extrémně pomalý notebook
Napsal: 13 říj 2025 07:47
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2025
Ran by Master (administrator) on DESKTOP-3L8K71M (ASUSTeK Computer Inc. K53U) (13-10-2025 08:24:29)
Running from C:\Users\Master\Desktop\FRST64.exe
Loaded Profiles: Master
Platform: Microsoft Windows 10 Home Version 1803 17134.1304 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe ->) (Advanced Micro Devices, Inc -> AMD Inc.) C:\AMD\Packages\Apps\Radeon-Crimson-ReLive-17.2.1-atiprw-64bit-170228.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.1120_none_c3e5cafe697124bd\TiWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\WINDOWS\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\IppMon: C:\WINDOWS\system32\IPPMon.dll [251392 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.77\Installer\chrmstp.exe [2025-10-12] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {82157F60-7774-4AB4-9613-8E91CE9CCBE5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {60FEC45A-5A9C-4D0D-9D62-0416BC33CC4E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {B8FEE6BF-81E5-4F46-93FF-6A543E628C04} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [10219208 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D75B1E88-EADF-4487-B621-0F56A0B0B466} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem142.0.7416.0{FD5CFDBF-BD2D-445B-B537-3AD360376BAD} => C:\Program Files (x86)\Google\GoogleUpdater\142.0.7416.0\updater.exe [5990040 2025-09-15] (Google LLC -> Google LLC)
Task: {87D61C02-24C7-4347-AB21-FA61DE5D84BD} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => %ProgramFiles%\CUAssistant\culauncher.exe (No File)
Task: {579678A5-3A48-47CD-B211-026CE167EA57} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [146546848 2023-05-09] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\/EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7"
Task: {19286845-494C-4F1F-B0DA-1B45FFD7432F} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => %windir%\system32\EOSNotify.exe (No File)
Task: {D4B3B0C7-176B-4398-8F16-A55A304F2B2E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F94456C-3310-474B-9C04-4BB5DA2A1E68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {34D522EF-116A-485D-80DA-EA2CDB0B5612} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E715CD47-2BCD-4304-A766-C5FF64DA7265} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16955E34-7CF1-4CCA-BE2C-0E2201C12DD6} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1401769241-3299568983-1132051391-1002 => C:\Users\Master\AppData\Local\Microsoft\OneDrive\25.174.0907.0003\OneDriveLauncher.exe [725880 2025-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7488110B-07B4-4ADF-B135-1F800473B237} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {EE8E4905-A404-4BBF-8260-BB80B549887B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {A85841AF-7AF5-472B-B48B-F3434444C562} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.13 192.168.0.1
Tcpip\..\Interfaces\{ebe19f03-2651-4815-b275-0d4eca7cb943}: [DhcpNameServer] 192.168.0.13 192.168.0.1
Tcpip\..\Interfaces\{ebe19f03-2651-4815-b275-0d4eca7cb943}: [DhcpDomain] tesort.local
Tcpip\..\Interfaces\{ebe19f03-2651-4815-b275-0d4eca7cb943}\F423D294E6475627E65647D2039323: [DhcpNameServer] 10.0.0.138
Edge:
=======
DownloadDir: C:\Users\Master\Downloads
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1401769241-3299568983-1132051391-1002: @nsroblox.roblox.com/launcher -> C:\Users\Master\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy.dll [2012-12-31] (Roblox Corporation -> ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1401769241-3299568983-1132051391-1002: @nsroblox.roblox.com/launcher64 -> C:\Users\Master\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy64.dll [2012-12-31] ( ROBLOX Corporation) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default [2025-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-10-12]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 MpKslf60598c3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{57CB334E-DB27-4119-AB6D-A4DF7E784D1E}\MpKslDrv.sys [50592 2025-10-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-20] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-13 08:24 - 2025-10-13 08:29 - 000013029 _____ C:\Users\Master\Desktop\FRST.txt
2025-10-13 08:23 - 2025-10-13 08:27 - 000000000 ____D C:\FRST
2025-10-13 08:20 - 2025-10-13 08:21 - 002442752 _____ (Farbar) C:\Users\Master\Desktop\FRST64.exe
2025-10-12 18:17 - 2025-10-12 18:17 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-10-12 18:17 - 2025-10-12 18:17 - 000000000 ____D C:\Users\Master\AppData\Local\Google
2025-10-12 18:16 - 2025-10-12 18:16 - 000000000 ____D C:\Program Files\Google
2025-10-12 18:11 - 2025-10-12 18:14 - 000000000 ____D C:\Program Files (x86)\chrome_url_fetcher_7880_677588908
2025-10-12 18:11 - 2025-10-12 18:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2025-10-12 18:11 - 2025-10-12 18:11 - 000000000 ____D C:\Program Files (x86)\Google
2025-10-12 17:54 - 2025-10-12 17:54 - 000003578 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1401769241-3299568983-1132051391-1002
2025-10-12 17:46 - 2025-10-12 17:46 - 000000000 ____D C:\Program Files (x86)\chrome_url_fetcher_7608_285576302
2025-10-12 17:44 - 2025-10-12 17:44 - 010869176 _____ (Google LLC) C:\Users\Master\Downloads\ChromeSetup (2).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-13 08:30 - 2018-09-02 23:53 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-10-13 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-10-13 08:29 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-13 08:23 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2025-10-13 08:21 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-13 07:56 - 2016-05-05 15:00 - 000000000 ____D C:\Users\Master\AppData\Local\Packages
2025-10-13 07:52 - 2018-09-02 23:53 - 000004214 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E92B2DEA-D647-4A4A-88C4-5594C5AB709C}
2025-10-13 07:48 - 2019-05-27 10:47 - 000000000 ____D C:\Users\Master\AppData\Roaming\Microsoft\Excel
2025-10-12 18:27 - 2023-05-14 13:10 - 000000000 ____D C:\Users\Master\AppData\Local\D3DSCache
2025-10-12 18:03 - 2018-09-02 23:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-10-12 18:02 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-10-12 17:54 - 2022-01-07 15:15 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1401769241-3299568983-1132051391-1002
2025-10-12 17:54 - 2020-10-30 12:16 - 000002386 _____ C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-12 17:54 - 2018-09-02 23:53 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1401769241-3299568983-1132051391-1002
==================== Files in the root of some directories ========
2025-10-12 17:44 - 2025-10-12 18:17 - 000125552 _____ () C:\Program Files\chrome_installer.log
2017-04-30 21:25 - 2017-04-30 21:25 - 007649280 _____ () C:\Program Files (x86)\GUT2575.tmp
2017-04-30 07:31 - 2017-04-30 07:31 - 007649280 _____ () C:\Program Files (x86)\GUTBB38.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2025
Ran by Master (13-10-2025 08:33:56)
Running from C:\Users\Master\Desktop
Microsoft Windows 10 Home Version 1803 17134.1304 (X64) (2018-09-02 21:55:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1401769241-3299568983-1132051391-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1401769241-3299568983-1132051391-503 - Limited - Disabled)
Guest (S-1-5-21-1401769241-3299568983-1132051391-501 - Limited - Disabled)
Master (S-1-5-21-1401769241-3299568983-1132051391-1002 - Administrator - Enabled) => C:\Users\Master
WDAGUtilityAccount (S-1-5-21-1401769241-3299568983-1132051391-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\{F389A14F-B924-E628-4E4F-8D93AFB0215F}) (Version: 9.0.000.1 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.77 - Google LLC)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\...\OneDriveSetup.exe) (Version: 25.174.0907.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
ROBLOX Player for Master (HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8F2D6CEB-BC98-4B69-A5C1-78BED238FE77}) (Version: 2.71.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-18] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-04-05] (Microsoft Studios) [MS Ad]
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-15] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-15] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.0.0_x86__wgeqdkkx372wm [2021-12-02] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1401769241-3299568983-1132051391-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Master\AppData\Local\Microsoft\OneDrive\25.174.0907.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1401769241-3299568983-1132051391-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Master\AppData\Local\Microsoft\OneDrive\25.174.0907.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1401769241-3299568983-1132051391-1002_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Master\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxProxy64.dll (ROBLOX Corporation) [File not signed]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-02-26 15:09 - 2016-02-26 15:09 - 000116736 _____ () [File not signed] C:\Program Files\AMD\CIM\Bin64\atiLog.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2024-06-20 17:17 - 2024-06-20 17:17 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\fe354aee070a5c24671fb5b439d5ef25\CCC.Implementation.ni.dll
2024-06-20 17:16 - 2024-06-20 17:16 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\5e7c2ec67f4802a0496778b9669fa1f1\CLI.Foundation.ni.dll
2025-04-21 13:37 - 2025-04-21 13:37 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\daa582ffd7786373cff6504d5949abc9\LOG.Foundation.Implementation.ni.dll
2024-06-20 17:13 - 2024-06-20 17:13 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\45af82cf7237f5afe91ddcff8877e3f5\LOG.Foundation.Private.ni.dll
2024-06-20 17:17 - 2024-06-20 17:17 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\54e522ff14510b63e649b70bf64eba6d\LOG.Foundation.Implementation.Private.ni.dll
2024-06-20 17:13 - 2024-06-20 17:13 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\9eb2d71ebb24d6715463428afb6388dd\LOG.Foundation.ni.dll
2024-06-20 17:17 - 2024-06-20 17:17 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\cca8e128d1767054443ed11f43ebd0b5\MOM.Foundation.ni.dll
2025-04-23 11:10 - 2025-04-23 11:10 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\85de6442b66b2325414cf20bf0ca87e3\MOM.Implementation.ni.dll
2024-06-20 17:15 - 2024-06-20 17:15 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\4cc1e5ec797407a8a1e52aa5e1001019\NEWAEM.Foundation.ni.dll
2015-08-21 22:06 - 2015-08-21 22:06 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2016-02-26 15:10 - 2016-02-26 15:10 - 001506304 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CIM\Bin64\DetectionManager.dll
2016-02-26 15:11 - 2016-02-26 15:11 - 001778176 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CIM\Bin64\InstallManager.dll
2016-02-26 15:10 - 2016-02-26 15:10 - 000388096 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CIM\Bin64\LanguageMgr.dll
2016-02-26 15:10 - 2016-02-26 15:10 - 000922624 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CIM\Bin64\PackageManager.dll
2015-08-31 11:35 - 2015-08-31 11:35 - 002377216 _____ (Apache Software Foundation) [File not signed] C:\Program Files\AMD\CIM\Bin64\xerces-c_2_6.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.13 - 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Qualcomm Atheros AR9285 Wireless Network Adapter -> athwnx.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
ms_irda: IrDA Protocol
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{27B78E46-6B05-45F0-9B6A-4327F5D03D5F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{9193A629-8B05-43F7-89CA-AA25FB5539FC}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{B9FAD539-D314-4875-AE96-D6205DA96C69}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{2BAD9C82-51DB-4C71-B6E3-3C6B5DD4E732}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{272D5BEC-3323-41E7-B917-E903D2DDE966}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [{1D3514EC-815F-4760-BC88-EBF70C3FB5D4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [TCP Query User{16E33BD6-F0F8-4D6F-93F8-F7855CFA3992}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [UDP Query User{E2AA3FED-ABEB-4959-AC3D-02177F0F2DF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [{A534C36A-D7A3-4C23-A7BF-979FC24D6BF8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{E0A8A269-7489-4866-A7BE-58C6A79EBBDD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [TCP Query User{91B9BE21-88DC-46F6-8993-480B586E906D}C:\users\master\downloads\anydesk.exe] => (Allow) C:\users\master\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{86960053-7199-466F-A1F8-CE47D8856831}C:\users\master\downloads\anydesk.exe] => (Allow) C:\users\master\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [{02460E7D-4934-4C24-B8D4-EF660A3FD329}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:106.64 GB) (Free:34.32 GB) (32%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/13/2025 08:06:15 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (10/13/2025 08:03:36 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (10/12/2025 06:29:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (10/12/2025 06:27:47 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (10/12/2025 06:26:45 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (09/05/2025 11:59:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17134.1276 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 106c
Čas spuštění: 01dc1e4aede03b5a
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: ad6c7e3f-5646-4ebc-8183-7ddc27697653
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (09/05/2025 11:55:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17134.1130 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 13d8
Čas spuštění: 01dc1e4b0c63e65c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: e3ef126f-96e5-4b74-9f64-dcc9014656a1
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy
ID aplikace související s balíčkem s chybou: App
Error: (06/20/2024 05:30:44 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
System errors:
=============
Error: (10/13/2025 08:42:17 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3L8K71M)
Description: Server {4BD3E4E1-7BD4-4A2B-9964-496400DE5193} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/13/2025 07:49:32 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F0F4B056-EF28-598B-BC18-492BDC50B73A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/13/2025 07:47:24 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F0F4B056-EF28-598B-BC18-492BDC50B73A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/13/2025 07:41:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/12/2025 06:08:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/12/2025 06:08:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/12/2025 06:06:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (10/12/2025 06:02:05 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Optimalizace doručení se po přijetí pokynu pro vypnutí neukončila správně.
Windows Defender:
================
Date: 2024-06-20 16:57:36.192
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {08F751D4-9993-4690-80D0-740AE4F2E010}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-08-18 15:15:21.487
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {55CC09CB-5D1C-46F1-8776-2E3D58C635F7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Date: 2020-07-06 20:49:09.147
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0F1A1060-7D2A-4EC1-AF8A-96E8052D36E9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Date: 2020-06-30 10:48:59.177
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66779B41-346B-4047-880A-5E50BC81A711}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Date: 2019-12-28 10:50:54.387
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0310F851-806B-4EBD-BF12-366DEF6A9A0E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Event[0]:
Date: 2023-09-19 07:38:00.997
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.147.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-09-09 17:22:43.822
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.147.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-09-09 17:22:43.798
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.147.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-05-09 16:33:14.262
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.3149.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-05-09 16:23:02.870
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.3149.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 210 05/12/2011
Motherboard: ASUSTeK Computer Inc. K53U
Processor: AMD C-50 Processor
Percentage of memory in use: 58%
Total physical RAM: 3691.71 MB
Available physical RAM: 1514.15 MB
Total Virtual: 4331.71 MB
Available Virtual: 1718.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:106.64 GB) (Free:34.31 GB) (Model: ST9320325AS) NTFS
Drive d: (nemazat!!!) (Fixed) (Total:190.67 GB) (Free:183.94 GB) (Model: ST9320325AS) NTFS
Drive f: (Traktor Simulator) (CDROM) (Total:1.24 GB) (Free:0 GB) UDF
\\?\Volume{a5135a6b-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS
\\?\Volume{a5135a6b-0000-0000-0000-f0be1a000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A5135A6B)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=106.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=190.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Děkuji za kontrolu
Ran by Master (administrator) on DESKTOP-3L8K71M (ASUSTeK Computer Inc. K53U) (13-10-2025 08:24:29)
Running from C:\Users\Master\Desktop\FRST64.exe
Loaded Profiles: Master
Platform: Microsoft Windows 10 Home Version 1803 17134.1304 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe ->) (Advanced Micro Devices, Inc -> AMD Inc.) C:\AMD\Packages\Apps\Radeon-Crimson-ReLive-17.2.1-atiprw-64bit-170228.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.1120_none_c3e5cafe697124bd\TiWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\WINDOWS\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\IppMon: C:\WINDOWS\system32\IPPMon.dll [251392 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.77\Installer\chrmstp.exe [2025-10-12] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {82157F60-7774-4AB4-9613-8E91CE9CCBE5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {60FEC45A-5A9C-4D0D-9D62-0416BC33CC4E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {B8FEE6BF-81E5-4F46-93FF-6A543E628C04} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [10219208 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D75B1E88-EADF-4487-B621-0F56A0B0B466} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem142.0.7416.0{FD5CFDBF-BD2D-445B-B537-3AD360376BAD} => C:\Program Files (x86)\Google\GoogleUpdater\142.0.7416.0\updater.exe [5990040 2025-09-15] (Google LLC -> Google LLC)
Task: {87D61C02-24C7-4347-AB21-FA61DE5D84BD} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => %ProgramFiles%\CUAssistant\culauncher.exe (No File)
Task: {579678A5-3A48-47CD-B211-026CE167EA57} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [146546848 2023-05-09] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\/EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7"
Task: {19286845-494C-4F1F-B0DA-1B45FFD7432F} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => %windir%\system32\EOSNotify.exe (No File)
Task: {D4B3B0C7-176B-4398-8F16-A55A304F2B2E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F94456C-3310-474B-9C04-4BB5DA2A1E68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {34D522EF-116A-485D-80DA-EA2CDB0B5612} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E715CD47-2BCD-4304-A766-C5FF64DA7265} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16955E34-7CF1-4CCA-BE2C-0E2201C12DD6} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1401769241-3299568983-1132051391-1002 => C:\Users\Master\AppData\Local\Microsoft\OneDrive\25.174.0907.0003\OneDriveLauncher.exe [725880 2025-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7488110B-07B4-4ADF-B135-1F800473B237} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {EE8E4905-A404-4BBF-8260-BB80B549887B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {A85841AF-7AF5-472B-B48B-F3434444C562} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.13 192.168.0.1
Tcpip\..\Interfaces\{ebe19f03-2651-4815-b275-0d4eca7cb943}: [DhcpNameServer] 192.168.0.13 192.168.0.1
Tcpip\..\Interfaces\{ebe19f03-2651-4815-b275-0d4eca7cb943}: [DhcpDomain] tesort.local
Tcpip\..\Interfaces\{ebe19f03-2651-4815-b275-0d4eca7cb943}\F423D294E6475627E65647D2039323: [DhcpNameServer] 10.0.0.138
Edge:
=======
DownloadDir: C:\Users\Master\Downloads
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1401769241-3299568983-1132051391-1002: @nsroblox.roblox.com/launcher -> C:\Users\Master\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy.dll [2012-12-31] (Roblox Corporation -> ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1401769241-3299568983-1132051391-1002: @nsroblox.roblox.com/launcher64 -> C:\Users\Master\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy64.dll [2012-12-31] ( ROBLOX Corporation) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default [2025-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-10-12]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 MpKslf60598c3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{57CB334E-DB27-4119-AB6D-A4DF7E784D1E}\MpKslDrv.sys [50592 2025-10-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-20] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-13 08:24 - 2025-10-13 08:29 - 000013029 _____ C:\Users\Master\Desktop\FRST.txt
2025-10-13 08:23 - 2025-10-13 08:27 - 000000000 ____D C:\FRST
2025-10-13 08:20 - 2025-10-13 08:21 - 002442752 _____ (Farbar) C:\Users\Master\Desktop\FRST64.exe
2025-10-12 18:17 - 2025-10-12 18:17 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-10-12 18:17 - 2025-10-12 18:17 - 000000000 ____D C:\Users\Master\AppData\Local\Google
2025-10-12 18:16 - 2025-10-12 18:16 - 000000000 ____D C:\Program Files\Google
2025-10-12 18:11 - 2025-10-12 18:14 - 000000000 ____D C:\Program Files (x86)\chrome_url_fetcher_7880_677588908
2025-10-12 18:11 - 2025-10-12 18:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2025-10-12 18:11 - 2025-10-12 18:11 - 000000000 ____D C:\Program Files (x86)\Google
2025-10-12 17:54 - 2025-10-12 17:54 - 000003578 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1401769241-3299568983-1132051391-1002
2025-10-12 17:46 - 2025-10-12 17:46 - 000000000 ____D C:\Program Files (x86)\chrome_url_fetcher_7608_285576302
2025-10-12 17:44 - 2025-10-12 17:44 - 010869176 _____ (Google LLC) C:\Users\Master\Downloads\ChromeSetup (2).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-13 08:30 - 2018-09-02 23:53 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-10-13 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-10-13 08:29 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-13 08:23 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2025-10-13 08:21 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-13 07:56 - 2016-05-05 15:00 - 000000000 ____D C:\Users\Master\AppData\Local\Packages
2025-10-13 07:52 - 2018-09-02 23:53 - 000004214 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E92B2DEA-D647-4A4A-88C4-5594C5AB709C}
2025-10-13 07:48 - 2019-05-27 10:47 - 000000000 ____D C:\Users\Master\AppData\Roaming\Microsoft\Excel
2025-10-12 18:27 - 2023-05-14 13:10 - 000000000 ____D C:\Users\Master\AppData\Local\D3DSCache
2025-10-12 18:03 - 2018-09-02 23:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-10-12 18:02 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-10-12 17:54 - 2022-01-07 15:15 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1401769241-3299568983-1132051391-1002
2025-10-12 17:54 - 2020-10-30 12:16 - 000002386 _____ C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-12 17:54 - 2018-09-02 23:53 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1401769241-3299568983-1132051391-1002
==================== Files in the root of some directories ========
2025-10-12 17:44 - 2025-10-12 18:17 - 000125552 _____ () C:\Program Files\chrome_installer.log
2017-04-30 21:25 - 2017-04-30 21:25 - 007649280 _____ () C:\Program Files (x86)\GUT2575.tmp
2017-04-30 07:31 - 2017-04-30 07:31 - 007649280 _____ () C:\Program Files (x86)\GUTBB38.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2025
Ran by Master (13-10-2025 08:33:56)
Running from C:\Users\Master\Desktop
Microsoft Windows 10 Home Version 1803 17134.1304 (X64) (2018-09-02 21:55:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1401769241-3299568983-1132051391-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1401769241-3299568983-1132051391-503 - Limited - Disabled)
Guest (S-1-5-21-1401769241-3299568983-1132051391-501 - Limited - Disabled)
Master (S-1-5-21-1401769241-3299568983-1132051391-1002 - Administrator - Enabled) => C:\Users\Master
WDAGUtilityAccount (S-1-5-21-1401769241-3299568983-1132051391-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\{F389A14F-B924-E628-4E4F-8D93AFB0215F}) (Version: 9.0.000.1 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.77 - Google LLC)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\...\OneDriveSetup.exe) (Version: 25.174.0907.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
ROBLOX Player for Master (HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8F2D6CEB-BC98-4B69-A5C1-78BED238FE77}) (Version: 2.71.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-18] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-04-05] (Microsoft Studios) [MS Ad]
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-15] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-15] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.0.0_x86__wgeqdkkx372wm [2021-12-02] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1401769241-3299568983-1132051391-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Master\AppData\Local\Microsoft\OneDrive\25.174.0907.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1401769241-3299568983-1132051391-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Master\AppData\Local\Microsoft\OneDrive\25.174.0907.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1401769241-3299568983-1132051391-1002_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Master\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxProxy64.dll (ROBLOX Corporation) [File not signed]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-02-26 15:09 - 2016-02-26 15:09 - 000116736 _____ () [File not signed] C:\Program Files\AMD\CIM\Bin64\atiLog.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2024-06-20 17:17 - 2024-06-20 17:17 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\fe354aee070a5c24671fb5b439d5ef25\CCC.Implementation.ni.dll
2024-06-20 17:16 - 2024-06-20 17:16 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\5e7c2ec67f4802a0496778b9669fa1f1\CLI.Foundation.ni.dll
2025-04-21 13:37 - 2025-04-21 13:37 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\daa582ffd7786373cff6504d5949abc9\LOG.Foundation.Implementation.ni.dll
2024-06-20 17:13 - 2024-06-20 17:13 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\45af82cf7237f5afe91ddcff8877e3f5\LOG.Foundation.Private.ni.dll
2024-06-20 17:17 - 2024-06-20 17:17 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\54e522ff14510b63e649b70bf64eba6d\LOG.Foundation.Implementation.Private.ni.dll
2024-06-20 17:13 - 2024-06-20 17:13 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\9eb2d71ebb24d6715463428afb6388dd\LOG.Foundation.ni.dll
2024-06-20 17:17 - 2024-06-20 17:17 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\cca8e128d1767054443ed11f43ebd0b5\MOM.Foundation.ni.dll
2025-04-23 11:10 - 2025-04-23 11:10 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\85de6442b66b2325414cf20bf0ca87e3\MOM.Implementation.ni.dll
2024-06-20 17:15 - 2024-06-20 17:15 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\4cc1e5ec797407a8a1e52aa5e1001019\NEWAEM.Foundation.ni.dll
2015-08-21 22:06 - 2015-08-21 22:06 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2016-02-26 15:10 - 2016-02-26 15:10 - 001506304 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CIM\Bin64\DetectionManager.dll
2016-02-26 15:11 - 2016-02-26 15:11 - 001778176 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CIM\Bin64\InstallManager.dll
2016-02-26 15:10 - 2016-02-26 15:10 - 000388096 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CIM\Bin64\LanguageMgr.dll
2016-02-26 15:10 - 2016-02-26 15:10 - 000922624 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CIM\Bin64\PackageManager.dll
2015-08-31 11:35 - 2015-08-31 11:35 - 002377216 _____ (Apache Software Foundation) [File not signed] C:\Program Files\AMD\CIM\Bin64\xerces-c_2_6.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.13 - 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Qualcomm Atheros AR9285 Wireless Network Adapter -> athwnx.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
ms_irda: IrDA Protocol
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1401769241-3299568983-1132051391-1002\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{27B78E46-6B05-45F0-9B6A-4327F5D03D5F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{9193A629-8B05-43F7-89CA-AA25FB5539FC}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{B9FAD539-D314-4875-AE96-D6205DA96C69}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{2BAD9C82-51DB-4C71-B6E3-3C6B5DD4E732}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{272D5BEC-3323-41E7-B917-E903D2DDE966}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [{1D3514EC-815F-4760-BC88-EBF70C3FB5D4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [TCP Query User{16E33BD6-F0F8-4D6F-93F8-F7855CFA3992}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [UDP Query User{E2AA3FED-ABEB-4959-AC3D-02177F0F2DF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [{A534C36A-D7A3-4C23-A7BF-979FC24D6BF8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{E0A8A269-7489-4866-A7BE-58C6A79EBBDD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [TCP Query User{91B9BE21-88DC-46F6-8993-480B586E906D}C:\users\master\downloads\anydesk.exe] => (Allow) C:\users\master\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{86960053-7199-466F-A1F8-CE47D8856831}C:\users\master\downloads\anydesk.exe] => (Allow) C:\users\master\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [{02460E7D-4934-4C24-B8D4-EF660A3FD329}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:106.64 GB) (Free:34.32 GB) (32%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/13/2025 08:06:15 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (10/13/2025 08:03:36 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (10/12/2025 06:29:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (10/12/2025 06:27:47 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (10/12/2025 06:26:45 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
Error: (09/05/2025 11:59:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17134.1276 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 106c
Čas spuštění: 01dc1e4aede03b5a
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: ad6c7e3f-5646-4ebc-8183-7ddc27697653
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (09/05/2025 11:55:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17134.1130 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 13d8
Čas spuštění: 01dc1e4b0c63e65c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: e3ef126f-96e5-4b74-9f64-dcc9014656a1
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy
ID aplikace související s balíčkem s chybou: App
Error: (06/20/2024 05:30:44 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3L8K71M)
Description: httphttp-2147467263
System errors:
=============
Error: (10/13/2025 08:42:17 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3L8K71M)
Description: Server {4BD3E4E1-7BD4-4A2B-9964-496400DE5193} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/13/2025 07:49:32 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F0F4B056-EF28-598B-BC18-492BDC50B73A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/13/2025 07:47:24 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F0F4B056-EF28-598B-BC18-492BDC50B73A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/13/2025 07:41:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/12/2025 06:08:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/12/2025 06:08:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/12/2025 06:06:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (10/12/2025 06:02:05 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Optimalizace doručení se po přijetí pokynu pro vypnutí neukončila správně.
Windows Defender:
================
Date: 2024-06-20 16:57:36.192
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {08F751D4-9993-4690-80D0-740AE4F2E010}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-08-18 15:15:21.487
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {55CC09CB-5D1C-46F1-8776-2E3D58C635F7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Date: 2020-07-06 20:49:09.147
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0F1A1060-7D2A-4EC1-AF8A-96E8052D36E9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Date: 2020-06-30 10:48:59.177
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66779B41-346B-4047-880A-5E50BC81A711}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Date: 2019-12-28 10:50:54.387
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0310F851-806B-4EBD-BF12-366DEF6A9A0E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Event[0]:
Date: 2023-09-19 07:38:00.997
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.147.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-09-09 17:22:43.822
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.147.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-09-09 17:22:43.798
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.147.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-05-09 16:33:14.262
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.3149.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-05-09 16:23:02.870
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.3149.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 210 05/12/2011
Motherboard: ASUSTeK Computer Inc. K53U
Processor: AMD C-50 Processor
Percentage of memory in use: 58%
Total physical RAM: 3691.71 MB
Available physical RAM: 1514.15 MB
Total Virtual: 4331.71 MB
Available Virtual: 1718.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:106.64 GB) (Free:34.31 GB) (Model: ST9320325AS) NTFS
Drive d: (nemazat!!!) (Fixed) (Total:190.67 GB) (Free:183.94 GB) (Model: ST9320325AS) NTFS
Drive f: (Traktor Simulator) (CDROM) (Total:1.24 GB) (Free:0 GB) UDF
\\?\Volume{a5135a6b-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS
\\?\Volume{a5135a6b-0000-0000-0000-f0be1a000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A5135A6B)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=106.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=190.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Děkuji za kontrolu
))