VIRY.CZ

Dobrý den,
HDD často vytížen na 100%, celkově pomalý chod. Děkuji za pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-03-2025
Ran by Gor (administrator) on DESKTOP-72B6VSV (18-03-2025 19:51:42)
Running from C:\Users\jhonz\Desktop\FRST64.exe
Loaded Profiles: Gor
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5608 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <17>
(Oracle America, Inc. -> Oracle Corporation) E:\Program Files\OTE\runtime\bin\javaw.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe
(services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(services.exe ->) (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2501.1.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [11859680 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3147264 2021-08-20] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [480176 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
HKLM-x32\...\Run: [OtePkiClient] => E:\Program Files\OTE\OtePkiClient-2.6.exe [78336 2024-02-23] (OTE, a.s.) [File not signed]
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5007680 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\Run: [MicrosoftEdgeAutoLaunch_9433F0F67BB0CA384D427CACFB9DBC69] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291128 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\Run: [CCleaner Smart Cleaning] => E:\Program Files\CCleaner\CCleaner64.exe [45452080 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\Run: [AvastBrowserAutoLaunch_9A25AE14D27C442B2D36462549D41684] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2982144 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\Run: [GarminExpress] => E:\Program Files\Garmin\Garmin\Express\express.exe [28999440 2024-11-06] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3033005680-393220151-2942893451-1007\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5007680 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3033005680-393220151-2942893451-1007\...\Run: [AvastBrowserAutoLaunch_2393A21C72C23300E564BF07774A52C0] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2982144 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3033005680-393220151-2942893451-1007\...\Run: [GarminExpress] => E:\Program Files\Garmin\Garmin\Express\express.exe [28999440 2024-11-06] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3033005680-393220151-2942893451-1007\...\Run: [CCleaner Smart Cleaning] => E:\Program Files\CCleaner\CCleaner64.exe [45452080 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-3033005680-393220151-2942893451-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291128 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3033005680-393220151-2942893451-500\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5007680 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-10-31] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\104.0.18003.81\Installer\chrmstp.exe [2022-08-18] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2023-12-23]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric -> Schneider Electric) [File not signed]

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {A6C14222-4FB9-4024-A172-B67A608435D2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2982144 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
Task: {4C7B03FF-6212-4149-9271-89B24841A6F5} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2982144 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
Task: {6D583762-15FD-4BF0-B616-D6E0E330B926} - System32\Tasks\AvastBrowserProtectS-1-5-21-3033005680-393220151-2942893451-1007 => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1750664 2022-08-05] (Avast Software s.r.o. -> Avast Software)
Task: {B4B8C47F-C947-4377-A281-BA5E65CF62E2} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-03-10] (Avast Software s.r.o. -> AVAST Software)
Task: {6DD0DE38-2694-4CFC-93BE-D1DC87788898} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-03-10] (Avast Software s.r.o. -> AVAST Software)
Task: {9002D8D9-BF69-48C4-98BB-4FE7F1497A5D} - System32\Tasks\CCleaner Update => E:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {B3DCFEBC-CFE0-40C7-B171-2025AABA4BA2} - System32\Tasks\CCleanerCrashReporting => E:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "E:\Program Files\CCleaner\LOG" --programpath "E:\Program Files\CCleaner" --guid "e95f0aaf-9fd9-4834-aa74-2024c68e993a" --version "6.33.0.11465" --silent
Task: {BF1A1BDC-E4F7-4BD6-B5A2-4FA9AFA3F0BB} - System32\Tasks\CCleanerSkipUAC - Gor => E:\Program Files\CCleaner\CCleaner.exe [39224624 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {961D0C7C-548F-44AF-83BE-CC6AE43C824D} - System32\Tasks\GarminUpdaterTask => E:\Program Files\Garmin\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [30992 2024-11-06] (Garmin International, Inc. -> )
Task: {D79D6550-1B87-4218-9A41-AA9F43365328} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {171A1659-E2EC-480F-A948-CF22D4576D28} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {941134F8-FF04-4429-AABE-544CA0BD0A8F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCD7C1C1-02C2-4977-B683-9882A37F775F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {11E35DB2-43A4-4F8E-B8EE-EBB0D358CBF8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-12] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {D81236F3-4A66-4EE6-B32D-477F924A614A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3033005680-393220151-2942893451-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-12] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {A6ADA0A8-ABDC-4298-9B1D-FF3E5B32268F} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3033005680-393220151-2942893451-1006 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-12] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {2CD3DB91-2619-4090-8BA8-F64096B4846A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3033005680-393220151-2942893451-1007 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-12] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {6FC30F99-56A9-4967-B422-B808316F18E5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {A48DE569-ACF8-430D-91B9-BF78482C05A7} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E78031C6-9C7C-4F28-A4BC-448130493FAE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3033005680-393220151-2942893451-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {357F00FD-E58A-4227-983E-B84E9A1AC2CA} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3033005680-393220151-2942893451-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3A45598-1822-4945-BFF2-4708EECDFD7D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3033005680-393220151-2942893451-1007 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E8AA1BE-4F24-463C-865D-9E35BB143ED0} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3033005680-393220151-2942893451-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7658626-1DA9-4D94-8E4F-775EBE5816ED} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3033005680-393220151-2942893451-1001 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADA41ABD-0B42-4A36-B76B-EC03D18B2ADD} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3033005680-393220151-2942893451-1007 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C00A249A-A6B1-4AD4-BB90-DCB399764E47} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3033005680-393220151-2942893451-500 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => E:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{dbe1fe2c-f503-4a02-9698-0682ff7c8581}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\jhonz\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-17]
Edge DownloadDir: Default -> C:\Users\jhonz\Downloads
Edge StartupUrls: Default -> "hxxps://seznam.cz/"
Edge Extension: (Překladač - překlad a slovník) - C:\Users\jhonz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cahegbfkmjbbjmglfcamfgojffcgnnoa [2024-12-08]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Dokumenty Google offline) - C:\Users\jhonz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-15]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\jhonz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF DefaultProfile: ufgfqr1x.default
FF ProfilePath: C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\sh5xz2qo.default-release [2025-03-18]
FF Homepage: Mozilla\Firefox\Profiles\sh5xz2qo.default-release -> hxxps://www.seznam.cz/
FF Extension: (AdBlocker Ultimate) - C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\sh5xz2qo.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2025-02-15]
FF Extension: (Zhasnout světla) - C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\sh5xz2qo.default-release\Extensions\stefanvandamme@stefanvd.net.xpi [2021-09-14]
FF Extension: (Google Translator for Firefox) - C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\sh5xz2qo.default-release\Extensions\translator@zoli.bod.xpi [2024-04-25]
FF Extension: (Str*Viewer for Strava) - C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\sh5xz2qo.default-release\Extensions\turangasoftware@gmail.com.xpi [2021-08-02]
FF Extension: (Sauce for Strava™) - C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\sh5xz2qo.default-release\Extensions\{0f1b4c25-4ab0-411e-ba22-e56c27f3d151}.xpi [2025-03-04]
FF Extension: (FormApps Extension) - C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\sh5xz2qo.default-release\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2021-10-18]
FF Extension: (strava-map-switcher) - C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\sh5xz2qo.default-release\Extensions\{8bc8a884-a7db-45e3-84dd-963933a87d3c}.xpi [2023-07-28]
FF Extension: (Video DownloadHelper) - C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\sh5xz2qo.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-01-31]
FF ProfilePath: C:\Users\jhonz\AppData\Roaming\Mozilla\Firefox\Profiles\ufgfqr1x.default [2024-12-27]
FF Plugin: @videolan.org/vlc,version=3.0.20 -> E:\Program Files\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-03-10] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-03-10] (Avast Software s.r.o. -> AVAST Software)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [14256 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [4261808 2019-06-07] (Schneider Electric -> Schneider Electric) [File not signed]
S3 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-03-10] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-03-10] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\104.0.18003.81\elevation_service.exe [2009480 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2021-08-20] (Brother Industries, Ltd.) [File not signed]
S3 CCleanerPerformanceOptimizerService; E:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe [3533648 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [13004248 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveUpdaterService.exe [3880256 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559328 2025-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybr64; C:\Windows\system32\DRIVERS\3xHybr64.sys [933760 2007-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Philips Semiconductors GmbH)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [278944 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 Ser2pl; C:\Windows\system32\DRIVERS\ser2pl64.sys [335008 2024-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ULCDRHlp; C:\Windows\SysWOW64\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20016 2025-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601520 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-03-18 19:51 - 2025-03-18 19:54 - 000024004 _____ C:\Users\jhonz\Desktop\FRST.txt
2025-03-18 19:51 - 2025-03-18 19:54 - 000000000 ____D C:\FRST
2025-03-18 19:49 - 2025-03-18 19:49 - 002404352 _____ (Farbar) C:\Users\jhonz\Desktop\FRST64.exe
2025-03-18 19:34 - 2025-03-18 19:34 - 000001803 _____ C:\Users\jhonz\ote-pki-client.log.2025-03-17.0.gz
2025-03-18 05:52 - 2025-03-18 05:52 - 000001669 _____ C:\Users\Jirka 2\ote-pki-client.log.2025-03-17.0.gz
2025-03-17 18:54 - 2025-03-17 20:46 - 000000000 ____D C:\Users\jhonz\Documents\Reflect
2025-03-17 18:27 - 2025-03-17 18:27 - 000002023 _____ C:\Users\Public\Desktop\Macrium Reflect.lnk
2025-03-17 18:27 - 2025-03-17 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2025-03-17 18:27 - 2025-03-17 18:27 - 000000000 ____D C:\Program Files\Macrium
2025-03-17 18:18 - 2025-03-17 18:18 - 000000000 ____D C:\Users\jhonz\Downloads\Macrium
2025-03-17 18:17 - 2025-03-17 22:39 - 000000000 ____D C:\ProgramData\Macrium
2025-03-17 18:17 - 2025-03-17 18:17 - 005667264 _____ (Paramount Software UK Ltd) C:\Users\jhonz\Downloads\ReflectDLHF.exe
2025-03-17 18:03 - 2025-03-17 18:03 - 000001270 _____ C:\Users\jhonz\ote-pki-client.log.2025-03-16.0.gz
2025-03-17 05:53 - 2025-03-17 05:53 - 000001290 _____ C:\Users\Jirka 2\ote-pki-client.log.2025-03-16.0.gz
2025-03-16 21:22 - 2025-03-16 21:22 - 000152885 _____ C:\Users\jhonz\Downloads\priloha_1494831341_0_p721927976.pdf
2025-03-16 19:48 - 2025-03-16 19:48 - 000001274 _____ C:\Users\jhonz\ote-pki-client.log.2025-03-15.0.gz
2025-03-16 05:53 - 2025-03-16 05:53 - 000001296 _____ C:\Users\Jirka 2\ote-pki-client.log.2025-03-15.0.gz
2025-03-15 19:38 - 2025-03-15 19:38 - 000130285 _____ C:\Users\jhonz\Downloads\1102666138.pdf
2025-03-15 19:35 - 2025-03-15 19:35 - 000001277 _____ C:\Users\jhonz\ote-pki-client.log.2025-03-14.0.gz
2025-03-15 06:01 - 2025-03-15 06:01 - 000001289 _____ C:\Users\Jirka 2\ote-pki-client.log.2025-03-14.0.gz
2025-03-14 23:13 - 2025-03-14 23:13 - 000293984 _____ C:\Users\jhonz\Downloads\export(25).gpx
2025-03-14 21:12 - 2025-03-14 21:12 - 000241438 _____ C:\Users\jhonz\Downloads\export(24).gpx
2025-03-14 19:35 - 2025-03-14 19:35 - 000001277 _____ C:\Users\jhonz\ote-pki-client.log.2025-03-13.0.gz
2025-03-14 05:55 - 2025-03-14 05:55 - 000001612 _____ C:\Users\Jirka 2\ote-pki-client.log.2025-03-13.0.gz
2025-03-13 19:34 - 2025-03-13 19:34 - 000001279 _____ C:\Users\jhonz\ote-pki-client.log.2025-03-12.0.gz
2025-03-13 05:55 - 2025-03-13 05:56 - 000001615 _____ C:\Users\Jirka 2\ote-pki-client.log.2025-03-12.0.gz
2025-03-12 19:34 - 2025-03-12 19:34 - 000001278 _____ C:\Users\jhonz\ote-pki-client.log.2025-03-11.0.gz
2025-03-12 15:52 - 2025-03-12 15:52 - 000000000 ___HD C:\$WinREAgent
2025-03-12 05:52 - 2025-03-12 22:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-12 05:51 - 2025-03-12 05:51 - 000001623 _____ C:\Users\Jirka 2\ote-pki-client.log.2025-03-11.0.gz
2025-03-10 20:43 - 2025-03-10 20:43 - 000000839 _____ C:\Users\jhonz\Downloads\1st route - 2nd route(1).fit
2025-03-08 23:46 - 2025-03-08 23:46 - 001827521 _____ C:\Users\jhonz\Downloads\CDC-2021-0089-0024_attachment_1-1.pdf
2025-03-06 22:02 - 2025-03-06 22:02 - 000191807 _____ C:\Users\jhonz\Downloads\8.3. kratší.gpx
2025-03-06 21:57 - 2025-03-06 22:07 - 000212316 _____ C:\Users\jhonz\Downloads\8.3. delší.gpx
2025-03-01 23:55 - 2025-03-01 23:56 - 000000149 _____ C:\Users\jhonz\Desktop\Pegueot.url
2025-03-01 20:54 - 2025-03-01 20:54 - 000136094 _____ C:\Users\jhonz\Downloads\2.3.25.gpx
2025-02-27 21:39 - 2025-02-27 21:39 - 000000000 _____ C:\Users\jhonz\Desktop\VF34H5FWC9S151900.txt
2025-02-27 21:29 - 2025-02-27 21:29 - 000036206 _____ C:\Users\jhonz\Downloads\vozidlo-udaje.pdf
2025-02-27 19:40 - 2025-02-27 19:40 - 000135003 _____ C:\Users\jhonz\Downloads\Morning_Mountain_Bike_Ride.gpx
2025-02-25 21:44 - 2025-02-25 21:44 - 000076562 _____ C:\Users\jhonz\Downloads\Zelená karta k pojistné smlouvě číslo 5487092373.pdf
2025-02-23 20:14 - 2025-02-23 20:14 - 000178543 _____ C:\Users\jhonz\Downloads\WhatsApp Image 2025-02-23 at 20.12.47.jpeg
2025-02-23 20:14 - 2025-02-23 20:14 - 000166963 _____ C:\Users\jhonz\Downloads\WhatsApp Image 2025-02-23 at 20.12.46(1).jpeg
2025-02-23 20:14 - 2025-02-23 20:14 - 000145719 _____ C:\Users\jhonz\Downloads\WhatsApp Image 2025-02-23 at 20.12.46.jpeg
2025-02-22 21:38 - 2025-02-22 21:38 - 000133479 _____ C:\Users\jhonz\Downloads\export(23).gpx
2025-02-21 21:56 - 2025-02-21 21:56 - 001916448 _____ C:\Users\jhonz\Downloads\fofr-cup-gps-data-gpx(2).gpx
2025-02-21 20:24 - 2025-02-21 20:24 - 000626777 _____ C:\Users\jhonz\Desktop\závody 25.xlsx
2025-02-16 19:37 - 2025-02-16 19:37 - 000264157 _____ C:\Users\jhonz\Downloads\WhatsApp Image 2025-02-16 at 18.40.28.jpeg

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-03-18 19:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-18 19:35 - 2022-02-09 11:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-18 19:34 - 2021-08-01 09:17 - 000000000 ____D C:\Users\jhonz
2025-03-18 19:33 - 2021-12-18 01:19 - 000000000 ____D C:\Windows\SystemTemp
2025-03-18 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2025-03-18 14:20 - 2022-09-30 18:22 - 000003326 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2025-03-18 14:20 - 2022-09-30 18:22 - 000000670 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2025-03-18 05:52 - 2021-09-12 13:28 - 000000000 ____D C:\Users\Jirka 2
2025-03-17 23:16 - 2021-08-01 09:18 - 001702656 _____ C:\Windows\system32\PerfStringBackup.INI
2025-03-17 23:16 - 2019-12-07 15:43 - 000720264 _____ C:\Windows\system32\perfh005.dat
2025-03-17 23:16 - 2019-12-07 15:43 - 000146470 _____ C:\Windows\system32\perfc005.dat
2025-03-17 23:16 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2025-03-17 23:09 - 2021-08-01 09:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-03-17 23:09 - 2021-08-01 09:03 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-03-17 23:08 - 2021-08-01 09:03 - 000008192 ___SH C:\DumpStack.log.tmp
2025-03-17 18:12 - 2021-08-01 09:21 - 000000000 ____D C:\Users\jhonz\AppData\Local\Packages
2025-03-17 18:10 - 2021-12-23 20:09 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-03-16 20:30 - 2021-08-01 09:25 - 000000000 ____D C:\Users\jhonz\AppData\Local\D3DSCache
2025-03-16 19:48 - 2021-07-31 15:32 - 000000000 ____D C:\Users\jhonz\Documents\kolo
2025-03-16 19:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-16 06:00 - 2021-08-01 11:34 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-16 06:00 - 2021-08-01 11:34 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-03-15 06:06 - 2025-02-06 05:59 - 000003540 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-3033005680-393220151-2942893451-500
2025-03-15 06:06 - 2025-01-18 20:56 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3033005680-393220151-2942893451-500
2025-03-15 06:06 - 2025-01-18 05:57 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-3033005680-393220151-2942893451-1007
2025-03-15 06:06 - 2025-01-18 05:57 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-3033005680-393220151-2942893451-1001
2025-03-15 06:06 - 2021-12-11 20:15 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3033005680-393220151-2942893451-1001
2025-03-15 06:06 - 2021-12-11 13:55 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3033005680-393220151-2942893451-1007
2025-03-15 06:06 - 2021-08-18 19:19 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-03-15 06:06 - 2021-08-01 20:52 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-03-15 06:06 - 2021-08-01 20:52 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-14 17:49 - 2021-09-12 13:28 - 000000000 ____D C:\Users\Jirka 2\AppData\Local\D3DSCache
2025-03-12 23:00 - 2023-12-25 13:43 - 000075587 _____ C:\Windows\SysWOW64\PCPELog.txt
2025-03-12 23:00 - 2021-08-01 09:23 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2025-03-12 23:00 - 2019-12-07 10:03 - 001572864 _____ C:\Windows\system32\config\BBI
2025-03-12 22:57 - 2021-08-01 09:03 - 000456120 _____ C:\Windows\system32\FNTCACHE.DAT
2025-03-12 22:56 - 2021-08-01 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-12 22:54 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-03-12 22:54 - 2019-12-07 15:44 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-03-12 22:54 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-03-12 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-03-12 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2025-03-12 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2025-03-12 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2025-03-12 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-03-12 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2025-03-12 22:54 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2025-03-12 16:38 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2025-03-12 16:27 - 2021-08-01 10:03 - 000419196 __RSH C:\bootmgr
2025-03-12 16:26 - 2021-08-01 09:09 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-03-12 13:56 - 2021-09-07 19:09 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-03-12 13:56 - 2021-08-01 09:54 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-11 22:48 - 2021-08-01 20:58 - 000000000 ____D C:\Users\jhonz\AppData\Roaming\Microsoft\Excel
2025-03-07 06:16 - 2021-08-01 11:34 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-07 06:16 - 2021-08-01 11:34 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-06 10:04 - 2021-08-01 09:07 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-02-28 20:41 - 2021-08-01 23:06 - 000074752 _____ C:\Users\jhonz\Desktop\porovnání spotřeby.xls
2025-02-28 19:41 - 2025-01-15 13:37 - 000000000 ____D C:\Windows\Minidump
2025-02-28 19:35 - 2022-08-17 16:50 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2025-02-18 19:36 - 2025-02-15 21:51 - 000000000 ____D C:\Users\Jirka 2\Documents\julča

==================== Files in the root of some directories ========

2025-01-08 00:17 - 2025-01-17 12:13 - 000007605 _____ () C:\Users\jhonz\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!

Přidejte ještě log Addition, abych mohl provést komplexní kontrolu. Najdete ho na ploše v souboru Additin.txt. Děkuji.

OK

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-03-2025
Ran by Gor (18-03-2025 20:01:42)
Running from C:\Users\jhonz\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5608 (X64) (2021-08-01 08:11:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3033005680-393220151-2942893451-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3033005680-393220151-2942893451-503 - Limited - Disabled)
Gor (S-1-5-21-3033005680-393220151-2942893451-1001 - Administrator - Enabled) => C:\Users\jhonz
Guest (S-1-5-21-3033005680-393220151-2942893451-501 - Limited - Disabled)
Jirka 2 (S-1-5-21-3033005680-393220151-2942893451-1007 - Limited - Enabled) => C:\Users\Jirka 2
WDAGUtilityAccount (S-1-5-21-3033005680-393220151-2942893451-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM\...\{48BEBA4A-700F-4DBC-ACC6-E3E24D20F573}) (Version: 4.33.1.0140 - Open Media LLC) Hidden
ANT Drivers Installer x64 (HKLM\...\{FD1A4C7D-D35E-4742-BCEB-1E1104D103C4}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 104.0.18003.81 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.33 - Piriform)
devicom - PC·PRO (HKLM-x32\...\{125466EC-8965-11D4-A771-00105A6811B6}) (Version: - )
DownloadHelper CoApp (HKLM-x32\...\DownloadHelper CoApp) (Version: 2.0.19.0 - ACLAP)
Elevated Installer (HKLM-x32\...\{164C7EA9-EFD3-4DCE-A297-FFB72D12E457}) (Version: 7.24.0.0 - Garmin Ltd or its subsidiaries) Hidden
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
Garmin Express (HKLM-x32\...\{206c32b6-b534-4c0c-a074-df1ca53e6e3e}) (Version: 7.24.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{50EE2113-6BB9-466F-A71B-FE40DB3139A4}) (Version: 7.24.0.0 - Garmin Ltd or its subsidiaries) Hidden
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Macrium Reflect Free (HKLM\...\{A302C59F-C733-4DA0-9611-1286A9051D15}) (Version: 8.0.7783 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free (HKLM\...\MacriumReflect) (Version: v8.0.7783 - Paramount Software (UK) Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.72 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.031.0217.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 136.0.1 (x64 cs)) (Version: 136.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 90.0.2 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\Mozilla Thunderbird 115.18.0 (x86 cs)) (Version: 115.18.0 - Mozilla)
OtePkiClient (HKLM-x32\...\OtePkiClient) (Version: 2.6 - )
PDFCreator (HKLM\...\{F8D61DF6-66FF-449A-82E3-D1CB1314B062}) (Version: 5.0.0 - pdfforge GmbH)
PIKO Master Control V2.0 v1.2.2.38199 (HKLM-x32\...\PIKO Master Control V2.0_is1) (Version: 1.2.2.38199 - KOSTAL Solar Electric GmbH)
PowerChute Personal Edition (HKLM-x32\...\APC) (Version: 3.1.0 - Schneider Electric)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-02] (Microsoft Corporation) [MS Ad]
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0 [2025-02-27] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm [2025-03-05] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3033005680-393220151-2942893451-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3033005680-393220151-2942893451-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> c:\program files\macrium\common\reflectmonitor.exe (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
CustomCLSID: HKU\S-1-5-21-3033005680-393220151-2942893451-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2022-10-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-02-01 14:28 - 2023-02-01 14:28 - 000264704 _____ (N/A) [File not signed] E:\Program Files\OTE\runtime\bin\glass.dll
2023-02-01 14:28 - 2023-02-01 14:28 - 000125952 _____ (N/A) [File not signed] E:\Program Files\OTE\runtime\bin\prism_d3d.dll
2022-10-31 22:06 - 2022-10-31 22:06 - 000181248 _____ (pdfforge GmbH) [File not signed] C:\Windows\System32\pdfcmon.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000136112 _____ (Schneider Electric -> Schneider Electric) [File not signed] [File is in use] C:\Program Files (x86)\APC\PowerChute Personal Edition\UIControl.dll
2019-06-07 22:25 - 2019-06-07 22:25 - 000479152 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\drvutil.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000915376 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\pdcdll.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000016816 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\rdp.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000574896 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsControl.dll
2019-06-07 22:26 - 2019-06-07 22:26 - 000534960 _____ (Schneider Electric -> Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\UpsDevice.dll
2019-06-07 17:01 - 2019-06-07 17:01 - 002200576 _____ (Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\res.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2022-02-28 19:56 - 000001225 _____ C:\Windows\system32\drivers\etc\hosts
46.28.105.2 ceskobezcenzury.cz www.ceskobezcenzury.cz
192.124.249.14 aeronet.cz www.aeronet.cz
185.178.175.226 czechfreepress.cz www.czechfreepress.cz
88.86.120.88 exanpro.cz www.exanpro.cz
78.24.14.63 prvnizpravy.cz www.prvnizpravy.cz
89.221.213.141 skrytapravda.cz www.skrytapravda.cz
178.238.37.215 voxpopuliblog.cz www.voxpopuliblog.cz
217.11.249.162 protiproud.cz www.protiproud.cz

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3033005680-393220151-2942893451-1001\Control Panel\Desktop\\Wallpaper -> E:\disky\F Místní disk\FOTA\2014\PC200051.JPG
HKU\S-1-5-21-3033005680-393220151-2942893451-1007\Control Panel\Desktop\\Wallpaper -> C:\Users\jhonz\Documents\Dokumenty\Maľovanie pre deti\kids2.jpg
HKU\S-1-5-21-3033005680-393220151-2942893451-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\DesktopSpotlight\Assets\Images\image_0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "BrStsInd00"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_9433F0F67BB0CA384D427CACFB9DBC69"
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3033005680-393220151-2942893451-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_9A25AE14D27C442B2D36462549D41684"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4B3220F1-011E-423F-81FB-94291B8BB75A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{24D9B9EC-C845-43DD-BF12-4559BB6A238B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5531879D-003E-4DAB-BB9F-9A12E540F9D7}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F58625E7-3B19-4A5F-9FD4-A7561334B612}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{ED502CF0-0A65-4617-951E-2AFD5EB9292E}E:\program files\qbittorrent\qbittorrent.exe] => (Allow) E:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{26A3C2C7-6E09-43A9-9F5A-39544314307A}E:\program files\qbittorrent\qbittorrent.exe] => (Allow) E:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{31D20FD1-4903-448D-B04E-9A1BCF911EC7}E:\program files\vlc\vlc.exe] => (Allow) E:\program files\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A507696A-8E11-4BE5-B13E-9A995661C492}E:\program files\vlc\vlc.exe] => (Allow) E:\program files\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{66871698-E8AB-4CB4-A449-5F6EF76D2481}] => (Block) E:\program files\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E340FD7B-A053-4F92-B44B-83B07F95711D}] => (Block) E:\program files\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{808E65BE-24CA-4EA8-9DE0-E5BD6C227CBD}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{CAA1E8AC-19E4-4015-BF8C-C1FF3AA6B602}E:\program files\qbittorrent\qbittorrent.exe] => (Allow) E:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{45B2A3DF-AC03-4EAC-9A6F-A170D9A713D7}E:\program files\qbittorrent\qbittorrent.exe] => (Allow) E:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{6F006DE7-AC1B-46F0-99E7-ECF78CB74BE9}] => (Allow) E:\Program Files\Office\Office12\EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DFC857CE-CF39-4DB9-A0A0-A94048BF865A}] => (Allow) E:\Program Files\Office\Office12\EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EA2E39DB-61E6-46B7-9E55-950AA46A0A7D}] => (Allow) E:\Program Files\Office\Office12\EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2806D047-15F3-48B7-9EE7-71304E796825}] => (Allow) E:\Program Files\Office\Office12\EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27B32F6B-ED1F-41BB-8161-50A20E000A51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6F700E3E-5DFA-4896-9822-030E999E64CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8503B4B3-BD7A-4E43-8ACF-9568914D448B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8366C8FD-7FEC-4370-A128-58E57AA8851F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{93115181-26B2-405B-9FB1-18B8F6DEEECC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4F5C41BB-8DDE-4BFA-A9B7-AC595079D8E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DC8C66B4-08EC-444F-8CF0-78E5CEDE6A0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{771BDF50-453C-42E5-AE60-38D2A13FBD64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{04936B9A-6C05-4722-8D26-5EB1169F8150}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A05DAEA2-90B0-47E1-954F-79AA00DEBD01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{77569C32-D8A3-43D4-B9E1-C3EEAC6150D2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A83A36FB-ABEC-4E49-92AE-58D576496AA3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B96B9C21-E8ED-4D29-B7F3-70932591D5C1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{90614AF8-8B65-4ED8-966C-63ACAF9A638A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E989CA3B-EEF8-472A-9052-21EA23BFC012}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/18/2025 07:31:19 PM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/18/2025 07:31:19 PM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/18/2025 07:21:19 PM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/18/2025 07:21:18 PM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/18/2025 07:11:20 PM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/18/2025 07:11:20 PM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/18/2025 07:01:22 PM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/18/2025 07:01:21 PM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (03/18/2025 07:09:05 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-72B6VSV)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2025 11:11:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935

Error: (03/17/2025 11:09:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:38:11, ‎17.‎03.‎2025) bylo neočekávané.

Error: (03/17/2025 11:08:32 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221226513Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (03/17/2025 10:41:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935

Error: (03/17/2025 10:39:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/17/2025 10:39:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search skončila s následující chybou specifickou pro službu:
%%2147749126

Error: (03/17/2025 10:38:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NcbService byla ukončena s následující chybou:
Zařízení připojené k systému nefunguje.


Windows Defender:
================
Date: 2025-03-16 20:31:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-03-16 12:26:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-03-16 08:55:15
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-03-15 19:57:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-03-14 22:54:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2024-10-05 10:25:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\104.0.18003.81\chrome.dll that did not meet the Microsoft signing level requirements.

Date: 2024-06-09 14:19:46
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2023-12-06 18:10:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. FD 02/04/2013
Motherboard: Gigabyte Technology Co., Ltd. 990XA-UD3
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 62%
Total physical RAM: 8152.74 MB
Available physical RAM: 3046.49 MB
Total Virtual: 9432.74 MB
Available Virtual: 3567.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.48 GB) (Free:41.13 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (GARMIN) (Removable) (Total:14.37 GB) (Free:2.65 GB) FAT32
Drive e: () (Fixed) (Total:1716.53 GB) (Free:1180.79 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 6E11A590)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1716.5 GB) - (Type=05)

==========================================================
Disk: 1 (Protective MBR) (Size: 14.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:

EmptyTemp:
End

PC je prakticky čistý. Který proces nejvíce vytěžuje HDD?

Jako na potvoru je momentálně HDD v poho... Co mám udělat s tím notepadem?

Pardon, zapoměl jsem něco zkopírovat. Tedy:

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Zdravím,
při Fixu to bylo zase celý zpomalený, FRST byl skoro pořád ve stavu "neodpovídá".

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-03-2025
Ran by Gor (19-03-2025 21:16:43) Run:1
Running from C:\Users\jhonz\Desktop
Loaded Profiles: Gor & Jirka 2 & Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

EmptyTemp:
End
*****************

Processes closed successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9702021 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 12441875 B
Edge => 0 B
Firefox => 3116182282 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 22544 B
systemprofile32 => 24740 B
LocalService => 24740 B
NetworkService => 31748 B
jhonz => 34765013 B
Jirka => 35485266 B
Jirka 2 => 1176198822 B
Administrator => 1176402789 B

RecycleBin => 0 B
EmptyTemp: => 5.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:27:31 ====

A jak to vypadá po fixu a restartu PC?

Náběh po restartu byl pomalejší, ale "práce" vypadá svižnější.

OK. Můžete ještě zkusit defragmentovat disk.