spomalený PC

[brissixx]

Zdravím, mám taký problém. Prehliadač mi pomaly načítava stránky a pri niektorých úplne zamrzá, celkovo mám pocit, že s PC nie je všetko v poriadku. Je dosť výkonný, nemali by byť s ním žiadne problémy, nižšie prikladám log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05-2025
Ran by robol (administrator) on ROBKO (ASUS System Product Name) (04-05-2025 12:40:26)
Running from C:\Users\robol\Downloads\FRST64.exe
Loaded Profiles: robol
Platform: Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0413647.inf_amd64_d320f14af0da075c\B413137\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0413647.inf_amd64_d320f14af0da075c\B413137\atieclxx.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0413647.inf_amd64_d320f14af0da075c\B413137\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_1da2893e2ffb6838\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25032.52.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ) C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.1.13.0_x64__qmba6cd70vzyy\ArmouryCrate.exe
(svchost.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.8401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013800 2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013800 2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013800 2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4693600 2025-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\Run: [Discord] => C:\Users\robol\AppData\Local\Discord\Update.exe [1525016 2022-12-09] (Discord Inc. -> GitHub)
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\robol\AppData\Local\Microsoft\Teams\Update.exe [2587320 2023-05-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [164840 2024-06-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45882672 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\136.0.7103.48\Installer\chrmstp.exe [2025-04-29] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {B35D822B-6191-4D54-9393-9E963332C4B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {4E61D048-45BE-4E21-920D-F0B558B21D02} - System32\Tasks\AMD Install Manager - Check For Updates => C:\Program Files\AMD\AMDInstallManager\AMDInstallManager.exe [55232720 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) -> C:\Program Files\AMD\AMDInstallManager\\-CheckForUpdates
Task: {0630A298-3DE2-4315-BE1B-ADD507FB4203} - System32\Tasks\AMD Install Manager - Install Updates => C:\Program Files\AMD\AMDInstallManager\AMDInstallManager.exe [55232720 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) -> C:\Program Files\AMD\AMDInstallManager\\-InstallUpdates -Auto
Task: {2C80F68B-B906-4B0D-AD23-306420640B14} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1038544 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {BB8EB053-1AF7-4001-A9FB-53179B4821B1} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [191184 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {C8F5BF76-16D1-4CCE-9238-9E1A33DF0520} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [398176 2024-11-28] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {3ECC0A0D-39C0-4676-AE6F-3DFF00C875A0} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1772376 2024-11-28] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {4C184FF4-CA1A-47FA-AC5A-0B4A10B7E131} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1db91c7898a37c8 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [252760 2025-03-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {64C06248-C9CF-4DE1-A6BE-D4FD1F1C43DF} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [252760 2025-03-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {736A8610-8019-4F48-BAA9-8EE3572F9E53} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [152109928 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {7CF17F27-6421-4A27-A65D-2488D0DA79D9} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {F603167E-AA38-4734-A05F-DA592CC5FA14} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {548BF61F-30D3-463C-A9C0-0B95C390245F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "7ebeb39e-4d41-4a10-b460-ece9fc994562" --version "6.35.0.11488" --silent
Task: {956AD7E5-9C2A-4F7E-8FA5-0181BD27B03E} - System32\Tasks\CCleanerSkipUAC - robol => C:\Program Files\CCleaner\CCleaner.exe [39622960 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {43551A4C-6B31-48DB-B210-39D29A2E304A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{A17CDEB4-3687-4487-9F7E-A282A3CBE829} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {6855BA33-20DA-4656-902D-8642A0AA716B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21918440 2025-03-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B683509-F9FF-4E50-84D5-5BBD8D66C82F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21918440 2025-03-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E1BF494-908B-4415-9780-A4875C5E3771} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141456 2025-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {4615A128-9A7B-4457-A980-0FE812BDD524} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141456 2025-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {8E1D0C1E-E7E3-47C1-82B4-28D64C726C2B} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => %WINDIR%\system32\SecureBootEncodeUEFI.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {403B8CA5-9158-4779-8EE3-829CF9DF02DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A4AA85C-6D39-472E-BD77-38CD44A4588F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94BA991B-E78F-4DA3-9CBC-E92CA5A5A5F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78CE17CE-6763-4465-90FE-18CF493F64D4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {02660E71-AFE7-4046-B3FB-08A6656E4230} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1038544 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {70D4BAC1-6E6A-4DB8-813E-C743485ED2CB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-16] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {FC1F6072-9B43-4D2A-AEB2-84B84DED939C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-04-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {67F79609-6E2A-4591-90AA-1411D4C6F903} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223824 2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D8C47A7-AC97-41F9-9D49-8A383FC05F83} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-400773837-108167856-4107033148-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223824 2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA183C2E-B1BB-4DC6-9F9C-380337BD7EBB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-400773837-108167856-4107033148-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File) <==== ATTENTION
Task: {F0CF5B66-0CCB-4D85-BB56-9BAA875FF07D} - System32\Tasks\OneDrive Startup Task-S-1-5-21-400773837-108167856-4107033148-1001 => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\OneDriveLauncher.exe [676688 2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E0D65B4-A1C1-4D93-A1E9-15B886079931} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [142544 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {1162AD5B-BB74-4E28-B47D-2AD2A02350D0} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [309968 2025-02-25] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78595d6d-ab8f-40ff-8f0b-62742176ec7c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78595d6d-ab8f-40ff-8f0b-62742176ec7c}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\robol\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-01]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\robol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-01]
Edge Extension: (Edge relevant text changes) - C:\Users\robol\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-12]

FireFox:
========
FF DefaultProfile: 2mnrp8dj.default
FF ProfilePath: C:\Users\robol\AppData\Roaming\Mozilla\Firefox\Profiles\2mnrp8dj.default [2024-03-18]
FF ProfilePath: C:\Users\robol\AppData\Roaming\Mozilla\Firefox\Profiles\o1ycwp9a.default-release [2025-03-13]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default [2025-05-04]
CHR Notifications: Default -> hxxps://sugg.erothots.co
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-24]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-05-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-02]
CHR Profile: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-03-13]
CHR Profile: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-01]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-01]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-23]
CHR Profile: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-04-01]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-01]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\robol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-08-08]
CHR Profile: C:\Users\robol\AppData\Local\Google\Chrome\User Data\System Profile [2025-03-13]
CHR HKU\S-1-5-21-400773837-108167856-4107033148-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe [419368 2025-03-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe [908648 2025-03-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [252760 2025-03-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [503144 2024-09-25] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe [1854312 2025-03-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [252760 2025-03-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1132000 2025-04-25] (ASUSTeK COMPUTER INC. -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3318400 2025-02-12] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9204432 2025-03-27] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncHelper.exe [3586392 2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [347408 2022-11-22] (Underwriters Laboratories Inc. -> Futuremark)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [5049184 2024-12-25] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9406208 2025-05-04] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-03-13] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.060.0330.0003\OneDriveUpdaterService.exe [3837256 2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2235856 2025-01-16] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20738360 2023-07-31] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_1da2893e2ffb6838\amdfendrmgr.sys [36136 2024-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33592 2024-09-12] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV28; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [61264 2025-02-24] (Advanced Micro Devices -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_66bdd11a4e97edd1\amdsafd.sys [112840 2024-05-02] (AMD Test Build -> Advanced Micro Devices)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0413647.inf_amd64_d320f14af0da075c\B413137\amdkmdag.sys [111263168 2025-03-12] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [63008 2024-05-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [58936 2024-09-24] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-03-10] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-03-10] (Microsoft Corporation) [File not signed]
R3 e2fnexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2fn.inf_amd64_fcb868ac03f43b71\e2fn.sys [1427528 2023-07-03] (Intel Corporation -> Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54888 2024-05-14] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-03-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-24] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-04-24] (Microsoft Windows -> Microsoft Corporation)
R0 WinSetupMon; C:\WINDOWS\System32\DRIVERS\WinSetupMon.sys [169408 2025-02-07] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error Reading file: "C:\ProgramData\Desktop\TeamViewer.lnk"
Error Reading file: "C:\ProgramData\Desktop\Shadow Of The Tomb Raider.lnk"
Error Reading file: "C:\ProgramData\Desktop\Play Cyberpunk 2077.lnk"
Error Reading file: "C:\ProgramData\Desktop\Microsoft Edge.lnk"
Error Reading file: "C:\ProgramData\Desktop\MetaTrader 5.lnk"
Error Reading file: "C:\ProgramData\Desktop\Malwarebytes.lnk"
Error Reading file: "C:\ProgramData\Desktop\Firefox.lnk"
Error Reading file: "C:\ProgramData\Desktop\Epic Games Launcher.lnk"
Error Reading file: "C:\ProgramData\Desktop\Eightcap MetaTrader 4.lnk"
Error Reading file: "C:\ProgramData\Desktop\Diablo Immortal.lnk"
Error Reading file: "C:\ProgramData\Desktop\desktop.ini"
Error Reading file: "C:\ProgramData\Desktop\CPUID HWMonitor.lnk"
Error Reading file: "C:\ProgramData\Desktop\CCleaner.lnk"
Error Reading file: "C:\ProgramData\Desktop\Battle.net.lnk"
Error Reading file: "C:\ProgramData\Desktop\Adobe Acrobat.lnk"
2025-05-04 12:30 - 2025-05-04 12:30 - 002405376 _____ (Farbar) C:\Users\robol\Downloads\FRST64.exe
2025-05-02 19:08 - 2025-05-04 12:24 - 000003900 _____ C:\WINDOWS\system32\Tasks\AMD Install Manager - Install Updates
2025-04-25 20:55 - 2025-04-25 20:55 - 000062592 _____ C:\WINDOWS\system32\perfh01B.dat
2025-04-25 20:55 - 2025-04-25 20:55 - 000016406 _____ C:\WINDOWS\system32\perfc01B.dat
2025-04-25 16:57 - 2025-04-25 16:57 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-04-25 16:57 - 2025-04-25 16:57 - 000000000 ____D C:\inetpub
2025-04-25 16:07 - 2025-05-02 19:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-24 20:35 - 2025-04-24 20:35 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-24 20:35 - 2025-04-24 20:35 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-04-16 21:16 - 2025-04-25 16:57 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-05-04 12:40 - 2024-03-17 23:20 - 000030714 _____ C:\Users\robol\Downloads\FRST.txt
2025-05-04 12:40 - 2024-03-17 23:20 - 000000000 ____D C:\FRST
2025-05-04 12:34 - 2025-03-13 22:16 - 000000000 ____D C:\Users\robol\AppData\Local\Malwarebytes
2025-05-04 12:33 - 2022-12-02 16:28 - 000000000 ____D C:\Program Files (x86)\Steam
2025-05-04 12:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-05-04 12:26 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-05-04 12:26 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-05-04 12:24 - 2025-03-13 22:22 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-05-04 12:24 - 2025-03-13 22:22 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-05-04 12:24 - 2025-03-13 22:16 - 000234072 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2025-05-04 12:19 - 2025-03-13 22:22 - 000000000 ____D C:\Program Files\CCleaner
2025-05-04 12:19 - 2025-03-13 18:48 - 000003098 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2025-05-04 12:19 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-05-04 12:19 - 2023-01-17 14:51 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-05-04 12:19 - 2022-11-24 01:23 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-05-04 12:18 - 2025-03-11 18:54 - 000000000 ____D C:\Users\robol\AppData\Roaming\asus_framework
2025-05-02 19:08 - 2023-06-24 12:12 - 000000000 ____D C:\AMD
2025-05-01 10:02 - 2025-03-10 13:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-05-01 10:02 - 2024-07-01 21:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-05-01 10:02 - 2024-07-01 21:36 - 000002021 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-04-29 20:51 - 2023-06-24 12:12 - 000000000 ____D C:\Users\robol\AppData\Local\AMD_Common
2025-04-29 20:45 - 2022-12-02 16:07 - 000002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-28 19:13 - 2025-03-10 13:59 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-400773837-108167856-4107033148-1001
2025-04-28 19:13 - 2025-03-10 13:59 - 000003540 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-400773837-108167856-4107033148-1001
2025-04-28 19:13 - 2025-03-10 13:59 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-28 19:13 - 2023-05-10 20:48 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-28 19:13 - 2023-05-10 15:52 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-27 20:50 - 2025-03-10 13:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-25 20:59 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-25 20:55 - 2025-03-10 16:13 - 000898794 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-25 20:55 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-25 20:51 - 2022-12-02 16:01 - 000000000 ____D C:\Users\robol\AppData\Local\D3DSCache
2025-04-25 20:48 - 2025-03-10 13:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-25 20:48 - 2025-03-10 13:58 - 000001168 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-25 20:48 - 2023-08-07 18:11 - 000000000 ____D C:\Program Files\TeamViewer
2025-04-25 20:48 - 2022-11-25 00:52 - 001180016 _____ () C:\WINDOWS\system32\wpbbin.exe
2025-04-25 20:48 - 2022-11-25 00:52 - 001132000 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2025-04-25 20:48 - 2022-11-24 01:23 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-25 16:58 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-25 16:57 - 2025-03-10 13:57 - 000472728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-25 16:57 - 2025-03-10 10:22 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-25 16:57 - 2024-04-01 18:35 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-04-25 16:57 - 2024-04-01 18:35 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-04-25 16:57 - 2024-04-01 18:34 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-25 16:57 - 2024-04-01 18:34 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-25 16:57 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-25 16:57 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-25 16:57 - 2023-03-09 14:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-04-25 16:22 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-04-25 15:44 - 2025-03-10 13:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-04-25 15:44 - 2023-03-09 14:01 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-04-24 20:35 - 2025-03-10 13:58 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-16 21:27 - 2025-03-13 22:22 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-04-14 21:19 - 2023-05-10 15:50 - 000000000 ____D C:\Program Files\Microsoft Office
2025-04-13 12:09 - 2022-12-02 16:29 - 000000000 ____D C:\Users\robol\AppData\Local\Steam
2025-04-10 20:40 - 2022-11-24 01:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-07 22:26 - 2025-03-10 13:59 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-07 22:26 - 2025-03-10 13:59 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2022-12-02 16:13 - 2022-12-03 11:10 - 000007601 _____ () C:\Users\robol\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2025
Ran by robol (04-05-2025 12:41:32)
Running from C:\Users\robol\Downloads
Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) (2025-03-10 14:08:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-400773837-108167856-4107033148-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-400773837-108167856-4107033148-503 - Limited - Disabled)
Guest (S-1-5-21-400773837-108167856-4107033148-501 - Limited - Disabled)
robol (S-1-5-21-400773837-108167856-4107033148-1001 - Administrator - Enabled) => C:\Users\robol
WDAGUtilityAccount (S-1-5-21-400773837-108167856-4107033148-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 25.001.20474 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.134 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 7.02.13.148 - Advanced Micro Devices, Inc.)
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.126 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\{64763D96-BC41-442A-A10F-4C9EF1783BCB}) (Version: 24.30.25071.1901 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.9 - Advanced Micro Devices, Inc.) Hidden
AMD Product Verification Tool version 1.0.6.4 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.6.4 - AMD)
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.38.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 25.3.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{2716aa5a-0535-4e2a-af04-f4e5468df2f8}) (Version: 7.02.13.148 - Advanced Micro Devices, Inc.) Hidden
Armoury Crate Service (HKLM\...\Armoury Crate Service) (Version: 6.1.13 - ASUSTeK COMPUTER INC.)
ASUS Ambient HAL (HKLM\...\{445BE52E-2D73-48A8-9A26-9AF1DF723B2A}) (Version: 5.7.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{a2655ba1-28b2-480c-9ba7-350b9a16d2f4}) (Version: 5.7.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.05.04 - ASUSTeK COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.2.0.4 - ASUSTeK Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.131 - ASUSTeK Computer Inc.) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.45 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.45 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.08.09 - ASUSTeK COMPUTER INC.) Hidden
AURA Service (HKLM-x32\...\{8ddfb8e9-c558-489a-951c-6595b08db6d3}) (Version: 3.08.09 - ASUSTeK COMPUTER INC.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.35 - Piriform)
CPUID HWMonitor 1.51 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.51 - CPUID, Inc.)
Cyberpunk 2077 (HKLM-x32\...\Cyberpunk 2077_is1) (Version: 0.0.0 - DODI-Repacks)
Diablo Immortal (HKLM-x32\...\Diablo Immortal) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.)
Eightcap MetaTrader 4 (HKLM-x32\...\Eightcap MetaTrader 4) (Version: 4.00 - MetaQuotes Ltd.)
Epic Games Launcher (HKLM-x32\...\{AA85EF40-193C-42D2-898C-2C4E7713DF4F}) (Version: 1.3.80.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
FACEIT (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\FACEIT) (Version: 1.31.12 - FACEIT Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{79B7A817-AEB4-48A0-B8C5-7DA335D166FA}) (Version: 5.55.1142.0 - Futuremark)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 136.0.7103.48 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 5.2.11.183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.11.183 - Malwarebytes)
MetaTrader (HKLM\...\MetaTrader) (Version: 5.00 - MetaQuotes Ltd.)
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Ltd.)
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 136.0.3240.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.98 - Microsoft Corporation) Hidden
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.21017 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - sk-sk (HKLM\...\ProPlus2021Volume - sk-sk) (Version: 16.0.14332.21017 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.060.0330.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\Teams) (Version: 1.6.00.11166 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 137.0.2 (x64 sk)) (Version: 137.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 110.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.21017 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.21017 - Microsoft Corporation) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.3.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9088.1 - Realtek Semiconductor Corp.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 3.0.19.0 - ASUSTek COMPUTER INC.)
RyzenMasterSDK (HKLM\...\{EA69F3F4-94A3-4B3D-8A87-08C1D6ED87B4}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Shadow Of The Tomb Raider (HKLM-x32\...\{96F650BA-50B7-4E7B-B026-8C847F45ED92}_is1) (Version: - SQUARENIX)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.44.5 - TeamViewer)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
UE Prerequisites (x64) (HKLM\...\{90BFD504-ACB6-4FC9-9BA5-964FA4CB76C0}) (Version: 1.0.18.0 - Epic Games, Inc.) Hidden
UE Prerequisites (x64) (HKLM-x32\...\{2c4a7cc2-986f-41a8-a4d3-86c8177f87cf}) (Version: 1.0.18.0 - Epic Games, Inc.) Hidden
WinRAR 6.11 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
xStation5 (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\xStation5) (Version: 2.41.1-Build4 - XTB)
Zoom (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\ZoomUMX) (Version: 5.16.10 (26186) - Zoom Video Communications, Inc.)

Chrome apps:
============
Currency Strength Meter (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\8af7c8d13a8a7d3622225bd44c3d81b7) (Version: 1.0 - Google\Chrome)
CurrencyStrengthMeter (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\6f96964f9f4905a62fca70569f6691bc) (Version: 1.0 - Google\Chrome)
Eaconomy Calibrate Academy (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\be94e742762bfc01b7b7226a90eb9099) (Version: 1.0 - Google\Chrome)
Economic Calendar - Investing.com (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\2c2f7c7d314ce5f304944b7825d137b1) (Version: 1.0 - Google\Chrome)
Elevate your option trading with striking charts and visuals (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\29eb92b82be0524b1cf3723ee9c2064c) (Version: 1.0 - Google\Chrome)
Home | Eaconomy (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\4984671d46ed56164b9ee81f5905ff94) (Version: 1.0 - Google\Chrome)
Home | Eaconomy (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\b33011b6462537cbdd9aeac919c01572) (Version: 1.0 - Google\Chrome)
Linktree | The Only Link You'll Ever Need (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\b6e560344c7101785a52b21c5f17e340) (Version: 1.0 - Google\Chrome)
ManaraFX Scanner (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\3630b0e4a65654d6cb8d8c34922754c3) (Version: 1.0 - Google\Chrome)
Order flow & Footprint | TradeCamp (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\d0c3895df83f4c32254fb8066726d534) (Version: 1.0 - Google\Chrome)
Telegram Web (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\3c8f4e030490669c74fde9b27a77e967) (Version: 1.0 - Google\Chrome)
The RoboForex Members (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\b1897f84eec4be355b220378f82256ca) (Version: 1.0 - Google\Chrome)
Trhy (HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\15d638ea78f8d2da250b47acaa9cc2d4) (Version: 1.0 - Google\Chrome)

Packages:
=========
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2025-03-13] (Advanced Micro Devices Inc.)
Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2025-03-10] (Sparse Package)
Armoury Crate -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.1.13.0_x64__qmba6cd70vzyy [2025-03-10] (ASUSTeK COMPUTER INC.)
Balík pre prostredie funkcií Windowsu -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-25] (Microsoft Windows)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-10] (Disney)
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.23306.1292.0_x64__8wekyb3d8bbwe [2025-02-12] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-17] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20331.573.0_x64__8wekyb3d8bbwe [2025-04-11] (Microsoft Corporation)
Microsoft.D3DMappingLayers -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2409.2.0_x64__8wekyb3d8bbwe [2024-09-19] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-25] (Microsoft Corporation)
Minecraft Education -> C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.21.1000.0_x64__8wekyb3d8bbwe [2025-04-23] (Microsoft Studios)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0 [2025-04-25] (Spotify AB) [Startup Task]
TradingView -> C:\Program Files\WindowsApps\TradingView.Desktop_2.9.3.6573_x64__n534cwy3pjxzj [2024-11-06] (TradingView, Inc.) [Startup Task]
WinRAR -> C:\Program Files\WinRAR [2022-12-05] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-400773837-108167856-4107033148-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-03-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.060.0330.0003\FileSyncShell64.dll [2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-03-13] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\robol\Desktop\Currency Strength Meter.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=imilfcjiegobdfmcjhggeaffabimmhnk
ShortcutWithArgument: C:\Users\robol\Desktop\CurrencyStrengthMeter.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=emgnocmkolimiabedpbmaejfffljemfi
ShortcutWithArgument: C:\Users\robol\Desktop\Eaconomy Calibrate Academy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ljnlpecenmidmmbejjpninoffpfcbjfe
ShortcutWithArgument: C:\Users\robol\Desktop\Economic Calendar - Investing.com.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hdfenpcippepnjbejbdlkpmdnnncaehd
ShortcutWithArgument: C:\Users\robol\Desktop\Elevate your option trading with striking charts and visuals.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ciefkdfeenlihnnaienggbolhiebojeo
ShortcutWithArgument: C:\Users\robol\Desktop\Home Eaconomy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nfcfpabikcllngcphnhncjbggiabogoi
ShortcutWithArgument: C:\Users\robol\Desktop\ManaraFX Scanner.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ijmfakognlineojdkpkaeacfefokfehg
ShortcutWithArgument: C:\Users\robol\Desktop\OneVision.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nejfceaihggkdbcknkhjhepfcamkkiph
ShortcutWithArgument: C:\Users\robol\Desktop\Order flow & Footprint TradeCamp.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eddoiffhfkkccohbkdlkigpjegjjidlf
ShortcutWithArgument: C:\Users\robol\Desktop\Telegram Web.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ibblmnobmgdmpoeblocemifbpglakpoi
ShortcutWithArgument: C:\Users\robol\Desktop\The RoboForex Members.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpfeacidpdbfkhfpccjgcedljfoeiioc
ShortcutWithArgument: C:\Users\robol\Desktop\Trhy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gfppnpijbimhnmdnidcoglgdedemaecj
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nfcfpabikcllngcphnhncjbggiabogoi\Home Eaconomy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nfcfpabikcllngcphnhncjbggiabogoi
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nejfceaihggkdbcknkhjhepfcamkkiph\Linktree The Only Link You'll Ever Need.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nejfceaihggkdbcknkhjhepfcamkkiph
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mpfeacidpdbfkhfpccjgcedljfoeiioc\The RoboForex Members.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpfeacidpdbfkhfpccjgcedljfoeiioc
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mblapikjlnhkpfgmdahdicnohejjcejn\Home Eaconomy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mblapikjlnhkpfgmdahdicnohejjcejn
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ljnlpecenmidmmbejjpninoffpfcbjfe\Eaconomy Calibrate Academy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ljnlpecenmidmmbejjpninoffpfcbjfe
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_imilfcjiegobdfmcjhggeaffabimmhnk\Currency Strength Meter.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=imilfcjiegobdfmcjhggeaffabimmhnk
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ijmfakognlineojdkpkaeacfefokfehg\ManaraFX Scanner.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ijmfakognlineojdkpkaeacfefokfehg
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ibblmnobmgdmpoeblocemifbpglakpoi\Telegram Web.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ibblmnobmgdmpoeblocemifbpglakpoi
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hdfenpcippepnjbejbdlkpmdnnncaehd\Economic Calendar - Investing.com.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hdfenpcippepnjbejbdlkpmdnnncaehd
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_gfppnpijbimhnmdnidcoglgdedemaecj\Trhy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gfppnpijbimhnmdnidcoglgdedemaecj
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_emgnocmkolimiabedpbmaejfffljemfi\CurrencyStrengthMeter.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=emgnocmkolimiabedpbmaejfffljemfi
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_eddoiffhfkkccohbkdlkigpjegjjidlf\Order flow & Footprint TradeCamp.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eddoiffhfkkccohbkdlkigpjegjjidlf
ShortcutWithArgument: C:\Users\robol\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ciefkdfeenlihnnaienggbolhiebojeo\Elevate your option trading with striking charts and visuals.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ciefkdfeenlihnnaienggbolhiebojeo
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Currency Strength Meter.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=imilfcjiegobdfmcjhggeaffabimmhnk
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\CurrencyStrengthMeter.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=emgnocmkolimiabedpbmaejfffljemfi
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Eaconomy Calibrate Academy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ljnlpecenmidmmbejjpninoffpfcbjfe
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Economic Calendar - Investing.com.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hdfenpcippepnjbejbdlkpmdnnncaehd
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Elevate your option trading with striking charts and visuals.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ciefkdfeenlihnnaienggbolhiebojeo
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Home Eaconomy (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nfcfpabikcllngcphnhncjbggiabogoi
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Home Eaconomy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mblapikjlnhkpfgmdahdicnohejjcejn
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Linktree The Only Link You'll Ever Need.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nejfceaihggkdbcknkhjhepfcamkkiph
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\ManaraFX Scanner.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ijmfakognlineojdkpkaeacfefokfehg
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Order flow & Footprint TradeCamp.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eddoiffhfkkccohbkdlkigpjegjjidlf
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Telegram Web.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ibblmnobmgdmpoeblocemifbpglakpoi
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\The RoboForex Members.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpfeacidpdbfkhfpccjgcedljfoeiioc
ShortcutWithArgument: C:\Users\robol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Trhy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gfppnpijbimhnmdnidcoglgdedemaecj

==================== Loaded Modules (Whitelisted) =============

2025-03-10 16:20 - 2024-07-03 16:49 - 000346112 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\@img\sharp-win32-ia32\lib\sharp-win32-ia32.node
2025-03-10 16:20 - 2024-08-13 15:58 - 000449536 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2024-11-06 10:35 - 2024-12-03 22:40 - 005378048 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-11-06 10:35 - 2024-12-03 22:40 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-11-06 10:35 - 2024-12-03 22:40 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-11-06 10:35 - 2024-12-03 22:40 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-11-06 10:35 - 2024-12-03 22:40 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-11-06 10:35 - 2024-12-03 22:40 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\robol\Downloads\adwcleaner (1).exe:MBAM.Zone.Identifier [284]
AlternateDataStreams: C:\Users\robol\Downloads\ccsetup633.exe:MBAM.Zone.Identifier [215]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-400773837-108167856-4107033148-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\robol\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: Intel(R) Ethernet Controller (3) I225-V -> e2fn.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-400773837-108167856-4107033148-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{440C64F9-58A1-4588-A7F6-146F79B72393}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{048C7738-7E0A-453F-AE39-E17A336B705F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B083DA55-B1E5-437A-8CE5-EE2919C807C9}] => (Allow) C:\Program Files\MetaTrader\metatester64.exe (MetaQuotes Ltd -> MetaQuotes Ltd.)
FirewallRules: [{8DCD1749-DC25-4F9F-9394-39AEF2758A28}] => (Allow) C:\Users\robol\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{FA31260C-4041-44BF-9537-DB4E6E673F80}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{DE89B94A-FE6C-42E9-B5C2-7BDD24537392}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{803BEDBC-1E5D-4A5D-A461-CAD10463B724}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D3A88374-F5B3-4DC7-955A-4A5795610871}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2350BD88-3F29-4957-8470-44BAD442E1AF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{57225EBB-D2C2-4A09-94D1-AC81E0D38C33}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{800A2CFD-4B71-444C-B190-DE461C3CD1FF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4F845336-1DFE-4182-967D-1DF0FDFC9B0C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1200D8D4-304B-489A-A727-FCCD9FC8D7DE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{347AF302-4558-4BFB-9665-622AAE26C426}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{C4FCCD8A-0CD0-4C9D-9E7C-827174ECA724}C:\program files\epic games\ue_5.2\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.2\engine\binaries\win64\unrealeditor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{68005278-F3F9-4E9D-9CB4-D90142735214}C:\program files\epic games\ue_5.2\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.2\engine\binaries\win64\unrealeditor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1B48A48E-B55E-41EF-B9D3-2638C0C7225D}C:\users\robol\appdata\local\unrealengine\common\unrealtrace\bin\0001000d\unrealtraceserver.exe] => (Allow) C:\users\robol\appdata\local\unrealengine\common\unrealtrace\bin\0001000d\unrealtraceserver.exe (Epic Games Inc. -> Epic Games)
FirewallRules: [TCP Query User{9E1B417B-5560-482D-A100-A17AD2D914AA}C:\users\robol\appdata\local\unrealengine\common\unrealtrace\bin\0001000d\unrealtraceserver.exe] => (Allow) C:\users\robol\appdata\local\unrealengine\common\unrealtrace\bin\0001000d\unrealtraceserver.exe (Epic Games Inc. -> Epic Games)
FirewallRules: [UDP Query User{A5758AE3-48B8-468B-9F79-0B1E89F9BDFE}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F976A48E-6610-4376-80CB-75A9B935843F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C733FEF9-C857-4589-A1FB-15A59EBAF19A}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{2150EFA7-6B60-4249-9E58-65A5D486B444}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{27F5F8E2-A3A5-4378-8E87-F185BBB6C7B2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5046800D-E522-4006-8D89-C3E7ABE3DFA4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97139DC8-07C9-4361-BA19-EC8B67BEB1F4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B14E30B-4E9F-4464-9B0D-66752B6BC8DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{BBE258F2-FF6A-4F59-9B35-DD1C2DAA1F21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{81DBE79B-DBFD-4230-8CED-FF41CF051E07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FEA531A0-47C5-40F5-8BEC-5554E2E6E678}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B6922A5C-FE74-4409-A5AF-4C88535071E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uncharted Legacy of Thieves Collection\u4.exe () [File not signed]
FirewallRules: [{09C0EBA9-87CD-475A-9072-F0E5A00FF115}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uncharted Legacy of Thieves Collection\u4.exe () [File not signed]
FirewallRules: [{04DF465D-8331-4A38-9C67-7172BD7FADC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life SDK\Hammer Editor\hammer.exe (Valve, L.L.C.) [File not signed]
FirewallRules: [{96AEADC1-E4F6-45B4-B5F8-8B320EB499AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life SDK\Hammer Editor\hammer.exe (Valve, L.L.C.) [File not signed]
FirewallRules: [UDP Query User{3A54D5ED-F50A-448F-8579-3D88ACB24B89}C:\program files (x86)\dodi-repacks\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\dodi-repacks\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{0324C7BF-7A13-44E9-BE72-A0F7646446BD}C:\program files (x86)\dodi-repacks\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\dodi-repacks\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{829A4A7F-0084-4087-8214-6723C2654A52}] => (Allow) C:\Users\robol\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{C527D002-D1D8-4419-96C5-34877EE5BB95}] => (Allow) C:\Users\robol\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{1216F898-963A-4051-ABCF-16FD8B6FB86A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{A02BF8F7-F3EA-4531-87C1-33B38F676313}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{98FF41E4-18E1-4DF2-8F95-3B5074D07FC5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{994EC639-BDD4-44BD-8D35-27632C272C1F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9A2E25D9-0321-4FB6-9E16-3F18208FDC3A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0D1A8A0B-C31E-4994-92C4-39249D01FB74}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F4F8E84F-D680-4D5C-BE93-5E3F2CD0A111}] => (Allow) C:\Users\robol\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{C6BB7885-ED87-4BA4-8310-D3EE47FF9F8E}] => (Allow) C:\Users\robol\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{D3C0CA21-95CC-4028-A55A-6128E1C1DC03}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{CF48928A-CB02-46B8-B027-FBEF0D656782}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{BFD40A4E-E783-41DB-AA84-3D7674FB8D4F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{A2A91F93-258D-4561-B17C-4B52ABD4536A}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{A24A36E2-63C5-4428-BBA3-04DCFE50183D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{1B033A2E-6E8D-4AA8-A626-0FC9FBD87039}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{ED7344C8-FD53-4356-B32A-EAA0374B2683}] => (Allow) C:\program files\asus\aacambienthal\aacambientlighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{F736C0EF-8646-4949-BC29-60EBCDA72E49}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25031.805.3440.5290_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FE683EF2-AC06-4DDF-886C-F0670C8642F9}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25031.805.3440.5290_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{57674CB1-DC0E-4790-9E32-8E609E0442DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.21.1000.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{84ED8D18-572D-4D23-97E3-D792D00F8147}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.21.1000.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{70A3A100-99B0-4660-A4B2-17EED5B95057}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25108.501.3586.7144_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF31488F-9518-4240-BAC4-FFEA91721526}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25108.501.3586.7144_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E881210-A547-40EB-9368-32A27C50240D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D397EE93-C6A5-4125-9BBC-BC9B8B98B94C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{03187484-0720-48CC-99F8-6958D1CA01F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B8D8BECF-054C-4CEC-82E1-F30AB2EEE3DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4BD5648E-705E-4019-AD13-71DAF4CB6BFE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3AD0B79B-A81F-4EC6-A600-BA84F3F55593}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A82B865F-DE22-45C8-BE51-0E0768C3B5F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8FF2D18D-213C-47A6-B04B-0B17DB7360D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FD19253D-EFA9-4FCA-8556-CB3A4CAD8C23}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{11A93F53-0021-4CC3-ACDC-623733E5972F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8E8E4637-AA97-461C-A93F-F192CB678A70}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.98\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{594C91AE-F97A-490D-8E50-D123D8ED1DDC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-04-2025 20:51:14 Windows Update
29-04-2025 20:51:14 Windows Update
29-04-2025 20:51:16 Windows Update
29-04-2025 20:51:26 Windows Update
04-05-2025 12:25:17 Windows Update
04-05-2025 12:25:17 Windows Update
04-05-2025 12:25:18 Windows Update
04-05-2025 12:25:20 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/28/2025 07:53:09 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program chrome.exe version 134.0.6998.166 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (03/14/2025 03:30:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..

Error: (03/14/2025 03:30:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]

Error: (03/14/2025 12:08:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service AVG Tools since QueryServiceConfig API failed

System Error:
The system cannot find the file specified..

Error: (03/14/2025 12:08:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service AVG Antivirus since QueryServiceConfig API failed

System Error:
The system cannot find the file specified..

Error: (03/14/2025 12:08:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service avgbIDSAgent since QueryServiceConfig API failed

System Error:
The system cannot find the file specified..

Error: (03/14/2025 12:08:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service AVG Firewall Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified..

Error: (03/14/2025 12:08:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary avgSP.

System Error:
The system cannot find the file specified..


System errors:
=============
Error: (05/04/2025 12:25:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9PC1H9VN18CM-Microsoft.StartExperiencesApp.

Error: (05/04/2025 12:18:59 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/02/2025 07:02:40 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/01/2025 08:53:15 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/01/2025 09:48:30 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (04/30/2025 04:57:12 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (04/29/2025 08:53:15 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (04/29/2025 08:45:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.


Windows Defender:
================
Date: 2025-05-01 22:37:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-29 22:16:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-28 21:43:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-16 21:56:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-15 22:55:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]

Date: 2025-03-10 15:08:38
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0

Date: 2025-03-10 12:59:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Backup
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.423.310.0;1.423.310.0
Engine Version: 1.1.25010.7

Date: 2025-03-10 12:59:30
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0

CodeIntegrity:
===============
Date: 2025-03-28 18:52:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2025-03-28 18:51:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2803 04/27/2022
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B550-F GAMING
Processor: AMD Ryzen 9 5900X 12-Core Processor
Percentage of memory in use: 26%
Total physical RAM: 32680.05 MB
Available physical RAM: 23865.91 MB
Total Virtual: 34728.05 MB
Available Virtual: 22372.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.42 GB) (Free:201.56 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS

\\?\Volume{ea1e7ea2-c458-491e-87c1-375a555a8bfc}\ () (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{8624635f-3666-4b08-b21d-bab20639de29}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {7CF17F27-6421-4A27-A65D-2488D0DA79D9} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {8E1D0C1E-E7E3-47C1-82B4-28D64C726C2B} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => %WINDIR%\system32\SecureBootEncodeUEFI.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {BA183C2E-B1BB-4DC6-9F9C-380337BD7EBB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-400773837-108167856-4107033148-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File) <==== ATTENTION
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ATTENTION
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\robol\Downloads\adwcleaner (1).exe:MBAM.Zone.Identifier [284]
AlternateDataStreams: C:\Users\robol\Downloads\ccsetup633.exe:MBAM.Zone.Identifier [215]
FirewallRules: [{8B14E30B-4E9F-4464-9B0D-66752B6BC8DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{BBE258F2-FF6A-4F59-9B35-DD1C2DAA1F21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{829A4A7F-0084-4087-8214-6723C2654A52}] => (Allow) C:\Users\robol\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{C527D002-D1D8-4419-96C5-34877EE5BB95}] => (Allow) C:\Users\robol\AppData\Roaming\uTorrent Web\utweb.exe => No File

EmptyTemp:
End

Uložte do C:\Users\robol\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[brissixx]

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-05-2025
Ran by robol (04-05-2025 21:51:06) Run:2
Running from C:\Users\robol\Downloads
Loaded Profiles: robol
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {7CF17F27-6421-4A27-A65D-2488D0DA79D9} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {8E1D0C1E-E7E3-47C1-82B4-28D64C726C2B} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => %WINDIR%\system32\SecureBootEncodeUEFI.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {BA183C2E-B1BB-4DC6-9F9C-380337BD7EBB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-400773837-108167856-4107033148-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File) <==== ATTENTION
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ATTENTION
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\robol\Downloads\adwcleaner (1).exe:MBAM.Zone.Identifier [284]
AlternateDataStreams: C:\Users\robol\Downloads\ccsetup633.exe:MBAM.Zone.Identifier [215]
FirewallRules: [{8B14E30B-4E9F-4464-9B0D-66752B6BC8DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{BBE258F2-FF6A-4F59-9B35-DD1C2DAA1F21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{829A4A7F-0084-4087-8214-6723C2654A52}] => (Allow) C:\Users\robol\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{C527D002-D1D8-4419-96C5-34877EE5BB95}] => (Allow) C:\Users\robol\AppData\Roaming\uTorrent Web\utweb.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7CF17F27-6421-4A27-A65D-2488D0DA79D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CF17F27-6421-4A27-A65D-2488D0DA79D9}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS\P508PowerAgent_sdk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8E1D0C1E-E7E3-47C1-82B4-28D64C726C2B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E1D0C1E-E7E3-47C1-82B4-28D64C726C2B}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PI\SecureBootEncodeUEFI" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27CE9D59-9D48-4D29-99BC-64657AEBA494}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27CE9D59-9D48-4D29-99BC-64657AEBA494}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA183C2E-B1BB-4DC6-9F9C-380337BD7EBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA183C2E-B1BB-4DC6-9F9C-380337BD7EBB}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-400773837-108167856-4107033148-500 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-400773837-108167856-4107033148-500" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz158 => removed successfully
cpuz158 => service removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\robol\Downloads\adwcleaner (1).exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\Users\robol\Downloads\ccsetup633.exe => ":MBAM.Zone.Identifier" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B14E30B-4E9F-4464-9B0D-66752B6BC8DC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BBE258F2-FF6A-4F59-9B35-DD1C2DAA1F21}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{829A4A7F-0084-4087-8214-6723C2654A52}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C527D002-D1D8-4419-96C5-34877EE5BB95}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39343082 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 606562245 B
Windows/system/drivers => 96705034 B
Edge => 0 B
Chrome => 696652387 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 24 B
systemprofile32 => 24 B
LocalService => 19554 B
NetworkService => 55750 B
robol => 10896747 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-05-2025 21:52:16)

C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 21:52:16 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[brissixx]

Žiaľ nie, furt tak ťažkopádne otvára tie stránky, ako keby bola plná pamäť a spomaľuje sa, ale s pamäťou je všetko OK.

[Rudy]

OK. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe https://sdilej.cz/29519076/zoek.rar a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[brissixx]

Veľmi dlhé boli logy, nevedel som ich sem postnúť, preto som ich dal do príloh ako .rar

Po prečistení zoekom, všetko fahčí ako po starom.

Ďakujem pekne!

[Rudy]

OK. Jsem rád, že to pomohlo!