B3DE-785E3A5D27C1}C:\trading\strategie - ludva\anydesk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{34548366-4F40-420A-994D-304AAA34B93E}C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C50BD535-EFB9-429A-99F4-8DA42F97D66A}C:\program files\epic games\callofthewildtheangler\cotwtheangler_egs.exe" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3DC86D5A-92D1-48A3-AB73-A1407729CAEB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DC86D5A-92D1-48A3-AB73-A1407729CAEB}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{F94C9B65-BB06-4326-B0F8-3C35D1E2476D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{F94C9B65-BB06-4326-B0F8-3C35D1E2476D}" => removed successfully
ask: {D5D8B26B-9DBC-4932-BEF7-1DE916498E3C} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 66229358 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1271145555 B
Windows/system/drivers => 10338626 B
Edge => 0 B
Chrome => 1519081954 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 38550 B
systemprofile32 => 38550 B
LocalService => 773920 B
NetworkService => 773920 B
zdena => 96622044 B

RecycleBin => 39133933438 B
EmptyTemp: => 39.2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-10-2024 17:17:29)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 17:17:29 ====

[Rudy]

Smazáno. Zrychlil se chod?

[Interista]

Ano, vypada ze ano...posílám na kávu. Děkuji.

[Rudy]

To jsem rád. Za příspěvek děkujeme a vy nemáte zač!