Zpomalený ntb
Napsal: 30 led 2025 18:49
Dobrý den.Poslední dobou se mi zdá ntb hodně zpomalený.Prosím o kontrolu logu .Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Ran by bek69 (administrator) on HP (HP HP Laptop 17-cn0xxx) (30-01-2025 18:40:28)
Running from C:\Users\bek69\OneDrive\Plocha\FRST64.exe
Loaded Profiles: bek69 & WsiAccount & miska
Platform: Microsoft Windows 11 Home Version 24H2 26100.3037 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\Intel Graphics Software\PresentMonService.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wps.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\promecefpluginhost.exe <2>
(C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\CurseForge.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\resources\app.asar.unpacked\plugins\curse\win\Curse.Agent.Host.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxEMN.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <4>
(explorer.exe ->) (Overwolf Ltd -> Overwolf) C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\CurseForge.exe <7>
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELAN_MOC_Service.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_1bfd060e625de086\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0db786bd9a6ade98\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_c39f1618966ba504\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_6\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (477B7FBA-7EF8-4233-86D2-322330786803 -> ) C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.39.0_x64__ffd303wmbhcjt\ArchiveObserver\ArchiveObserver.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24121.37.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2503.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wps.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wpscenter.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe [1987544 2024-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427816 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [7126312 2024-12-17] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-06-28] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [6676264 2025-01-19] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Intel® Graphics Software] => C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe [421072 2024-12-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [384808 2024-12-23] (Expressco Services LLC -> ExpressVPN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172920 2024-12-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45368112 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\bek69\AppData\Local\WhatsApp\Update.exe [2412768 2023-04-25] (WhatsApp LLC -> )
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [ut] => C:\Users\bek69\AppData\Roaming\uTorrent\uTorrent.exe [2720264 2023-03-11] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3380840 2024-07-23] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Discord] => C:\Users\bek69\AppData\Local\Discord\Update.exe [1526552 2024-06-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [71185152 2024-07-18] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\bek69\AppData\Local\Programs\Canva\Canva.exe [176670352 2024-09-30] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [electron.app.CurseForge] => C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\CurseForge.exe [182252984 2025-01-27] (Overwolf Ltd -> Overwolf)
HKU\S-1-5-21-4181327758-2871050509-626065469-1007\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [MicrosoftEdgeAutoLaunch_FFF8B8C68180963EF2A835E221829B73] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [Discord] => C:\Users\miska\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\miska\AppData\Local\Programs\Canva\Canva.exe [186748040 2024-11-25] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [AvastBrowserAutoLaunch_A28BB13CE862A0B70F5243088C772B2E] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\miska\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [83427384 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\miska\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\RunOnce: [Uninstall 23.081.0416.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miska\AppData\Local\Microsoft\OneDrive\23.081.0416.0001" [36864 2024-12-07] () [File not signed]
HKLM\...\Windows x64\Print Processors\HPM11M13PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM11M13PP.DLL [74240 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\WINDOWS\system32\mvtcpmon.dll [541184 2009-06-25] (Marvell Semiconductor, Inc.) [File not signed]
HKLM\...\Print\Monitors\HPM11M13LM: C:\WINDOWS\system32\HPM11M13LM.DLL [288768 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\131.0.27894.265\Installer\chrmstp.exe [2025-01-21] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\132.0.6834.160\Installer\chrmstp.exe [2025-01-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2C2DE322-309F-4C27-89E8-6FE81FF0CB10} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {1FB27D03-D96F-4D16-8AE3-BE4AF6CD5810} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8400680 2024-12-16] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {7F18DF67-D80D-4D88-A4B5-8439E7AADCEF} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [5979944 2025-01-19] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup" --configpath "C:\ProgramData\Avast Software\Cleanup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cle (the data entry has 53 more characters).
Task: {23988C63-8F42-46FC-A2F1-993946960053} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [8289064 2024-12-04] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {3E4C634A-0FDA-42BE-8CBE-E38564B5528D} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [5979944 2024-12-17] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater" --configpath "C:\ProgramData\Avast Software\Driver Updater" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramD (the data entry has 82 more characters).
Task: {7CF70557-CD79-46D8-9280-AE3759E961E1} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [8289064 2024-12-04] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {68334795-9A94-47E6-BE06-BF831BB93877} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5214504 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {832C47FC-80AA-4597-99AC-D6E7CB307C8D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {AA77236C-DA5E-4BAE-B9C5-DB3C4E07CA96} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [3327896 2025-01-08] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {60B44233-373E-418C-B83E-CE230A2159FF} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [3327896 2025-01-08] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {E8408181-F01C-4A6C-8E57-53ED2B077645} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4ACE6A6C-90D2-43E8-9911-EC4E07D32DAD} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-4181327758-2871050509-626065469-1001 => C:\Program Files\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1717416 2024-04-16] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {AFAADB24-7349-4AF0-8A61-4AE014E8ADB3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "0a381adc-b780-4592-894e-5008c842dbaa" --version "6.32.0.11432" --silent
Task: {F68DB64A-5DCE-4B49-B862-423BAD97484D} - System32\Tasks\CCleanerSkipUAC - bek69 => C:\Program Files\CCleaner\CCleaner.exe [39138608 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {385239AF-33CA-4F24-BB36-AE30E7179265} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {F4CE6DC4-E11E-4BA0-96C0-B8FDA7DBC5A8} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {34B956DC-AF86-496C-BCB9-3686BF328AC0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{E3F3B160-9DE2-4905-8528-FB14141E2ECF} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2025-01-27] (Google LLC -> Google LLC)
Task: {9DC6929C-8547-47E6-A67B-D2254297EA77} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{51EB39E6-1BFE-4BE2-9040-989D5389BC32} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {76B08F06-59A9-4F52-AB0C-616667C60B9C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6947.0{39641609-29F9-4309-B5DD-00C005D9FB84} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6947.0\updater.exe [5642336 2025-01-09] (Google LLC -> Google LLC)
Task: {333B6D11-606F-4737-9BBF-5582B1435AB5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {F912395D-FF4C-41CA-AD3B-06C9A906991B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {633A46AD-79E7-4055-9585-4BDF50C466BA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {9F33BA2D-319D-44FE-9E28-1179D678B8A2} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {8DE3433B-E7FE-49A3-866E-5597CC9D9689} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {2886CAAD-A64D-4B3D-B778-B742E09AA158} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {3B6B1AA7-2651-409F-8BE8-C8C1EABCA26F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {32168CBE-E83E-4FD1-AB84-56706F8B3105} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {DB7F4492-7BA3-4F53-B7F5-168CEF012B4F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {ADF68D9A-8D55-4DFF-A93B-9EF57AD0D753} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest => c:\Windows\System32\schtasks.exe [253952 2024-10-13] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
Task: {9477F558-8DEE-4302-9192-93B04AE8AFEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {486E13F7-BAFA-41D3-BC8C-F2BD7383213F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2024-12-17] (HP Inc. -> HP Inc.)
Task: {3C8C00EA-BB69-4397-9BD4-ABED45540B01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231944 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {D0114D00-F94B-439E-B9C3-F3FA7AB45C9D} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [102400 2024-10-13] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {352B3328-0BD2-43B0-B309-82F8BE7AF4D8} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-18] (HP Inc. -> HP Inc.)
Task: {929217E4-1B61-450A-8346-EE8F5BD6DE5C} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-18] (HP Inc. -> HP Inc.)
Task: {056E93B9-C5B0-4F40-854A-38A55506F421} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {4082FB95-AECB-47EB-BC36-F3D06B5C2907} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4983528 2024-08-02] (Intel Corporation -> Intel Corporation)
Task: {4503CB9E-B521-41A7-B06B-BAFC5D341031} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4983528 2024-08-02] (Intel Corporation -> Intel Corporation)
Task: {0B5265D7-0009-4C8B-9F28-2CE0B81B4F4B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F73EA8BE-23B5-4A51-929A-D85D657666CF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4565048 2024-01-23] (McAfee, LLC -> McAfee, LLC)
Task: {7ED45254-D1B0-44E6-9C3A-5AA115AB382C} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.117\DADUpdater.exe [4098112 2024-05-22] (McAfee, LLC -> McAfee, LLC)
Task: {B9D64E5C-AE68-4FD5-815E-544F363262D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {75D164DD-79A1-42A6-B973-610B809CD473} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {E58C4170-F509-41BB-9AA3-42BD0DD873C1} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC)
Task: {A2B06606-FA6E-40DB-9A6C-798AF470E81E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9E742B8-954C-43F2-A66A-4B5010C618B5} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [67304 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3533800-E115-4147-91D0-FB661F6A0A15} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E6FEAF3-A21A-40FC-94EE-3C8FEF453B75} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311416 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E1D2CE6-398A-42CD-B02A-31774D6F8520} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311416 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9335620-4479-47D0-A745-A52323E77D0F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [192144 2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {9B09E479-5908-4FA0-A75D-2F3B967BD23F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {366F5195-F81B-4E00-AEE8-500793EC9ABB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {8A74A216-A52E-40B5-855B-45B55F8FAD53} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {89B480A4-78B9-459D-8377-50B6531D3561} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator => C:\WINDOWS\system32\UIEOrchestrator.exe [336816 2025-01-30] (Microsoft Windows -> )
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A9550A20-1338-4CBD-80EE-A660E177D940} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {73AB78DC-6B60-4EDB-BC6E-3896504F3394} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4181327758-2871050509-626065469-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {6CD3DF73-1831-4F31-8217-BF1869E21D92} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {A2796A1D-176B-4254-8AE9-F2F63166D3E6} - System32\Tasks\Outbyte\PC Repair\CrashCheck => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /Crash <==== ATTENTION
Task: {9FDC11C1-536D-46A4-A4EA-5801B9F59D25} - System32\Tasks\Outbyte\PC Repair\DailyTip => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DailyTip <==== ATTENTION
Task: {1942090B-B656-41CF-B51B-0E616C22AA0F} - System32\Tasks\Outbyte\PC Repair\DiskCleaner1 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner1 <==== ATTENTION
Task: {F3CF16B5-67B9-49EB-A9FF-AC4EB9B72BCD} - System32\Tasks\Outbyte\PC Repair\DiskCleaner2 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner2 <==== ATTENTION
Task: {7651CBF4-BD33-4E8E-8C64-105C5AB5DA45} - System32\Tasks\Outbyte\PC Repair\HomePage => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /HomePage <==== ATTENTION
Task: {7597F9C2-4CF0-402F-A99B-C9ECC7A247F2} - System32\Tasks\Outbyte\PC Repair\MSExploit => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /MSExploit <==== ATTENTION
Task: {1B8EC3DD-9D13-470F-B8CA-F545C7E65E72} - System32\Tasks\Outbyte\PC Repair\NewDeceptors => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /NewDeceptors <==== ATTENTION
Task: {28202424-67AF-4762-AFE4-33E9A08EF03E} - System32\Tasks\Outbyte\PC Repair\ScanResults => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /AllResults <==== ATTENTION
Task: {F97FA40E-F08F-4D83-A840-9BC278D7E2A6} - System32\Tasks\Outbyte\PC Repair\SecurityBreach => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /SecurityBreach <==== ATTENTION
Task: {8374EDB5-D0BA-443E-A5EB-F17A74C325D3} - System32\Tasks\Outbyte\PC Repair\WeakPassword => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /WeakPassword <==== ATTENTION
Task: {DA16354C-8F17-4469-A4E4-EF823F0E9004} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {E376A3AC-AA96-426D-AC9B-FED7D778D712} - System32\Tasks\WpsExternal_bek69_20250115154722 => C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wpscloudsvr.exe [936832 2025-01-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {676B86A5-BC99-4458-B2D3-28B480B58D31} - System32\Tasks\WpsUpdateTask_bek69 => C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wpsupdate.exe [1681792 2025-01-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.90.1
Tcpip\..\Interfaces\{be84a2cd-26d4-4844-82c6-0c3255580064}: [DhcpNameServer] 192.168.90.1
Tcpip\..\Interfaces\{be84a2cd-26d4-4844-82c6-0c3255580064}\34A5E4564764275656B42716D6E6972374: [DhcpNameServer] 192.168.90.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-19]
Edge Extension: (Google Docs Offline) - C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-23]
Edge Extension: (Edge relevant text changes) - C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-01]
Edge Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjdgandcagmikhlbjnilkmfnjeamfikk [2024-12-30]
Edge HKU\S-1-5-21-4181327758-2871050509-626065469-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [mjdgandcagmikhlbjnilkmfnjeamfikk]
FireFox:
========
FF DefaultProfile: 6fm9s7cy.default
FF ProfilePath: C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\6fm9s7cy.default [2021-10-21]
FF ProfilePath: C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release [2025-01-30]
FF DownloadDir: C:\Users\bek69\OneDrive\Plocha
FF Homepage: Mozilla\Firefox\Profiles\01magi4y.default-release -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\01magi4y.default-release -> is enabled.
FF Extension: (Ferrari Logo) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{41e1753e-d439-4a0b-bc7a-c8d1d7297715}.xpi [2021-10-21]
FF Extension: (Ferrari Carbon Fiber) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{571cebb9-5e8c-4055-b6df-11630de4322b}.xpi [2021-10-21]
FF Extension: (Ferrari Red Logo) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{8893ca9c-749f-4fe2-b7b6-bd8111583bf4}.xpi [2021-10-21]
FF Extension: (Scuderia Ferrari F1) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{bf3d0394-da43-40fb-9542-0f40922058d5}.xpi [2021-10-21]
FF Extension: (No Name) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-18]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @java.com/DTPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\dtplugin\npDeployJava1.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\plugin2\npjp2.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-01-20] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1651.5\npCCleanerBrowserUpdate3.dll [2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1651.5\npCCleanerBrowserUpdate3.dll [2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3 [2025-01-30]
CHR Extension: (Torrent Scanner) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-15]
CHR Extension: (FlipClock) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\copjokjinhlflggeifkidlmodfepbpgl [2023-09-23]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2024-12-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-20]
CHR Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kdpelmjpfafjppnhbloffcjpeomlnpah [2025-01-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-23]
CHR Extension: (Hesla na iCloudu) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2024-11-08]
CHR Profile: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4 [2025-01-19]
CHR Extension: (Torrent Scanner) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-18]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-01-18]
CHR Extension: (Google Docs Offline) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-18]
CHR Profile: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\System Profile [2025-01-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-4181327758-2871050509-626065469-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4181327758-2871050509-626065469-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kdpelmjpfafjppnhbloffcjpeomlnpah]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
OPR Profile: C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable [2025-01-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-06-07]
OPR Extension: (Opera Wallet) - C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-06-07]
OPR Extension: (Opera AI Prompts) - C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-06-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7381288 2024-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [778536 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2372904 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1229608 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-21] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15747368 2024-04-19] (BattlEye Innovations e.K. -> )
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\131.0.27894.265\elevation_service.exe [1910112 2025-01-08] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18960168 2025-01-19] (Avast Software s.r.o. -> Gen Digital Inc.)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13572312 2025-01-03] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [17099048 2024-12-17] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [47000 2024-11-25] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [330136 2024-11-25] (Intel Corporation -> Intel)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [16452200 2024-07-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [965872 2024-11-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 ELAN_MOC_Service; C:\WINDOWS\System32\ELAN_MOC_Service.exe [257128 2024-08-13] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
S3 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [475680 2023-04-14] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe [887904 2024-12-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe [886392 2024-12-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe [882296 2024-12-10] (HP Inc. -> HP Inc.)
S3 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-15] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [128272 2016-03-30] (Hewlett-Packard Company -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe [887392 2024-12-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_c39f1618966ba504\AS\IAS\IntelAudioService.exe [532960 2024-12-11] (Intel Corporation -> Intel)
R2 IntelGraphicsSoftwareService; C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [289280 2024-12-20] (Intel Corporation) [File not signed]
S3 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2025-01-29] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-09-11] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-24] (McAfee, LLC -> McAfee, LLC)
R3 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe [2726312 2020-08-13] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1745400 2020-08-14] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4356880 2020-10-20] (McAfee, LLC -> McAfee, LLC)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9705560 2024-06-28] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3174840 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [133592 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1056000 2021-10-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235088 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [383056 2025-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296016 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84560 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2024-11-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275024 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [550992 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [98360 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69712 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [955960 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1424952 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204344 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381488 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2024-12-23] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [41976 2024-09-13] (Expressco Services LLC -> ExpressVPN)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-25] (McAfee, LLC -> McAfee, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-07-19] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1560280 2023-12-13] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88776 2022-06-22] (Intel Corporation -> Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [40415320 2024-06-27] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [55856 2024-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [594304 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [105856 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-10-13] (Microsoft Windows -> Microsoft Corporation)
U3 aswArDisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-30 18:40 - 2025-01-30 18:41 - 000062214 _____ C:\Users\bek69\OneDrive\Plocha\FRST.txt
2025-01-30 18:39 - 2025-01-30 18:41 - 000000000 ____D C:\FRST
2025-01-30 18:37 - 2025-01-30 18:37 - 002403328 _____ (Farbar) C:\Users\bek69\OneDrive\Plocha\FRST64.exe
2025-01-30 17:58 - 2025-01-30 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2025-01-30 11:20 - 2025-01-30 11:20 - 000777646 _____ C:\WINDOWS\system32\perfh005.dat
2025-01-30 11:20 - 2025-01-30 11:20 - 000186616 _____ C:\WINDOWS\system32\perfc005.dat
2025-01-30 11:16 - 2025-01-30 11:16 - 000586728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-30 10:08 - 2025-01-30 16:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-01-29 11:53 - 2025-01-29 12:55 - 000000000 ___RD C:\Users\bek69\OneDrive\Plocha\Nová složka
2025-01-26 19:07 - 2025-01-26 19:07 - 000000000 ____D C:\ProgramData\Origin
2025-01-25 16:20 - 2025-01-25 16:20 - 000000000 ____D C:\Users\bek69\AppData\LocalLow\DDTNL
2025-01-25 10:34 - 2025-01-25 10:34 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Sun
2025-01-25 10:33 - 2025-01-25 10:34 - 000000000 ____D C:\Program Files\Java
2025-01-25 10:33 - 2025-01-25 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2025-01-25 10:33 - 2024-12-04 08:34 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2025-01-22 02:03 - 2025-01-25 10:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-21 15:03 - 2025-01-21 15:03 - 000000000 ____D C:\Users\bek69\AppData\Local\Sentry
2025-01-21 14:42 - 2025-01-21 14:42 - 000001750 _____ C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3k sims dump (Paradise Sims).lnk
2025-01-21 08:26 - 2025-01-13 12:30 - 000753976 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2025-01-21 08:26 - 2025-01-13 12:30 - 000640296 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 002098000 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 002098000 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 002021720 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 001656144 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 001656144 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 001445720 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 001288000 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 000783160 _____ C:\WINDOWS\system32\ze_loader.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 000543544 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 000409920 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2025-01-21 08:25 - 2025-01-13 12:28 - 000945552 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2025-01-21 08:25 - 2025-01-13 12:20 - 000322104 _____ C:\WINDOWS\system32\ControlLib.dll
2025-01-21 08:25 - 2025-01-13 12:20 - 000269416 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2025-01-20 16:15 - 2025-01-20 16:15 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-01-19 16:00 - 2025-01-19 16:00 - 000002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk
2025-01-19 13:00 - 2025-01-19 13:02 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2025-01-19 11:20 - 2025-01-19 12:28 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2025-01-19 11:02 - 2025-01-19 11:02 - 000000000 ____D C:\Users\Default\AppData\Local\HP
2025-01-15 15:47 - 2025-01-30 12:06 - 000003054 _____ C:\WINDOWS\system32\Tasks\WpsExternal_bek69_20250115154722
2025-01-15 15:47 - 2025-01-30 12:06 - 000002626 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_bek69
2025-01-15 15:47 - 2025-01-15 15:47 - 000002449 _____ C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office.lnk
2025-01-15 12:43 - 2025-01-15 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2025-01-13 13:05 - 2025-01-13 13:05 - 000201513 _____ C:\Users\bek69\OneDrive\Plocha\09024 Tomáš Kramný T6.pdf
2025-01-05 11:57 - 2025-01-05 11:57 - 068131968 _____ C:\Users\bek69\OneDrive\Plocha\m2033-upd2cz.rar
2025-01-02 17:50 - 2025-01-02 17:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-01-02 17:50 - 2025-01-02 17:50 - 000000000 ____D C:\Program Files\Bloxshade
2025-01-02 17:48 - 2025-01-02 17:48 - 000000000 ____D C:\Users\bek69\AppData\Local\com.bloxshade.tauri
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-30 18:42 - 2024-06-24 16:10 - 000000000 ____D C:\Users\bek69\AppData\Local\Discord
2025-01-30 18:42 - 2023-07-14 10:45 - 000000000 ____D C:\Users\bek69\AppData\Roaming\discord
2025-01-30 18:41 - 2024-06-24 16:10 - 000002256 _____ C:\Users\bek69\OneDrive\Plocha\Discord.lnk
2025-01-30 18:30 - 2024-12-08 01:00 - 000000000 ____D C:\Users\bek69\AppData\Roaming\CurseForge
2025-01-30 18:28 - 2024-10-13 08:10 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-01-30 18:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-30 18:19 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-30 18:15 - 2024-10-13 08:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-30 16:16 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-30 12:06 - 2024-12-07 18:15 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4181327758-2871050509-626065469-1008
2025-01-30 12:06 - 2024-12-07 18:15 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4181327758-2871050509-626065469-1008
2025-01-30 12:06 - 2024-10-13 08:10 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-01-30 12:06 - 2024-10-13 08:10 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2025-01-30 12:06 - 2024-10-13 08:10 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-01-30 12:06 - 2024-10-13 08:10 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2025-01-30 12:06 - 2024-10-13 08:10 - 000003092 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2025-01-30 12:06 - 2024-10-13 08:10 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2025-01-30 12:06 - 2024-10-13 08:10 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-01-30 12:06 - 2024-10-13 08:10 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2025-01-30 12:06 - 2024-10-13 08:10 - 000002820 _____ C:\WINDOWS\system32\Tasks\CCleanerBrowserProtectS-1-5-21-4181327758-2871050509-626065469-1001
2025-01-30 12:06 - 2024-10-13 08:10 - 000002788 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-01-30 12:06 - 2024-10-13 08:10 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2025-01-30 12:06 - 2024-10-13 08:10 - 000002610 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2025-01-30 12:06 - 2024-10-13 08:10 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2025-01-30 12:06 - 2024-10-13 08:10 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - bek69
2025-01-30 12:06 - 2024-10-13 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-01-30 12:06 - 2022-10-01 07:25 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-01-30 11:48 - 2023-03-11 12:10 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-30 11:47 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-01-30 11:20 - 2024-10-13 08:06 - 001884928 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-30 11:19 - 2022-02-12 09:16 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-30 11:18 - 2021-10-21 12:30 - 000000000 ____D C:\Users\bek69\AppData\Local\WhatsApp
2025-01-30 11:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-30 11:17 - 2021-10-21 09:54 - 000000000 __SHD C:\Users\bek69\IntelGraphicsProfiles
2025-01-30 11:16 - 2024-10-13 08:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-30 11:16 - 2024-10-13 08:05 - 000006278 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-01-30 11:16 - 2021-10-21 10:51 - 000000000 ____D C:\ProgramData\Avast Software
2025-01-30 11:16 - 2021-06-20 12:58 - 000000000 ____D C:\Intel
2025-01-30 11:16 - 2020-05-06 09:58 - 000012288 ___SH C:\DumpStack.log.tmp
2025-01-30 11:15 - 2024-10-13 08:00 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-01-30 11:15 - 2024-04-01 08:21 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2025-01-30 11:15 - 2021-10-21 16:08 - 000000000 ____D C:\Program Files\CCleaner
2025-01-30 11:14 - 2024-10-13 08:55 - 000000000 ____D C:\WINDOWS\InboxApps
2025-01-30 11:14 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-01-30 11:14 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-01-30 11:14 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-01-30 11:14 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-01-30 10:19 - 2021-11-08 17:17 - 000000000 ____D C:\Program Files (x86)\Steam
2025-01-30 10:19 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Teams
2025-01-30 10:19 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\hpqLog
2025-01-30 10:19 - 2021-10-21 15:54 - 000000000 ____D C:\Users\bek69\AppData\Local\CrashDumps
2025-01-30 10:19 - 2021-10-21 12:30 - 000000000 ____D C:\Users\bek69\AppData\Local\SquirrelTemp
2025-01-30 10:02 - 2024-10-13 08:03 - 003334656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-30 03:13 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-27 11:03 - 2024-10-13 08:02 - 000000000 ____D C:\Users\bek69
2025-01-26 18:37 - 2021-10-21 10:52 - 000000000 ____D C:\Users\bek69\AppData\Local\Avast Software
2025-01-26 18:36 - 2021-02-05 08:23 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-26 14:07 - 2021-10-21 13:26 - 000000000 ____D C:\Users\bek69\OneDrive\Dokumenty\Electronic Arts
2025-01-25 16:20 - 2024-12-15 17:37 - 000001404 _____ C:\Users\bek69\OneDrive\Plocha\Roblox Player.lnk
2025-01-25 16:20 - 2023-03-21 15:38 - 000000000 ____D C:\Users\bek69\OneDrive\Plocha\Míša hry
2025-01-25 16:20 - 2022-09-05 16:06 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2025-01-25 16:19 - 2024-12-15 17:37 - 000001232 _____ C:\Users\bek69\OneDrive\Plocha\Roblox Studio.lnk
2025-01-25 10:37 - 2024-10-01 07:08 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-01-25 10:03 - 2024-04-01 08:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-01-25 10:01 - 2021-10-21 10:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-25 08:49 - 2021-10-21 09:54 - 000000000 ____D C:\Users\bek69\AppData\Local\D3DSCache
2025-01-23 08:43 - 2024-10-13 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-01-23 08:43 - 2021-10-21 10:12 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-22 11:37 - 2024-12-08 01:00 - 000000000 ____D C:\Users\bek69\AppData\Local\curseforge-updater
2025-01-21 13:53 - 2024-03-18 19:53 - 000002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2025-01-21 13:53 - 2024-03-18 19:48 - 000000000 ____D C:\Program Files\CCleaner Browser
2025-01-21 11:50 - 2021-10-21 09:54 - 000000000 ____D C:\Users\bek69\AppData\Local\Packages
2025-01-21 10:40 - 2024-06-02 14:31 - 000002421 _____ C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic (work or school).lnk
2025-01-21 08:46 - 2024-04-14 16:24 - 000000130 _____ C:\Users\bek69\AppData\LocalLow\7107d4cac2bc4428fa0187dfd88ac646a0a936ba0c71f8a4e27055a4333f4375
2025-01-21 08:39 - 2023-10-01 17:54 - 000000130 _____ C:\Users\bek69\AppData\LocalLow\a8b141efd5a28a0535a4b1cef38c232052f69977de70ef5ac15dddb5a77f531f
2025-01-21 08:38 - 2023-10-01 17:54 - 000005855 _____ C:\Users\bek69\AppData\LocalLow\183fe6247284088bf5e3cb9f4cf38746039fa07f000070dabdfab908a343a64e
2025-01-21 08:28 - 2023-05-01 18:46 - 000000000 ____D C:\Program Files\Intel
2025-01-21 08:27 - 2024-04-14 16:24 - 000005874 _____ C:\Users\bek69\AppData\LocalLow\6d1a0d74b8983cab26a68cd0cdace1fb63918ce4f5f6aeaeeefb13009d6d5154
2025-01-20 16:15 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-20 16:15 - 2021-06-20 12:03 - 000000000 ____D C:\ProgramData\Packages
2025-01-20 16:15 - 2021-02-05 08:36 - 000000000 ____D C:\Program Files\Microsoft Office
2025-01-19 16:01 - 2021-06-20 12:10 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-19 16:00 - 2021-06-20 12:10 - 000000000 ____D C:\ProgramData\ExpressVPN
2025-01-19 16:00 - 2021-06-20 12:10 - 000000000 ____D C:\Program Files (x86)\ExpressVPN
2025-01-19 15:58 - 2021-10-21 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-01-19 15:40 - 2024-10-11 17:09 - 000000000 ___DC C:\WINDOWS\Panther
2025-01-19 15:40 - 2023-12-26 10:32 - 000000000 ____D C:\Users\bek69\AppData\Roaming\EasyAntiCheat
2025-01-19 15:40 - 2023-03-10 10:14 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Winamp
2025-01-19 15:40 - 2022-09-03 14:06 - 000000000 ____D C:\Users\bek69\AppData\Roaming\.minecraft
2025-01-19 15:40 - 2022-08-24 19:39 - 000000000 ____D C:\Users\bek69\OneDrive\Dokumenty\The Witcher 3
2025-01-19 15:40 - 2021-10-21 18:25 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Skype
2025-01-19 15:40 - 2021-10-21 18:25 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Windows Photo Viewer
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Office
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\MMC
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\HTML Help
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\HpUpdate
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\dvdcss
2025-01-19 15:40 - 2021-10-21 18:22 - 000000000 ____D C:\Users\bek69\AppData\Local\PokerStars.CZ
2025-01-19 15:40 - 2021-10-21 13:26 - 000000000 ____D C:\Users\bek69\OneDrive\Dokumenty\Add-in Express
2025-01-19 15:40 - 2021-10-21 12:30 - 000000000 ____D C:\Users\bek69\AppData\Roaming\WhatsApp
2025-01-19 15:40 - 2021-10-21 12:28 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Skype for Desktop
2025-01-19 15:39 - 2021-10-21 18:21 - 000000000 ____D C:\Users\bek69\AppData\Local\messengerfordesktop-updater
2025-01-19 13:00 - 2021-10-21 10:52 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Avast Software
2025-01-19 12:59 - 2021-10-21 10:51 - 000000000 ____D C:\Program Files\Avast Software
2025-01-19 12:28 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-01-19 11:21 - 2024-12-07 18:13 - 000000000 ____D C:\Users\miska
2025-01-19 11:21 - 2024-12-07 18:09 - 000000000 ____D C:\Users\WsiAccount
2025-01-19 11:21 - 2024-10-13 08:02 - 000000000 ____D C:\Users\defaultuser100001
2025-01-19 11:21 - 2024-10-13 08:02 - 000000000 ____D C:\Users\defaultuser100000
2025-01-19 11:02 - 2021-02-05 08:33 - 000000000 ____D C:\Program Files\HP
2025-01-18 20:21 - 2023-10-11 16:39 - 000532958 _____ C:\Users\bek69\AppData\LocalLow\7bc5ee1f183e0e9cedb3a29f601ea14859c00f53dee857e6b51415c656d32a7f
2025-01-16 10:40 - 2024-12-05 17:00 - 000002264 _____ C:\Users\bek69\AppData\LocalLow\DeviceId=9A49_DeviceRevisionId=0001_DevicePciAddr=0.2.0_AppName=Spotify=_ApiClient=D3D12
2025-01-16 10:40 - 2023-10-11 16:39 - 000000130 _____ C:\Users\bek69\AppData\LocalLow\dfd8e4de2c43a69910ea1b6aa9c232836b2a22bfe407f70e53f2ee2cc540db02
2025-01-15 16:32 - 2024-12-06 13:57 - 000002264 _____ C:\Users\bek69\AppData\LocalLow\DeviceId=9A49_DeviceRevisionId=0001_DevicePciAddr=0.2.0_AppName=RuntimeBroker=_ApiClient=D3D12
2025-01-15 15:47 - 2021-12-28 10:42 - 000002553 _____ C:\Users\bek69\OneDrive\Plocha\WPS PDF.lnk
2025-01-15 12:55 - 2023-10-01 18:09 - 000008103 _____ C:\Users\bek69\AppData\LocalLow\abdfbee3f482f410934d1e17c2f7f6fa1d3b379b2a07284ffda6ea337445c922
2025-01-15 12:55 - 2023-10-01 18:09 - 000000026 _____ C:\Users\bek69\AppData\LocalLow\6bdad7e2b2f0e006a1b2964609240b6498c71fd5a1aeb1e97866f9a43779a743
2025-01-15 12:46 - 2021-10-21 10:51 - 000383056 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2025-01-15 12:41 - 2024-12-22 13:28 - 000316200 ____N (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-01-15 12:41 - 2022-07-14 07:35 - 000053048 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-01-15 12:21 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-15 10:02 - 2021-10-21 11:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-15 01:31 - 2023-10-01 17:49 - 000000000 ____D C:\Program Files\dotnet
2025-01-15 01:23 - 2021-10-21 11:08 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-10 20:49 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-01-02 17:59 - 2023-12-26 10:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
==================== Files in the root of some directories ========
2022-04-19 08:22 - 2022-04-19 08:22 - 000001540 _____ () C:\Users\bek69\AppData\Roaming\Microsoft\a03f15a4-e4c1-46a5-9ae6-e1700863d8af.tmp
2021-10-21 18:20 - 2020-06-03 17:10 - 000000000 _____ () C:\Users\bek69\AppData\Local\oobelibMkey.log
2021-10-21 18:20 - 2018-06-22 07:50 - 000000855 _____ () C:\Users\bek69\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Ran by bek69 (administrator) on HP (HP HP Laptop 17-cn0xxx) (30-01-2025 18:40:28)
Running from C:\Users\bek69\OneDrive\Plocha\FRST64.exe
Loaded Profiles: bek69 & WsiAccount & miska
Platform: Microsoft Windows 11 Home Version 24H2 26100.3037 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\Intel Graphics Software\PresentMonService.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wps.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\promecefpluginhost.exe <2>
(C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\CurseForge.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\resources\app.asar.unpacked\plugins\curse\win\Curse.Agent.Host.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxEMN.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <4>
(explorer.exe ->) (Overwolf Ltd -> Overwolf) C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\CurseForge.exe <7>
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELAN_MOC_Service.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_1bfd060e625de086\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0db786bd9a6ade98\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_c39f1618966ba504\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_6\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (477B7FBA-7EF8-4233-86D2-322330786803 -> ) C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.39.0_x64__ffd303wmbhcjt\ArchiveObserver\ArchiveObserver.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24121.37.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2503.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wps.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wpscenter.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe [1987544 2024-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427816 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [7126312 2024-12-17] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-06-28] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [6676264 2025-01-19] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Intel® Graphics Software] => C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe [421072 2024-12-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [384808 2024-12-23] (Expressco Services LLC -> ExpressVPN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172920 2024-12-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45368112 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\bek69\AppData\Local\WhatsApp\Update.exe [2412768 2023-04-25] (WhatsApp LLC -> )
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [ut] => C:\Users\bek69\AppData\Roaming\uTorrent\uTorrent.exe [2720264 2023-03-11] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3380840 2024-07-23] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Discord] => C:\Users\bek69\AppData\Local\Discord\Update.exe [1526552 2024-06-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [71185152 2024-07-18] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\bek69\AppData\Local\Programs\Canva\Canva.exe [176670352 2024-09-30] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [electron.app.CurseForge] => C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\CurseForge.exe [182252984 2025-01-27] (Overwolf Ltd -> Overwolf)
HKU\S-1-5-21-4181327758-2871050509-626065469-1007\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [MicrosoftEdgeAutoLaunch_FFF8B8C68180963EF2A835E221829B73] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [Discord] => C:\Users\miska\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\miska\AppData\Local\Programs\Canva\Canva.exe [186748040 2024-11-25] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [AvastBrowserAutoLaunch_A28BB13CE862A0B70F5243088C772B2E] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\miska\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [83427384 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\miska\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\RunOnce: [Uninstall 23.081.0416.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miska\AppData\Local\Microsoft\OneDrive\23.081.0416.0001" [36864 2024-12-07] () [File not signed]
HKLM\...\Windows x64\Print Processors\HPM11M13PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM11M13PP.DLL [74240 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\WINDOWS\system32\mvtcpmon.dll [541184 2009-06-25] (Marvell Semiconductor, Inc.) [File not signed]
HKLM\...\Print\Monitors\HPM11M13LM: C:\WINDOWS\system32\HPM11M13LM.DLL [288768 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\131.0.27894.265\Installer\chrmstp.exe [2025-01-21] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\132.0.6834.160\Installer\chrmstp.exe [2025-01-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2C2DE322-309F-4C27-89E8-6FE81FF0CB10} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {1FB27D03-D96F-4D16-8AE3-BE4AF6CD5810} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8400680 2024-12-16] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {7F18DF67-D80D-4D88-A4B5-8439E7AADCEF} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [5979944 2025-01-19] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup" --configpath "C:\ProgramData\Avast Software\Cleanup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cle (the data entry has 53 more characters).
Task: {23988C63-8F42-46FC-A2F1-993946960053} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [8289064 2024-12-04] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {3E4C634A-0FDA-42BE-8CBE-E38564B5528D} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [5979944 2024-12-17] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater" --configpath "C:\ProgramData\Avast Software\Driver Updater" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramD (the data entry has 82 more characters).
Task: {7CF70557-CD79-46D8-9280-AE3759E961E1} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [8289064 2024-12-04] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {68334795-9A94-47E6-BE06-BF831BB93877} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5214504 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {832C47FC-80AA-4597-99AC-D6E7CB307C8D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {AA77236C-DA5E-4BAE-B9C5-DB3C4E07CA96} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [3327896 2025-01-08] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {60B44233-373E-418C-B83E-CE230A2159FF} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [3327896 2025-01-08] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {E8408181-F01C-4A6C-8E57-53ED2B077645} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4ACE6A6C-90D2-43E8-9911-EC4E07D32DAD} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-4181327758-2871050509-626065469-1001 => C:\Program Files\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1717416 2024-04-16] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {AFAADB24-7349-4AF0-8A61-4AE014E8ADB3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "0a381adc-b780-4592-894e-5008c842dbaa" --version "6.32.0.11432" --silent
Task: {F68DB64A-5DCE-4B49-B862-423BAD97484D} - System32\Tasks\CCleanerSkipUAC - bek69 => C:\Program Files\CCleaner\CCleaner.exe [39138608 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {385239AF-33CA-4F24-BB36-AE30E7179265} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {F4CE6DC4-E11E-4BA0-96C0-B8FDA7DBC5A8} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {34B956DC-AF86-496C-BCB9-3686BF328AC0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{E3F3B160-9DE2-4905-8528-FB14141E2ECF} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2025-01-27] (Google LLC -> Google LLC)
Task: {9DC6929C-8547-47E6-A67B-D2254297EA77} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{51EB39E6-1BFE-4BE2-9040-989D5389BC32} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {76B08F06-59A9-4F52-AB0C-616667C60B9C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6947.0{39641609-29F9-4309-B5DD-00C005D9FB84} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6947.0\updater.exe [5642336 2025-01-09] (Google LLC -> Google LLC)
Task: {333B6D11-606F-4737-9BBF-5582B1435AB5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {F912395D-FF4C-41CA-AD3B-06C9A906991B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {633A46AD-79E7-4055-9585-4BDF50C466BA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {9F33BA2D-319D-44FE-9E28-1179D678B8A2} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {8DE3433B-E7FE-49A3-866E-5597CC9D9689} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {2886CAAD-A64D-4B3D-B778-B742E09AA158} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {3B6B1AA7-2651-409F-8BE8-C8C1EABCA26F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {32168CBE-E83E-4FD1-AB84-56706F8B3105} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {DB7F4492-7BA3-4F53-B7F5-168CEF012B4F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {ADF68D9A-8D55-4DFF-A93B-9EF57AD0D753} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest => c:\Windows\System32\schtasks.exe [253952 2024-10-13] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
Task: {9477F558-8DEE-4302-9192-93B04AE8AFEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {486E13F7-BAFA-41D3-BC8C-F2BD7383213F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2024-12-17] (HP Inc. -> HP Inc.)
Task: {3C8C00EA-BB69-4397-9BD4-ABED45540B01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231944 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {D0114D00-F94B-439E-B9C3-F3FA7AB45C9D} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [102400 2024-10-13] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {352B3328-0BD2-43B0-B309-82F8BE7AF4D8} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-18] (HP Inc. -> HP Inc.)
Task: {929217E4-1B61-450A-8346-EE8F5BD6DE5C} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-18] (HP Inc. -> HP Inc.)
Task: {056E93B9-C5B0-4F40-854A-38A55506F421} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {4082FB95-AECB-47EB-BC36-F3D06B5C2907} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4983528 2024-08-02] (Intel Corporation -> Intel Corporation)
Task: {4503CB9E-B521-41A7-B06B-BAFC5D341031} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4983528 2024-08-02] (Intel Corporation -> Intel Corporation)
Task: {0B5265D7-0009-4C8B-9F28-2CE0B81B4F4B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F73EA8BE-23B5-4A51-929A-D85D657666CF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4565048 2024-01-23] (McAfee, LLC -> McAfee, LLC)
Task: {7ED45254-D1B0-44E6-9C3A-5AA115AB382C} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.117\DADUpdater.exe [4098112 2024-05-22] (McAfee, LLC -> McAfee, LLC)
Task: {B9D64E5C-AE68-4FD5-815E-544F363262D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {75D164DD-79A1-42A6-B973-610B809CD473} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {E58C4170-F509-41BB-9AA3-42BD0DD873C1} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC)
Task: {A2B06606-FA6E-40DB-9A6C-798AF470E81E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9E742B8-954C-43F2-A66A-4B5010C618B5} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [67304 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3533800-E115-4147-91D0-FB661F6A0A15} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E6FEAF3-A21A-40FC-94EE-3C8FEF453B75} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311416 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E1D2CE6-398A-42CD-B02A-31774D6F8520} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311416 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9335620-4479-47D0-A745-A52323E77D0F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [192144 2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {9B09E479-5908-4FA0-A75D-2F3B967BD23F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {366F5195-F81B-4E00-AEE8-500793EC9ABB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {8A74A216-A52E-40B5-855B-45B55F8FAD53} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {89B480A4-78B9-459D-8377-50B6531D3561} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator => C:\WINDOWS\system32\UIEOrchestrator.exe [336816 2025-01-30] (Microsoft Windows -> )
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A9550A20-1338-4CBD-80EE-A660E177D940} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {73AB78DC-6B60-4EDB-BC6E-3896504F3394} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4181327758-2871050509-626065469-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {6CD3DF73-1831-4F31-8217-BF1869E21D92} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {A2796A1D-176B-4254-8AE9-F2F63166D3E6} - System32\Tasks\Outbyte\PC Repair\CrashCheck => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /Crash <==== ATTENTION
Task: {9FDC11C1-536D-46A4-A4EA-5801B9F59D25} - System32\Tasks\Outbyte\PC Repair\DailyTip => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DailyTip <==== ATTENTION
Task: {1942090B-B656-41CF-B51B-0E616C22AA0F} - System32\Tasks\Outbyte\PC Repair\DiskCleaner1 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner1 <==== ATTENTION
Task: {F3CF16B5-67B9-49EB-A9FF-AC4EB9B72BCD} - System32\Tasks\Outbyte\PC Repair\DiskCleaner2 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner2 <==== ATTENTION
Task: {7651CBF4-BD33-4E8E-8C64-105C5AB5DA45} - System32\Tasks\Outbyte\PC Repair\HomePage => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /HomePage <==== ATTENTION
Task: {7597F9C2-4CF0-402F-A99B-C9ECC7A247F2} - System32\Tasks\Outbyte\PC Repair\MSExploit => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /MSExploit <==== ATTENTION
Task: {1B8EC3DD-9D13-470F-B8CA-F545C7E65E72} - System32\Tasks\Outbyte\PC Repair\NewDeceptors => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /NewDeceptors <==== ATTENTION
Task: {28202424-67AF-4762-AFE4-33E9A08EF03E} - System32\Tasks\Outbyte\PC Repair\ScanResults => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /AllResults <==== ATTENTION
Task: {F97FA40E-F08F-4D83-A840-9BC278D7E2A6} - System32\Tasks\Outbyte\PC Repair\SecurityBreach => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /SecurityBreach <==== ATTENTION
Task: {8374EDB5-D0BA-443E-A5EB-F17A74C325D3} - System32\Tasks\Outbyte\PC Repair\WeakPassword => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /WeakPassword <==== ATTENTION
Task: {DA16354C-8F17-4469-A4E4-EF823F0E9004} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {E376A3AC-AA96-426D-AC9B-FED7D778D712} - System32\Tasks\WpsExternal_bek69_20250115154722 => C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wpscloudsvr.exe [936832 2025-01-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {676B86A5-BC99-4458-B2D3-28B480B58D31} - System32\Tasks\WpsUpdateTask_bek69 => C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wpsupdate.exe [1681792 2025-01-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.90.1
Tcpip\..\Interfaces\{be84a2cd-26d4-4844-82c6-0c3255580064}: [DhcpNameServer] 192.168.90.1
Tcpip\..\Interfaces\{be84a2cd-26d4-4844-82c6-0c3255580064}\34A5E4564764275656B42716D6E6972374: [DhcpNameServer] 192.168.90.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-19]
Edge Extension: (Google Docs Offline) - C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-23]
Edge Extension: (Edge relevant text changes) - C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-01]
Edge Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjdgandcagmikhlbjnilkmfnjeamfikk [2024-12-30]
Edge HKU\S-1-5-21-4181327758-2871050509-626065469-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [mjdgandcagmikhlbjnilkmfnjeamfikk]
FireFox:
========
FF DefaultProfile: 6fm9s7cy.default
FF ProfilePath: C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\6fm9s7cy.default [2021-10-21]
FF ProfilePath: C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release [2025-01-30]
FF DownloadDir: C:\Users\bek69\OneDrive\Plocha
FF Homepage: Mozilla\Firefox\Profiles\01magi4y.default-release -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\01magi4y.default-release -> is enabled.
FF Extension: (Ferrari Logo) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{41e1753e-d439-4a0b-bc7a-c8d1d7297715}.xpi [2021-10-21]
FF Extension: (Ferrari Carbon Fiber) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{571cebb9-5e8c-4055-b6df-11630de4322b}.xpi [2021-10-21]
FF Extension: (Ferrari Red Logo) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{8893ca9c-749f-4fe2-b7b6-bd8111583bf4}.xpi [2021-10-21]
FF Extension: (Scuderia Ferrari F1) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{bf3d0394-da43-40fb-9542-0f40922058d5}.xpi [2021-10-21]
FF Extension: (No Name) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-18]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @java.com/DTPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\dtplugin\npDeployJava1.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\plugin2\npjp2.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-01-20] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1651.5\npCCleanerBrowserUpdate3.dll [2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1651.5\npCCleanerBrowserUpdate3.dll [2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3 [2025-01-30]
CHR Extension: (Torrent Scanner) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-15]
CHR Extension: (FlipClock) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\copjokjinhlflggeifkidlmodfepbpgl [2023-09-23]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2024-12-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-20]
CHR Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kdpelmjpfafjppnhbloffcjpeomlnpah [2025-01-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-23]
CHR Extension: (Hesla na iCloudu) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2024-11-08]
CHR Profile: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4 [2025-01-19]
CHR Extension: (Torrent Scanner) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-18]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-01-18]
CHR Extension: (Google Docs Offline) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-18]
CHR Profile: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\System Profile [2025-01-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-4181327758-2871050509-626065469-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4181327758-2871050509-626065469-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kdpelmjpfafjppnhbloffcjpeomlnpah]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
OPR Profile: C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable [2025-01-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-06-07]
OPR Extension: (Opera Wallet) - C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-06-07]
OPR Extension: (Opera AI Prompts) - C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-06-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7381288 2024-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [778536 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2372904 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1229608 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-21] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15747368 2024-04-19] (BattlEye Innovations e.K. -> )
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\131.0.27894.265\elevation_service.exe [1910112 2025-01-08] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18960168 2025-01-19] (Avast Software s.r.o. -> Gen Digital Inc.)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13572312 2025-01-03] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [17099048 2024-12-17] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [47000 2024-11-25] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [330136 2024-11-25] (Intel Corporation -> Intel)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [16452200 2024-07-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [965872 2024-11-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 ELAN_MOC_Service; C:\WINDOWS\System32\ELAN_MOC_Service.exe [257128 2024-08-13] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
S3 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [475680 2023-04-14] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe [887904 2024-12-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe [886392 2024-12-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe [882296 2024-12-10] (HP Inc. -> HP Inc.)
S3 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-15] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [128272 2016-03-30] (Hewlett-Packard Company -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe [887392 2024-12-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_c39f1618966ba504\AS\IAS\IntelAudioService.exe [532960 2024-12-11] (Intel Corporation -> Intel)
R2 IntelGraphicsSoftwareService; C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [289280 2024-12-20] (Intel Corporation) [File not signed]
S3 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2025-01-29] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-09-11] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-24] (McAfee, LLC -> McAfee, LLC)
R3 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe [2726312 2020-08-13] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1745400 2020-08-14] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4356880 2020-10-20] (McAfee, LLC -> McAfee, LLC)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9705560 2024-06-28] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3174840 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [133592 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1056000 2021-10-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235088 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [383056 2025-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296016 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84560 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2024-11-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275024 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [550992 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [98360 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69712 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [955960 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1424952 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204344 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381488 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2024-12-23] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [41976 2024-09-13] (Expressco Services LLC -> ExpressVPN)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-25] (McAfee, LLC -> McAfee, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-07-19] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1560280 2023-12-13] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88776 2022-06-22] (Intel Corporation -> Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [40415320 2024-06-27] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [55856 2024-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [594304 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [105856 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-10-13] (Microsoft Windows -> Microsoft Corporation)
U3 aswArDisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-30 18:40 - 2025-01-30 18:41 - 000062214 _____ C:\Users\bek69\OneDrive\Plocha\FRST.txt
2025-01-30 18:39 - 2025-01-30 18:41 - 000000000 ____D C:\FRST
2025-01-30 18:37 - 2025-01-30 18:37 - 002403328 _____ (Farbar) C:\Users\bek69\OneDrive\Plocha\FRST64.exe
2025-01-30 17:58 - 2025-01-30 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2025-01-30 11:20 - 2025-01-30 11:20 - 000777646 _____ C:\WINDOWS\system32\perfh005.dat
2025-01-30 11:20 - 2025-01-30 11:20 - 000186616 _____ C:\WINDOWS\system32\perfc005.dat
2025-01-30 11:16 - 2025-01-30 11:16 - 000586728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-30 10:08 - 2025-01-30 16:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-01-29 11:53 - 2025-01-29 12:55 - 000000000 ___RD C:\Users\bek69\OneDrive\Plocha\Nová složka
2025-01-26 19:07 - 2025-01-26 19:07 - 000000000 ____D C:\ProgramData\Origin
2025-01-25 16:20 - 2025-01-25 16:20 - 000000000 ____D C:\Users\bek69\AppData\LocalLow\DDTNL
2025-01-25 10:34 - 2025-01-25 10:34 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Sun
2025-01-25 10:33 - 2025-01-25 10:34 - 000000000 ____D C:\Program Files\Java
2025-01-25 10:33 - 2025-01-25 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2025-01-25 10:33 - 2024-12-04 08:34 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2025-01-22 02:03 - 2025-01-25 10:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-21 15:03 - 2025-01-21 15:03 - 000000000 ____D C:\Users\bek69\AppData\Local\Sentry
2025-01-21 14:42 - 2025-01-21 14:42 - 000001750 _____ C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3k sims dump (Paradise Sims).lnk
2025-01-21 08:26 - 2025-01-13 12:30 - 000753976 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2025-01-21 08:26 - 2025-01-13 12:30 - 000640296 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 002098000 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 002098000 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 002021720 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 001656144 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 001656144 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 001445720 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 001288000 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 000783160 _____ C:\WINDOWS\system32\ze_loader.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 000543544 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 000409920 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2025-01-21 08:25 - 2025-01-13 12:28 - 000945552 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2025-01-21 08:25 - 2025-01-13 12:20 - 000322104 _____ C:\WINDOWS\system32\ControlLib.dll
2025-01-21 08:25 - 2025-01-13 12:20 - 000269416 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2025-01-20 16:15 - 2025-01-20 16:15 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-01-19 16:00 - 2025-01-19 16:00 - 000002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk
2025-01-19 13:00 - 2025-01-19 13:02 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2025-01-19 11:20 - 2025-01-19 12:28 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2025-01-19 11:02 - 2025-01-19 11:02 - 000000000 ____D C:\Users\Default\AppData\Local\HP
2025-01-15 15:47 - 2025-01-30 12:06 - 000003054 _____ C:\WINDOWS\system32\Tasks\WpsExternal_bek69_20250115154722
2025-01-15 15:47 - 2025-01-30 12:06 - 000002626 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_bek69
2025-01-15 15:47 - 2025-01-15 15:47 - 000002449 _____ C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office.lnk
2025-01-15 12:43 - 2025-01-15 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2025-01-13 13:05 - 2025-01-13 13:05 - 000201513 _____ C:\Users\bek69\OneDrive\Plocha\09024 Tomáš Kramný T6.pdf
2025-01-05 11:57 - 2025-01-05 11:57 - 068131968 _____ C:\Users\bek69\OneDrive\Plocha\m2033-upd2cz.rar
2025-01-02 17:50 - 2025-01-02 17:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-01-02 17:50 - 2025-01-02 17:50 - 000000000 ____D C:\Program Files\Bloxshade
2025-01-02 17:48 - 2025-01-02 17:48 - 000000000 ____D C:\Users\bek69\AppData\Local\com.bloxshade.tauri
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-30 18:42 - 2024-06-24 16:10 - 000000000 ____D C:\Users\bek69\AppData\Local\Discord
2025-01-30 18:42 - 2023-07-14 10:45 - 000000000 ____D C:\Users\bek69\AppData\Roaming\discord
2025-01-30 18:41 - 2024-06-24 16:10 - 000002256 _____ C:\Users\bek69\OneDrive\Plocha\Discord.lnk
2025-01-30 18:30 - 2024-12-08 01:00 - 000000000 ____D C:\Users\bek69\AppData\Roaming\CurseForge
2025-01-30 18:28 - 2024-10-13 08:10 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-01-30 18:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-30 18:19 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-30 18:15 - 2024-10-13 08:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-30 16:16 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-30 12:06 - 2024-12-07 18:15 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4181327758-2871050509-626065469-1008
2025-01-30 12:06 - 2024-12-07 18:15 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4181327758-2871050509-626065469-1008
2025-01-30 12:06 - 2024-10-13 08:10 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-01-30 12:06 - 2024-10-13 08:10 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2025-01-30 12:06 - 2024-10-13 08:10 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-01-30 12:06 - 2024-10-13 08:10 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2025-01-30 12:06 - 2024-10-13 08:10 - 000003092 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2025-01-30 12:06 - 2024-10-13 08:10 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2025-01-30 12:06 - 2024-10-13 08:10 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-01-30 12:06 - 2024-10-13 08:10 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2025-01-30 12:06 - 2024-10-13 08:10 - 000002820 _____ C:\WINDOWS\system32\Tasks\CCleanerBrowserProtectS-1-5-21-4181327758-2871050509-626065469-1001
2025-01-30 12:06 - 2024-10-13 08:10 - 000002788 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-01-30 12:06 - 2024-10-13 08:10 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2025-01-30 12:06 - 2024-10-13 08:10 - 000002610 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2025-01-30 12:06 - 2024-10-13 08:10 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2025-01-30 12:06 - 2024-10-13 08:10 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - bek69
2025-01-30 12:06 - 2024-10-13 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-01-30 12:06 - 2022-10-01 07:25 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-01-30 11:48 - 2023-03-11 12:10 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-30 11:47 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-01-30 11:20 - 2024-10-13 08:06 - 001884928 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-30 11:19 - 2022-02-12 09:16 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-30 11:18 - 2021-10-21 12:30 - 000000000 ____D C:\Users\bek69\AppData\Local\WhatsApp
2025-01-30 11:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-30 11:17 - 2021-10-21 09:54 - 000000000 __SHD C:\Users\bek69\IntelGraphicsProfiles
2025-01-30 11:16 - 2024-10-13 08:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-30 11:16 - 2024-10-13 08:05 - 000006278 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-01-30 11:16 - 2021-10-21 10:51 - 000000000 ____D C:\ProgramData\Avast Software
2025-01-30 11:16 - 2021-06-20 12:58 - 000000000 ____D C:\Intel
2025-01-30 11:16 - 2020-05-06 09:58 - 000012288 ___SH C:\DumpStack.log.tmp
2025-01-30 11:15 - 2024-10-13 08:00 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-01-30 11:15 - 2024-04-01 08:21 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2025-01-30 11:15 - 2021-10-21 16:08 - 000000000 ____D C:\Program Files\CCleaner
2025-01-30 11:14 - 2024-10-13 08:55 - 000000000 ____D C:\WINDOWS\InboxApps
2025-01-30 11:14 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-01-30 11:14 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-01-30 11:14 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-01-30 11:14 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-01-30 10:19 - 2021-11-08 17:17 - 000000000 ____D C:\Program Files (x86)\Steam
2025-01-30 10:19 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Teams
2025-01-30 10:19 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\hpqLog
2025-01-30 10:19 - 2021-10-21 15:54 - 000000000 ____D C:\Users\bek69\AppData\Local\CrashDumps
2025-01-30 10:19 - 2021-10-21 12:30 - 000000000 ____D C:\Users\bek69\AppData\Local\SquirrelTemp
2025-01-30 10:02 - 2024-10-13 08:03 - 003334656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-30 03:13 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-27 11:03 - 2024-10-13 08:02 - 000000000 ____D C:\Users\bek69
2025-01-26 18:37 - 2021-10-21 10:52 - 000000000 ____D C:\Users\bek69\AppData\Local\Avast Software
2025-01-26 18:36 - 2021-02-05 08:23 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-26 14:07 - 2021-10-21 13:26 - 000000000 ____D C:\Users\bek69\OneDrive\Dokumenty\Electronic Arts
2025-01-25 16:20 - 2024-12-15 17:37 - 000001404 _____ C:\Users\bek69\OneDrive\Plocha\Roblox Player.lnk
2025-01-25 16:20 - 2023-03-21 15:38 - 000000000 ____D C:\Users\bek69\OneDrive\Plocha\Míša hry
2025-01-25 16:20 - 2022-09-05 16:06 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2025-01-25 16:19 - 2024-12-15 17:37 - 000001232 _____ C:\Users\bek69\OneDrive\Plocha\Roblox Studio.lnk
2025-01-25 10:37 - 2024-10-01 07:08 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-01-25 10:03 - 2024-04-01 08:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-01-25 10:01 - 2021-10-21 10:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-25 08:49 - 2021-10-21 09:54 - 000000000 ____D C:\Users\bek69\AppData\Local\D3DSCache
2025-01-23 08:43 - 2024-10-13 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-01-23 08:43 - 2021-10-21 10:12 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-22 11:37 - 2024-12-08 01:00 - 000000000 ____D C:\Users\bek69\AppData\Local\curseforge-updater
2025-01-21 13:53 - 2024-03-18 19:53 - 000002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2025-01-21 13:53 - 2024-03-18 19:48 - 000000000 ____D C:\Program Files\CCleaner Browser
2025-01-21 11:50 - 2021-10-21 09:54 - 000000000 ____D C:\Users\bek69\AppData\Local\Packages
2025-01-21 10:40 - 2024-06-02 14:31 - 000002421 _____ C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic (work or school).lnk
2025-01-21 08:46 - 2024-04-14 16:24 - 000000130 _____ C:\Users\bek69\AppData\LocalLow\7107d4cac2bc4428fa0187dfd88ac646a0a936ba0c71f8a4e27055a4333f4375
2025-01-21 08:39 - 2023-10-01 17:54 - 000000130 _____ C:\Users\bek69\AppData\LocalLow\a8b141efd5a28a0535a4b1cef38c232052f69977de70ef5ac15dddb5a77f531f
2025-01-21 08:38 - 2023-10-01 17:54 - 000005855 _____ C:\Users\bek69\AppData\LocalLow\183fe6247284088bf5e3cb9f4cf38746039fa07f000070dabdfab908a343a64e
2025-01-21 08:28 - 2023-05-01 18:46 - 000000000 ____D C:\Program Files\Intel
2025-01-21 08:27 - 2024-04-14 16:24 - 000005874 _____ C:\Users\bek69\AppData\LocalLow\6d1a0d74b8983cab26a68cd0cdace1fb63918ce4f5f6aeaeeefb13009d6d5154
2025-01-20 16:15 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-20 16:15 - 2021-06-20 12:03 - 000000000 ____D C:\ProgramData\Packages
2025-01-20 16:15 - 2021-02-05 08:36 - 000000000 ____D C:\Program Files\Microsoft Office
2025-01-19 16:01 - 2021-06-20 12:10 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-19 16:00 - 2021-06-20 12:10 - 000000000 ____D C:\ProgramData\ExpressVPN
2025-01-19 16:00 - 2021-06-20 12:10 - 000000000 ____D C:\Program Files (x86)\ExpressVPN
2025-01-19 15:58 - 2021-10-21 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-01-19 15:40 - 2024-10-11 17:09 - 000000000 ___DC C:\WINDOWS\Panther
2025-01-19 15:40 - 2023-12-26 10:32 - 000000000 ____D C:\Users\bek69\AppData\Roaming\EasyAntiCheat
2025-01-19 15:40 - 2023-03-10 10:14 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Winamp
2025-01-19 15:40 - 2022-09-03 14:06 - 000000000 ____D C:\Users\bek69\AppData\Roaming\.minecraft
2025-01-19 15:40 - 2022-08-24 19:39 - 000000000 ____D C:\Users\bek69\OneDrive\Dokumenty\The Witcher 3
2025-01-19 15:40 - 2021-10-21 18:25 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Skype
2025-01-19 15:40 - 2021-10-21 18:25 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Windows Photo Viewer
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Office
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\MMC
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\HTML Help
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\HpUpdate
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\dvdcss
2025-01-19 15:40 - 2021-10-21 18:22 - 000000000 ____D C:\Users\bek69\AppData\Local\PokerStars.CZ
2025-01-19 15:40 - 2021-10-21 13:26 - 000000000 ____D C:\Users\bek69\OneDrive\Dokumenty\Add-in Express
2025-01-19 15:40 - 2021-10-21 12:30 - 000000000 ____D C:\Users\bek69\AppData\Roaming\WhatsApp
2025-01-19 15:40 - 2021-10-21 12:28 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Skype for Desktop
2025-01-19 15:39 - 2021-10-21 18:21 - 000000000 ____D C:\Users\bek69\AppData\Local\messengerfordesktop-updater
2025-01-19 13:00 - 2021-10-21 10:52 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Avast Software
2025-01-19 12:59 - 2021-10-21 10:51 - 000000000 ____D C:\Program Files\Avast Software
2025-01-19 12:28 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-01-19 11:21 - 2024-12-07 18:13 - 000000000 ____D C:\Users\miska
2025-01-19 11:21 - 2024-12-07 18:09 - 000000000 ____D C:\Users\WsiAccount
2025-01-19 11:21 - 2024-10-13 08:02 - 000000000 ____D C:\Users\defaultuser100001
2025-01-19 11:21 - 2024-10-13 08:02 - 000000000 ____D C:\Users\defaultuser100000
2025-01-19 11:02 - 2021-02-05 08:33 - 000000000 ____D C:\Program Files\HP
2025-01-18 20:21 - 2023-10-11 16:39 - 000532958 _____ C:\Users\bek69\AppData\LocalLow\7bc5ee1f183e0e9cedb3a29f601ea14859c00f53dee857e6b51415c656d32a7f
2025-01-16 10:40 - 2024-12-05 17:00 - 000002264 _____ C:\Users\bek69\AppData\LocalLow\DeviceId=9A49_DeviceRevisionId=0001_DevicePciAddr=0.2.0_AppName=Spotify=_ApiClient=D3D12
2025-01-16 10:40 - 2023-10-11 16:39 - 000000130 _____ C:\Users\bek69\AppData\LocalLow\dfd8e4de2c43a69910ea1b6aa9c232836b2a22bfe407f70e53f2ee2cc540db02
2025-01-15 16:32 - 2024-12-06 13:57 - 000002264 _____ C:\Users\bek69\AppData\LocalLow\DeviceId=9A49_DeviceRevisionId=0001_DevicePciAddr=0.2.0_AppName=RuntimeBroker=_ApiClient=D3D12
2025-01-15 15:47 - 2021-12-28 10:42 - 000002553 _____ C:\Users\bek69\OneDrive\Plocha\WPS PDF.lnk
2025-01-15 12:55 - 2023-10-01 18:09 - 000008103 _____ C:\Users\bek69\AppData\LocalLow\abdfbee3f482f410934d1e17c2f7f6fa1d3b379b2a07284ffda6ea337445c922
2025-01-15 12:55 - 2023-10-01 18:09 - 000000026 _____ C:\Users\bek69\AppData\LocalLow\6bdad7e2b2f0e006a1b2964609240b6498c71fd5a1aeb1e97866f9a43779a743
2025-01-15 12:46 - 2021-10-21 10:51 - 000383056 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2025-01-15 12:41 - 2024-12-22 13:28 - 000316200 ____N (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-01-15 12:41 - 2022-07-14 07:35 - 000053048 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-01-15 12:21 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-15 10:02 - 2021-10-21 11:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-15 01:31 - 2023-10-01 17:49 - 000000000 ____D C:\Program Files\dotnet
2025-01-15 01:23 - 2021-10-21 11:08 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-10 20:49 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-01-02 17:59 - 2023-12-26 10:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
==================== Files in the root of some directories ========
2022-04-19 08:22 - 2022-04-19 08:22 - 000001540 _____ () C:\Users\bek69\AppData\Roaming\Microsoft\a03f15a4-e4c1-46a5-9ae6-e1700863d8af.tmp
2021-10-21 18:20 - 2020-06-03 17:10 - 000000000 _____ () C:\Users\bek69\AppData\Local\oobelibMkey.log
2021-10-21 18:20 - 2018-06-22 07:50 - 000000855 _____ () C:\Users\bek69\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================