prosim o kontrolu
Napsal: 13 pro 2025 13:06
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
Ran by patma (administrator) on JAUIN (LENOVO 82K2) (13-12-2025 12:54:28)
Running from C:\Users\patma\OneDrive\Plocha\FRST64.exe
Loaded Profiles: patma
Platform: Microsoft Windows 11 Home Version 25H2 26200.7462 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Google\Play Games Services\25.12.110.0\Service\GooglePlayGamesServices.exe ->) (Google LLC -> ) C:\Program Files\Google\Play Games Services\25.12.110.0\Service\data\windows.assets\crashpad_handler.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\wa_3rd_party_host_32.exe
(C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\wa_3rd_party_host_64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(drivers\Lenovo\udc\Service\UDClientService.exe ->) (Lenovo -> ) C:\ProgramData\Lenovo\Udc\Hosts\x64\AppProvisioningPlugin.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0417253.inf_amd64_a9b363c4f94f001d\B417132\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0417253.inf_amd64_a9b363c4f94f001d\B417132\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(NahimicService.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicAPO4Volume.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0417253.inf_amd64_a9b363c4f94f001d\B417132\atiesrxx.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Play Games Services\25.12.110.0\Service\GooglePlayGamesServices.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\LenovoUtilityService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7437c73094842db3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9366beb5d0043df3\RtkAudUService64.exe <2>
(services.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicService.exe
(SteelSeries France SASU -> A-Volute) C:\Users\patma\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.179.4.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9366beb5d0043df3\RtkAudUService64.exe [1987544 2024-08-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2586872 2025-11-14] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [utweb] => C:\Users\patma\AppData\Roaming\uTorrent Web\utweb.exe [6426632 2024-11-25] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [484408 2024-09-30] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [Lesta Game Center] => C:\ProgramData\Lesta\GameCenter\lgc.exe [2186008 2025-11-29] (LESTA LLC -> ©2022-2025 Lesta Games Agency, LLC)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [Gaijin.Net Updater] => C:\Users\patma\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [3101416 2025-10-01] (GAIJIN NETWORK LTD -> Gaijin)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [WarThunderLauncher] => C:\Users\patma\AppData\Local\WarThunder\launcher.exe [8773864 2025-12-12] (GAIJIN NETWORK LTD -> Gaijin)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [MicrosoftEdgeAutoLaunch_6F7934B3B10DAE215E564D394F4E4F00] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4228688 2025-12-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\143.0.7499.41\Installer\chrmstp.exe [2025-12-13] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3E7BA7BB-104B-4A09-939B-6A6B78D74194} - \Lenovo\ImController\TimeBasedEvents\040f38ef-ae9c-4c17-bb10-77da74a17647 -> No File <==== ATTENTION
Task: {4C7A55B5-5DB1-4C38-BB7B-6D6080A90EB5} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {8B978304-5372-4810-88E0-6D428AEA19A6} - \Lenovo\ImController\TimeBasedEvents\e3b51fbb-4331-4bdd-81ea-b899e94619ac -> No File <==== ATTENTION
Task: {F4E3809A-1163-48E5-B373-FC82697C8D9A} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {DCEC0DCD-EB8C-485D-95CE-D2AEE80C7F5E} - System32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-211460565-2364033777-153572910-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4856440 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {DFD606AE-51BB-4A90-BFF1-0739A73AA997} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [374936 2025-12-01] (Google LLC -> Google LLC)
Task: {D6A68309-72FB-4401-8057-8228CF9DD75E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem144.0.7547.4{3F2BADEE-01D5-4545-93E8-611BA20C8FCE} => C:\Program Files (x86)\Google\GoogleUpdater\144.0.7547.4\updater.exe [7056536 2025-12-08] (Google LLC -> Google LLC)
Task: {1B9FD1DD-FA6F-4007-8801-B6DBFE3DED93} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [467016 2025-11-05] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {F15BAD51-3E20-41E2-8D77-15216D885262} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [470088 2025-11-05] (Lenovo -> Lenovo)
Task: {EA8CEEC1-51C3-48F1-B980-7667EAC5BD21} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [470088 2025-11-05] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {033A5A0D-2D7C-4EEF-B4C8-E2472567C8F5} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\WINDOWS\system32\sc.exe [102400 2025-09-11] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {58C5203E-F8C0-4FA2-9552-054CDC4DCB7F} - System32\Tasks\Lenovo\UDC\Lenovo UDC Lazy Deployment => C:\WINDOWS\system32\sc.exe [102400 2025-09-11] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 221
Task: {96BBB44C-E11E-44EF-84C1-7C735D2A21B0} - System32\Tasks\Lenovo\UDC\Lenovo UDC Maintainance Task => C:\WINDOWS\system32\sc.exe [102400 2025-09-11] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 220
Task: {797C56E2-D4B3-4C6E-880B-A0C6C8AD3648} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [243088 2025-08-18] (Lenovo -> Lenovo Group Ltd.)
Task: {4539AF14-4097-4B23-B3A2-02E89F90CBB7} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [102400 2025-09-11] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {10D464B7-84DB-4AF8-8534-BB7441DD2F6C} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {004E9588-8257-4E41-9B12-9334055CA3AB} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {BDB23D94-956C-484F-8C69-C7807CCF3D8D} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {501B4BD9-2DC4-4C6C-BD5C-4F2A9F11E3A2} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin_Pulsation => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {05A27BEB-797D-4ACC-9217-F435494CC1DA} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {0F909CB2-61AE-45F3-BAE5-546F6ABDCA50} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {950D2A09-5E49-4F0E-94F2-45E625EFA973} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {25FDB64C-6F49-4870-ACC4-BAB5B439A69E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {5C65A52D-1017-4A56-BBC0-CB131ABC0742} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSupportHealthReportSchedule => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {D96182B2-7935-4AF1-9639-59CEFD99C036} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {73B3B500-5DAD-4B29-8632-ED7EC68E4B28} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {358E5210-2F84-4159-B401-9D086964C317} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {879144C6-190A-4FF5-9440-9F7285265673} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {A40F8059-89CF-441F-856D-3E9C3BF30C2B} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.1.0.7\x86\IdleScheduleEventAction.exe [172104 2025-10-22] (Lenovo -> )
Task: {85B9DD03-7629-4A00-BF44-BBDAC41EDF9D} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {68EF8442-A580-4D02-9657-14A47A95D8CF} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
Task: {6BAFB5ED-67E4-4FEE-944A-2E6716776D28} - System32\Tasks\McAfee\DAD.WPS.Execute.Updates => "C:\Program Files\McAfee\WPS\1.7.209.1\dad\mc-dad.exe" (No File)
Task: {4E1445FA-3191-4E73-9C2B-8CDE31C53F60} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {3210794C-7982-4C4B-891F-AEC31B30C0D9} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {6EB92726-4DAE-452A-A840-FB57FFA4248B} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {10444018-179C-467C-9D97-42DE781ED64C} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {E16AE994-5936-4608-8AD1-46A14BB3F0FD} - System32\Tasks\McAfee\WPS\McAfee restart of PC => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {295571EC-A19B-4279-AA18-7F2C95B627B5} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {73A19094-3071-412B-9735-6269F2446264} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {DC1271E1-43BA-483E-A1D7-FEF6CE4B60F4} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {FC4B9C80-A5CF-461A-9D6E-35871C3BFB28} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16659240 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8194DDE-02A9-466E-BCA6-782E84E7215B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C96A8765-94F3-4574-82CC-6F766D208A1E} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [70968 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {563C15F6-742D-4F65-BFDA-BDBD76CEC471} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB4E6468-71D9-45BF-B228-8752D4055886} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311056 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7A7A813-930C-46B8-840C-A18C0018B6C2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311056 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {931392F5-E018-4886-BC07-AE34F479A69D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1347344 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB3DE5D4-C046-46C0-9970-62E7BC99ED07} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16659240 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {D39AE3BF-2461-4511-B290-67E7C2A8CCD5} - System32\Tasks\Microsoft\Windows\Setup\PITRTask => {093cb270-c282-4c22-b2ea-7d2bf1c30bbf} C:\WINDOWS\system32\oobe\PITRTask.dll [118784 2025-12-12] (Microsoft Windows -> Microsoft Corporation)
Task: {0BB36A32-0D9E-4297-AFD7-6BD7B5DB4C9B} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => %windir%\System32\UNP\UpdateNotificationMgr.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {25FBA56A-E73B-41A2-8FE5-DB01A66A1FC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpCmdRun.exe [1803016 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {09A85E12-C428-4443-952E-7C75B1C3B626} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpCmdRun.exe [1803016 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A21146D7-5DC4-43BF-AE8D-3C783B18EED9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpCmdRun.exe [1803016 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A0BEBBB6-ADAB-4A39-A04B-6AAB470F1D26} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpCmdRun.exe [1803016 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ABC97C61-1EB6-4B8E-A75F-48A0A2E0751A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {186D0435-924D-4F7C-9D6D-36AEF9B90690} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-02-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {08185764-4933-44F9-8F6F-B95DC480941B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {7D295A04-6DD6-4EB4-8702-7C863AE8A043} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33C2BA7F-382B-498F-B2D0-C466D7760E34} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A533BBED-6BAE-47E4-8251-7456373E2B68} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {092BAEFF-D3DD-4C3A-8E68-C4B5C79D06F3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E5EE795-C627-4389-BE44-083CDC9DB7B9} - System32\Tasks\OneDrive Startup Task-S-1-5-21-211460565-2364033777-153572910-1001 => C:\Users\patma\AppData\Local\Microsoft\OneDrive\25.222.1112.0002_1\OneDriveLauncher.exe [745832 2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8711249-5397-4580-8112-3FDE6F656382} - System32\Tasks\Opera scheduled assistant Autoupdate 1723969481 => C:\Users\patma\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-21] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\patma\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {2C4748CA-BD7F-4CB5-89B6-F1AE5B6EF7DE} - System32\Tasks\Opera scheduled assistant Autoupdate 1732345968 => C:\Users\patma\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-21] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\patma\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {2CC7334D-684B-4630-85B8-117376191234} - System32\Tasks\Opera scheduled Autoupdate 1723969481 => C:\Users\patma\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-21] (Opera Norway AS -> Opera Software)
Task: {FC734DE5-D4D1-4C7C-BE2D-CA1667FF359D} - System32\Tasks\Opera scheduled Autoupdate 1732345965 => C:\Users\patma\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-21] (Opera Norway AS -> Opera Software)
Task: {0C1DBC51-48F5-4954-8A7E-9A2E820E03AF} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-211460565-2364033777-153572910-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4856440 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {1AE813F6-3EE2-46E0-8807-9BD2779BA994} - System32\Tasks\Piriform\CCleaner 7 - Scheduled Cleaning - default - S-1-5-21-211460565-2364033777-153572910-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4856440 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {7E2CC1C2-8846-478E-AE39-44849DA5A7C0} - System32\Tasks\Piriform\CCleaner 7 BugReport => C:\Program Files\Piriform\CCleaner 7\CCleanerBugReport.exe [6274680 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --product 234 --programpath "C:\Program Files\Piriform\CCleaner 7" --configpath "C:\Program Files\Piriform\CCleaner 7\data" --path "C:\Program Files\Piriform\CCleaner 7\log" --path "C:\Program Files\Piriform\CCleaner 7\data\dumps" --logpath "C:\Program Files\Piriform\CCleaner 7 (the data entry has 58 more characters).
Task: {D53C47A2-AFA3-429A-B787-12AD0CB96845} - System32\Tasks\Piriform\CCleaner 7 Update => C:\Program Files\Common Files\Piriform\Icarus\piriform-ccl\icarus.exe [9239776 2025-11-25] (Gen Digital Inc. -> Gen Digital Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{8dcf7671-feac-4597-89b4-58ec2334258a}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{8dcf7671-feac-4597-89b4-58ec2334258a}\051647D6164733037237027416C61687970214532337025374: [DhcpNameServer] 192.168.90.156
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\patma\AppData\Local\Microsoft\Edge\User Data\Default [2025-12-13]
Edge Notifications: Default -> hxxps://www.msn.com; hxxps://www.tiktok.com
Edge Extension: (Dokumenty Google offline) - C:\Users\patma\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-29]
Edge Extension: (Edge relevant text changes) - C:\Users\patma\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-08-17]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\patma\AppData\Local\Google\Chrome\User Data\Default [2025-12-13]
CHR Notifications: Default -> hxxps://d4ukkde071bc73a8pm0g.monexio.co.in; hxxps://fastshare.cz; hxxps://fr1.badoo.com; hxxps://www.daemon-tools.cc; hxxps://www.facebook.com; hxxps://www.messenger.com; hxxps://www.tiktok.com; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\patma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-29]
CHR Extension: (SPOT Survey Blocker) - C:\Users\patma\AppData\Local\Google\Chrome\User Data\Default\Extensions\kolklnebpigejnjdnddogpomkanjpmka [2024-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\patma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-08-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3318400 2025-02-08] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [20285608 2025-11-16] (BattlEye Innovations e.K. -> )
R2 CCleaner7; C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe [28341880 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13419320 2025-12-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4938808 2024-09-30] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [141680 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
R2 GooglePlayGamesServices-25.12.110.0; C:\Program Files\Google\Play Games Services\25.12.110.0\Service\GooglePlayGamesServices.exe [509080 2025-12-05] (Google LLC -> Google LLC)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\LenovoUtilityService.exe [199704 2025-09-28] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe [34368 2025-12-12] (Lenovo -> Lenovo)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958776 2025-12-12] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpDefenderCoreService.exe [2063328 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1910192 2024-08-20] (SteelSeries France SASU -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_7437c73094842db3\Display.NvContainer\NVDisplay.Container.exe [1274904 2024-07-04] (NVIDIA Corporation -> NVIDIA Corporation)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [72592 2025-08-18] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\NisSrv.exe [4426832 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MsMpEng.exe [290704 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0417253.inf_amd64_a9b363c4f94f001d\B417132\amdkmdag.sys [106597288 2025-07-14] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [602112 2025-09-11] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-09-11] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2024-11-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2024-11-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
R1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [234688 2025-10-19] (Microsoft Windows Hardware Compatibility Publisher -> Google)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2025-11-14] (Microsoft Windows -> Microsoft Corporation)
R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [95856 2024-08-20] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [95896 2024-08-20] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [246272 2024-07-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_3037ec512dc36c3a\rt68cx21x64.sys [656328 2023-02-15] (Realtek Semiconductor Corp. -> Realtek)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21928 2025-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [635272 2025-12-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-12-13 12:54 - 2025-12-13 12:55 - 000035818 _____ C:\Users\patma\OneDrive\Plocha\FRST.txt
2025-12-13 12:52 - 2025-12-13 12:52 - 002444288 _____ (Farbar) C:\Users\patma\OneDrive\Plocha\FRST64.exe
2025-12-13 12:42 - 2025-12-13 12:42 - 000713018 _____ C:\WINDOWS\system32\perfh005.dat
2025-12-13 12:42 - 2025-12-13 12:42 - 000153196 _____ C:\WINDOWS\system32\perfc005.dat
2025-12-13 12:31 - 2025-12-13 12:31 - 000003264 _____ C:\WINDOWS\system32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-211460565-2364033777-153572910-1001
2025-12-13 12:31 - 2025-12-13 12:31 - 000002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 7.lnk
2025-12-13 12:31 - 2025-12-13 12:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Piriform
2025-12-13 12:31 - 2025-12-13 12:31 - 000000000 ____D C:\Users\patma\AppData\Roaming\CCleaner
2025-12-13 12:30 - 2025-12-13 12:30 - 000056128 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-12-13 12:30 - 2025-12-13 12:30 - 000000000 ____D C:\Program Files\Piriform
2025-12-13 12:30 - 2025-12-13 12:30 - 000000000 ____D C:\Program Files\Common Files\Piriform
2025-12-12 19:26 - 2025-12-12 19:26 - 000000000 ____D C:\WINDOWS\system32\NarratorMCAT
2025-12-12 18:24 - 2025-12-12 18:24 - 000021502 _____ C:\Users\patma\OneDrive\Plocha\Majsner.webp
2025-12-12 16:27 - 2025-12-13 12:38 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-12-12 16:19 - 2025-12-12 16:19 - 000035602 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-12-12 16:19 - 2025-12-12 16:19 - 000035602 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-12-12 16:01 - 2025-12-12 16:01 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-12-12 15:48 - 2025-12-12 15:48 - 000004032 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-211460565-2364033777-153572910-1001_0
2025-11-29 10:48 - 2025-11-29 10:50 - 1539858050 _____ C:\Users\patma\OneDrive\Plocha\Tron - Ares (2025).mp4
2025-11-29 10:42 - 2025-11-29 10:46 - 3101092802 _____ C:\Users\patma\OneDrive\Plocha\Železná Srdce (2014).mkv
2025-11-29 10:14 - 2025-11-29 10:17 - 1994136138 _____ C:\Users\patma\OneDrive\Plocha\Memphiská kráska (1990).mkv
2025-11-16 13:43 - 2025-11-16 13:43 - 000000000 ____D C:\Users\patma\ansel
2025-11-16 13:43 - 2025-11-16 13:43 - 000000000 ____D C:\ProgramData\WarThunder
2025-11-16 13:42 - 2025-11-16 13:42 - 000000000 ____D C:\Users\patma\AppData\Local\BattlEye
2025-11-16 11:53 - 2025-11-16 11:53 - 000000000 ____D C:\Users\patma\AppData\Local\Gaijin
2025-11-16 11:53 - 2025-11-16 11:53 - 000000000 ____D C:\ProgramData\Gaijin
2025-11-16 11:46 - 2025-12-13 08:09 - 000000000 ____D C:\Users\patma\AppData\Local\WarThunder
2025-11-16 11:46 - 2025-11-16 13:41 - 000000000 ___RD C:\Users\patma\OneDrive\Dokumenty\My Games
2025-11-16 11:46 - 2025-11-16 11:46 - 000002042 _____ C:\Users\patma\OneDrive\Plocha\WarThunder.lnk
2025-11-16 11:46 - 2025-11-16 11:46 - 000000000 ____D C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-12-13 12:54 - 2024-08-31 10:28 - 000000000 ____D C:\FRST
2025-12-13 12:48 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-12-13 12:48 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-12-13 12:47 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-12-13 12:42 - 2025-09-11 10:25 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-12-13 12:42 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-12-13 12:41 - 2024-08-18 06:10 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-12-13 12:40 - 2024-08-17 16:35 - 000000000 ___RD C:\Users\patma\OneDrive
2025-12-13 12:38 - 2025-09-11 10:19 - 000003066 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-12-13 12:37 - 2025-09-13 09:32 - 000000000 ____D C:\Users\patma\AppData\Local\AVG
2025-12-13 12:37 - 2025-09-13 09:25 - 000000000 ____D C:\Users\patma\AppData\Roaming\AVG
2025-12-13 12:37 - 2025-09-11 10:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-12-13 12:37 - 2024-08-18 09:24 - 000000000 ____D C:\ProgramData\AVG
2025-12-13 12:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-12-13 12:37 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-12-13 12:37 - 2023-11-21 21:13 - 000000000 ____D C:\ProgramData\NVIDIA
2025-12-13 12:37 - 2022-05-25 20:05 - 000012288 ___SH C:\DumpStack.log.tmp
2025-12-13 12:36 - 2024-08-17 16:34 - 000000000 ____D C:\Users\patma\AppData\Local\D3DSCache
2025-12-13 12:32 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-12-13 12:31 - 2025-09-13 09:23 - 000000000 ____D C:\ProgramData\Piriform
2025-12-13 12:31 - 2025-09-13 09:22 - 000000000 ____D C:\Program Files\CCleaner
2025-12-13 12:03 - 2025-09-11 10:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-12-13 08:01 - 2025-09-11 10:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-211460565-2364033777-153572910-1001
2025-12-13 08:01 - 2025-09-11 10:19 - 000003568 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-211460565-2364033777-153572910-1001
2025-12-13 08:01 - 2025-09-11 10:19 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-211460565-2364033777-153572910-1001
2025-12-13 08:01 - 2024-08-17 16:35 - 000002390 _____ C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-12-13 08:01 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-12-12 19:27 - 2025-09-11 10:16 - 000472664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-12-12 19:26 - 2025-09-11 07:47 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-12-12 19:26 - 2025-09-11 07:47 - 000000000 ____D C:\WINDOWS\InboxApps
2025-12-12 19:26 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\WUModels
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-12-12 19:26 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-12-12 18:23 - 2025-10-26 08:07 - 000000000 ____D C:\ProgramData\Whesvc
2025-12-12 16:19 - 2025-09-11 10:19 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-12-12 16:13 - 2024-08-20 14:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-12-12 16:12 - 2024-08-20 14:01 - 218369424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-12-12 16:03 - 2022-05-25 20:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-12-12 16:00 - 2023-11-21 21:05 - 000000000 ____D C:\Program Files\Microsoft Office
2025-12-12 15:51 - 2022-05-25 20:06 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-11-29 10:06 - 2025-09-26 13:27 - 000436592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_b.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 004581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000878968 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000285040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000244088 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000166264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000153976 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-11-29 10:06 - 2024-08-18 11:43 - 000076152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-11-29 09:47 - 2025-10-26 23:20 - 000000000 ____D C:\WINDOWS\Minidump
2025-11-29 09:47 - 2024-08-18 09:26 - 000000000 ____D C:\Users\patma\AppData\Local\CrashDumps
2025-11-29 09:46 - 2025-09-11 10:19 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-11-29 09:46 - 2025-09-11 10:19 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-11-29 09:44 - 2023-11-21 21:20 - 000001324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Now.lnk
2025-11-29 09:44 - 2023-11-21 21:19 - 000000000 ____D C:\WINDOWS\TempInst
2025-11-16 13:43 - 2025-09-11 07:51 - 000000000 ____D C:\Users\patma
2025-11-16 13:43 - 2024-08-17 16:34 - 000000000 ____D C:\Users\patma\AppData\Local\NVIDIA Corporation
2025-11-16 13:38 - 2023-11-21 21:14 - 000000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories ========
2025-10-26 10:11 - 2025-10-26 10:12 - 000000000 _____ () C:\Users\patma\AppData\Roaming\FileIn.cns
2025-10-26 10:11 - 2025-10-26 10:12 - 000000000 _____ () C:\Users\patma\AppData\Roaming\FileOut.cns
2025-11-01 09:13 - 2025-11-01 09:19 - 000149446 _____ () C:\Users\patma\AppData\Local\dxdiag.log
2025-02-08 07:47 - 2025-02-08 07:51 - 000001687 _____ () C:\Users\patma\AppData\Local\log.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by patma (13-12-2025 12:56:21)
Running from C:\Users\patma\OneDrive\Plocha
Microsoft Windows 11 Home Version 25H2 26200.7462 (X64) (2025-09-11 09:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-211460565-2364033777-153572910-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-211460565-2364033777-153572910-503 - Limited - Disabled)
Guest (S-1-5-21-211460565-2364033777-153572910-501 - Limited - Disabled)
patma (S-1-5-21-211460565-2364033777-153572910-1001 - Administrator - Enabled) => C:\Users\patma
WDAGUtilityAccount (S-1-5-21-211460565-2364033777-153572910-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 24.07 (x64) (HKLM\...\7-Zip) (Version: 24.07 - Igor Pavlov)
CCleaner 7 (HKLM\...\CCleaner 7) (Version: 7.2.1080.1295 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.1.0.2213 - Disc Soft Ltd)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 143.0.7499.41 - Google LLC)
Google Play Games (HKLM\...\GooglePlayGames) (Version: 25.12.11.0 - Google LLC)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Lenovo Now (HKLM-x32\...\{622FA116-13E7-4BB6-839C-A3E0E3ECDFE6}_is1) (Version: 4.4.2.1 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2511.18.0 - Lenovo Group Ltd.)
Lesta Game Center (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Lesta Game Center) (Version: 25.3.0.944 - Lesta Games)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft .NET Host - 8.0.3 (x86) (HKLM-x32\...\{C3185BE9-A193-4021-91F1-1E196C20CAB6}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.8 (x64) (HKLM\...\{3BA242F8-BDB5-4096-9FBC-333CD663BBAD}) (Version: 64.32.18380 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.3 (x86) (HKLM-x32\...\{AA217943-D70A-4078-988C-31E5EC26AFE1}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.8 (x64) (HKLM\...\{7FE24458-0796-4428-99C2-9A0F8DAB93CC}) (Version: 64.32.18380 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.3 (x86) (HKLM-x32\...\{CE4A2F26-87B5-4569-A582-62A8D3B20BE9}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.8 (x64) (HKLM\...\{9ACB23DB-4D32-49ED-A5E3-F4E2F8D9D2AA}) (Version: 64.32.18380 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.3 - Shared Framework (x86) (HKLM-x32\...\{27b7a489-233a-488c-b81b-0cb173d4cd15}) (Version: 8.0.3.24116 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.3 Shared Framework (x86) (HKLM-x32\...\{66F03628-AF73-329C-9DB7-59A701E08AB7}) (Version: 8.0.3.24116 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 143.0.3650.75 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 143.0.3650.80 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM\...\{ECB4BDD1-984C-9F25-299C-A9EF75C14197}) (Version: 10.1.26100.6879 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\OneDriveSetup.exe) (Version: 25.222.1112.0002 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x86) (HKLM-x32\...\{2907caa8-4808-4b6b-b7e7-fb8c862823d2}) (Version: 8.0.3.33416 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.3 (x86) (HKLM-x32\...\{D383E279-1AD9-4DD8-9EB4-7C831665F9CC}) (Version: 64.12.10377 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM\...\{663E7053-3B36-4AE5-8223-234867FAEAE6}) (Version: 64.32.18376 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM-x32\...\{33832ff3-5583-4b81-b270-d9fd42760e1a}) (Version: 8.0.8.33916 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.114 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.114 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 555.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 555.99 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Open Rails 1.3.1.4328 (HKLM-x32\...\{94E15E08-869D-4B69-B8D7-8C82075CB51C} ; Generat~67F3DAC8_is1) (Version: 1.3.1.4328 - Open Rails)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
uTorrent Web (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\utweb) (Version: 1.4.0 - BitTorrent Limited)
War Thunder Launcher 1.0.3.496 (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Network)
Wargaming.net Game Center (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Wargaming.net Game Center) (Version: 25.6.0.709 - Wargaming.net)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1084 - McAfee, LLC)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\2314027414) (Version: - Wargaming.net)
Мир танков (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\LGC-4094243768) (Version: - Lesta Games)
Мир танков Общий тест (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\LGC-1739465547) (Version: - Lesta Games)
Packages:
=========
@{MicrosoftWindows.58683691.InpApp_1000.26100.6725.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-12] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6899.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-12] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6901.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-12] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.7019.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-12] ()
@{MicrosoftWindows.59379618.InpApp_1000.26100.7019.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.59379618.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-12] (Microsoft Windows)
@{MicrosoftWindows.59379618.InpApp_1000.26100.7171.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.59379618.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-12] (Microsoft Windows)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m [2025-08-07] (Advanced Micro Devices Inc.) [Startup Task]
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57242383.Tasbar_cw5n1h2txyewy [2025-12-12] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-12] (Microsoft Windows)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.36.0_x64__xbfy0k16fey96 [2025-12-12] (Dropbox Inc.)
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.25150.49.0_x64__8wekyb3d8bbwe [2025-07-19] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2509.13.0_x64__k1h2ywk1493x8 [2025-10-27] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.7.18.0_x64__5grkq8ppsgwt4 [2025-05-17] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.42.0_x64__w1wdnht996qgy [2025-03-15] (LinkedIn) [Startup Task]
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-12-12] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2410.16002.0_x64__8wekyb3d8bbwe [2024-12-07] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-08-24] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20610.576.0_x64__8wekyb3d8bbwe [2025-07-19] (Microsoft Corporation)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-12-12] ()
MSN Počasí -> C:\Program Files\WindowsApps\www.msn.com-7FB783BD_1.0.0.0_neutral__q77jw2zwjvy92 [2025-09-07] (www.msn.com)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-16] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-12-12] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.328.0_x64__dt26b99r8h8gj [2024-09-13] (Realtek Semiconductor Corp)
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2025-09-07] (Bytedance Pte. Ltd.)
WinRAR -> C:\Program Files\WinRAR [2025-01-25] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{1fbfb627-93ed-88f1-57b8-78ec8c9febe7}\localserver32 -> "C:\ProgramData\Lenovo\Udc\Hosts\23.4.0.8\x64\MessagingPlugin.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\patma\AppData\Local\Microsoft\OneDrive\25.222.1112.0002_1\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\patma\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (SteelSeries France SASU -> A-Volute)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\patma\AppData\Local\Microsoft\OneDrive\25.222.1112.0002_1\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-06-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-09-30] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-09-30] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-06-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_7437c73094842db3\nvshext.dll [2024-07-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-06-19] (Igor Pavlov) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lesta Games\Tanki_PT\Мир танков Общий тест.lnk -> C:\Games\Tanki_PT\lgc_api.exe (©2022-2025 Lesta Games Agency, LLC) -> --open <==== Cyrillic
ShortcutWithArgument: C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lesta Games\Tanki_PT\Удалить Мир танков Общий тест.lnk -> C:\Games\Tanki_PT\lgc_api.exe (©2022-2025 Lesta Games Agency, LLC) -> --uninstall <==== Cyrillic
ShortcutWithArgument: C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lesta Games\Tanki\Мир танков.lnk -> C:\Games\Tanki\lgc_api.exe (©2022-2025 Lesta Games Agency, LLC) -> --open <==== Cyrillic
ShortcutWithArgument: C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lesta Games\Tanki\Удалить Мир танков.lnk -> C:\Games\Tanki\lgc_api.exe (©2022-2025 Lesta Games Agency, LLC) -> --uninstall <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 06:24 - 2025-03-15 13:44 - 000003992 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
109.94.209.70 fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 fitgirls-repacks.com # Fake FitGirl site
109.94.209.70 fitgirlrepack.cc # Fake FitGirl site
109.94.209.70 fitgirlrepacks.org # Fake FitGirl site
2025-04-05 06:30 - 2025-07-17 16:16 - 000000436 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek 8822CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\patma\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\3252015542758410307\134077767608020034.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\StartupApproved\Run: => "utweb"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{46AADDFF-78D6-479B-A351-9ECD54E79E86}C:\games\tanki\win64\tanki.exe] => (Allow) C:\games\tanki\win64\tanki.exe (LESTA LLC -> Lesta)
FirewallRules: [TCP Query User{67E72D77-939F-40E9-A136-1CEAE8957C8D}C:\games\tanki\win64\tanki.exe] => (Allow) C:\games\tanki\win64\tanki.exe (LESTA LLC -> Lesta)
FirewallRules: [UDP Query User{E6F2AC4E-CE46-4CC3-917B-34C99397D5F2}C:\programdata\lesta\gamecenter\lgc.exe] => (Allow) C:\programdata\lesta\gamecenter\lgc.exe (LESTA LLC -> ©2022-2025 Lesta Games Agency, LLC)
FirewallRules: [TCP Query User{DC39E146-3507-4F60-8F9B-1A0010DB4EC9}C:\programdata\lesta\gamecenter\lgc.exe] => (Allow) C:\programdata\lesta\gamecenter\lgc.exe (LESTA LLC -> ©2022-2025 Lesta Games Agency, LLC)
FirewallRules: [{8F437965-0413-486C-9C84-75BE891AF0BC}] => (Allow) C:\Users\patma\AppData\Local\Temp\7zF4C967C8\aria2c.exe => No File
FirewallRules: [{4CDE3673-B195-445E-B5DD-7441699951D7}] => (Allow) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRWUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{3E81BCF9-D63B-43AB-9D27-704A3BA2EC92}] => (Allow) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRWUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{5EC3369F-97BE-4F19-B5D4-4AE93887F809}] => (Allow) C:\Users\patma\AppData\Local\Programs\Opera\opera.exe => No File
FirewallRules: [{D6E60FA7-AF17-4226-9F0B-749FEEDF011B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{28D631DE-54E6-405F-A6C1-B89F954C2C45}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{A95EC880-C28C-4237-84EC-595881481E28}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => No File
FirewallRules: [{9F704AC7-561A-49E1-B237-18ED5C58C8E3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{5C7A9B83-2E48-4907-A48F-F6BD20C7FA00}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{ABE54436-D969-4184-BAAE-3C89A4B3287B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{C84277C4-C456-40E1-B5B2-413CCFE1957D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{05B2846B-89C5-440F-B2B2-9F9F25A32B2D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{DF543A98-3F3E-41FF-9F6F-3D071AC5E5DF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{A7C22E02-BBB3-4C99-A862-2F882D997C8B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [{23CD6B85-5F66-4BD6-9EB9-B875D0627D8E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [{6147DDED-1287-4685-A71E-B56872A113F6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe => No File
FirewallRules: [{D918AEE4-5D0E-4B42-8712-2ADE6E0A4613}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe => No File
FirewallRules: [UDP Query User{3E8DC745-B959-4E89-BBE8-90A93F0BB621}C:\xboxgames\call of duty\content\sp23\sp23-cod.exe] => (Allow) C:\xboxgames\call of duty\content\sp23\sp23-cod.exe => No File
FirewallRules: [TCP Query User{E43CA15C-B336-450B-8550-B6DAD61B7368}C:\xboxgames\call of duty\content\sp23\sp23-cod.exe] => (Allow) C:\xboxgames\call of duty\content\sp23\sp23-cod.exe => No File
FirewallRules: [UDP Query User{136A534E-8EA8-4C4E-8930-014A9363B665}C:\xboxgames\call of duty\content\cod.exe] => (Allow) C:\xboxgames\call of duty\content\cod.exe => No File
FirewallRules: [TCP Query User{E888CF2B-2628-4B1A-A326-BC5E54E17550}C:\xboxgames\call of duty\content\cod.exe] => (Allow) C:\xboxgames\call of duty\content\cod.exe => No File
FirewallRules: [UDP Query User{F6B01CB4-3BF4-4877-B6E7-C85C577A2A69}C:\program files (x86)\call of duty deluxe edition\codmp.exe] => (Allow) C:\program files (x86)\call of duty deluxe edition\codmp.exe => No File
FirewallRules: [TCP Query User{0A878231-1D3F-4262-882D-97A61A523656}C:\program files (x86)\call of duty deluxe edition\codmp.exe] => (Allow) C:\program files (x86)\call of duty deluxe edition\codmp.exe => No File
FirewallRules: [UDP Query User{A146787D-A2D0-4562-86E7-30A0E06F87EC}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{A64E1424-E8C8-4B03-95C9-DF22F29E67F1}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{72336E96-0D45-4402-B946-0076D266BB0B}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{01C5EA54-17BE-49B5-B5ED-4C4E41FDD756}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{218C716F-2C27-4432-A0CF-272E7F1A14D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{43F73884-1DB8-4F0D-89CD-3083E5505E0A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EA7F613F-C178-474F-8F59-B84144AA3DF4}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AFAC08CC-29A8-4669-9AD5-D6650AFC2D94}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{025E596E-39EB-47E7-B578-37DB17FABB82}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{854F3A73-07AF-4473-B3C7-AB54C636A11C}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CC7C07ED-06B6-4A64-B3C8-9E1299569FAE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BCFB3624-920B-442B-8CD0-C284B5251BC6}] => (Allow) C:\Users\patma\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{9FE7BA3E-EAE7-48D0-B5F9-17383702248E}] => (Allow) C:\Users\patma\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{E6A5BE38-FEFA-4A4A-9BC4-9A16558BB90D}C:\users\patma\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\patma\appdata\local\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [UDP Query User{8A60F2ED-E96D-467C-9BF0-C72CD85250EB}C:\users\patma\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\patma\appdata\local\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{CC86B821-9148-47ED-A0B5-5EDEA18FDAD9}C:\users\patma\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\patma\appdata\local\warthunder\win64\aces.exe => No File
FirewallRules: [UDP Query User{D35ACF99-257D-4D29-AFF2-ED2CF3A872C1}C:\users\patma\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\patma\appdata\local\warthunder\win64\aces.exe => No File
FirewallRules: [{243CDB2E-624D-4A4F-8900-9A03A37AC30F}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{BB70FA0E-9C7F-40C1-A08A-676071B0ED1C}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{B4962BB5-D3D0-41D2-814B-423248FC0898}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
12-12-2025 15:51:14 Windows Update
12-12-2025 16:04:38 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/13/2025 12:40:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_none_758c8a477f89a995\8.0\8.0.50727.4053\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/13/2025 12:36:41 PM) (Source: AbtPaaS) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/13/2025 12:36:41 PM) (Source: AbtPaaS) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/13/2025 12:36:41 PM) (Source: AbtPaaS) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/13/2025 12:36:41 PM) (Source: AbtPaaS) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/13/2025 08:00:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_none_758c8a477f89a995\8.0\8.0.50727.4053\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/12/2025 07:29:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_none_758c8a477f89a995\8.0\8.0.50727.4053\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64"
Ran by patma (administrator) on JAUIN (LENOVO 82K2) (13-12-2025 12:54:28)
Running from C:\Users\patma\OneDrive\Plocha\FRST64.exe
Loaded Profiles: patma
Platform: Microsoft Windows 11 Home Version 25H2 26200.7462 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Google\Play Games Services\25.12.110.0\Service\GooglePlayGamesServices.exe ->) (Google LLC -> ) C:\Program Files\Google\Play Games Services\25.12.110.0\Service\data\windows.assets\crashpad_handler.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\wa_3rd_party_host_32.exe
(C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\wa_3rd_party_host_64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(drivers\Lenovo\udc\Service\UDClientService.exe ->) (Lenovo -> ) C:\ProgramData\Lenovo\Udc\Hosts\x64\AppProvisioningPlugin.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0417253.inf_amd64_a9b363c4f94f001d\B417132\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0417253.inf_amd64_a9b363c4f94f001d\B417132\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(NahimicService.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicAPO4Volume.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0417253.inf_amd64_a9b363c4f94f001d\B417132\atiesrxx.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Play Games Services\25.12.110.0\Service\GooglePlayGamesServices.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\LenovoUtilityService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7437c73094842db3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9366beb5d0043df3\RtkAudUService64.exe <2>
(services.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicService.exe
(SteelSeries France SASU -> A-Volute) C:\Users\patma\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.179.4.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9366beb5d0043df3\RtkAudUService64.exe [1987544 2024-08-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2586872 2025-11-14] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [utweb] => C:\Users\patma\AppData\Roaming\uTorrent Web\utweb.exe [6426632 2024-11-25] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [484408 2024-09-30] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [Lesta Game Center] => C:\ProgramData\Lesta\GameCenter\lgc.exe [2186008 2025-11-29] (LESTA LLC -> ©2022-2025 Lesta Games Agency, LLC)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [Gaijin.Net Updater] => C:\Users\patma\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [3101416 2025-10-01] (GAIJIN NETWORK LTD -> Gaijin)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [WarThunderLauncher] => C:\Users\patma\AppData\Local\WarThunder\launcher.exe [8773864 2025-12-12] (GAIJIN NETWORK LTD -> Gaijin)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Run: [MicrosoftEdgeAutoLaunch_6F7934B3B10DAE215E564D394F4E4F00] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4228688 2025-12-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\143.0.7499.41\Installer\chrmstp.exe [2025-12-13] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3E7BA7BB-104B-4A09-939B-6A6B78D74194} - \Lenovo\ImController\TimeBasedEvents\040f38ef-ae9c-4c17-bb10-77da74a17647 -> No File <==== ATTENTION
Task: {4C7A55B5-5DB1-4C38-BB7B-6D6080A90EB5} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {8B978304-5372-4810-88E0-6D428AEA19A6} - \Lenovo\ImController\TimeBasedEvents\e3b51fbb-4331-4bdd-81ea-b899e94619ac -> No File <==== ATTENTION
Task: {F4E3809A-1163-48E5-B373-FC82697C8D9A} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {DCEC0DCD-EB8C-485D-95CE-D2AEE80C7F5E} - System32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-211460565-2364033777-153572910-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4856440 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {DFD606AE-51BB-4A90-BFF1-0739A73AA997} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [374936 2025-12-01] (Google LLC -> Google LLC)
Task: {D6A68309-72FB-4401-8057-8228CF9DD75E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem144.0.7547.4{3F2BADEE-01D5-4545-93E8-611BA20C8FCE} => C:\Program Files (x86)\Google\GoogleUpdater\144.0.7547.4\updater.exe [7056536 2025-12-08] (Google LLC -> Google LLC)
Task: {1B9FD1DD-FA6F-4007-8801-B6DBFE3DED93} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [467016 2025-11-05] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {F15BAD51-3E20-41E2-8D77-15216D885262} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [470088 2025-11-05] (Lenovo -> Lenovo)
Task: {EA8CEEC1-51C3-48F1-B980-7667EAC5BD21} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [470088 2025-11-05] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {033A5A0D-2D7C-4EEF-B4C8-E2472567C8F5} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\WINDOWS\system32\sc.exe [102400 2025-09-11] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {58C5203E-F8C0-4FA2-9552-054CDC4DCB7F} - System32\Tasks\Lenovo\UDC\Lenovo UDC Lazy Deployment => C:\WINDOWS\system32\sc.exe [102400 2025-09-11] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 221
Task: {96BBB44C-E11E-44EF-84C1-7C735D2A21B0} - System32\Tasks\Lenovo\UDC\Lenovo UDC Maintainance Task => C:\WINDOWS\system32\sc.exe [102400 2025-09-11] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 220
Task: {797C56E2-D4B3-4C6E-880B-A0C6C8AD3648} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [243088 2025-08-18] (Lenovo -> Lenovo Group Ltd.)
Task: {4539AF14-4097-4B23-B3A2-02E89F90CBB7} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [102400 2025-09-11] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {10D464B7-84DB-4AF8-8534-BB7441DD2F6C} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {004E9588-8257-4E41-9B12-9334055CA3AB} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {BDB23D94-956C-484F-8C69-C7807CCF3D8D} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {501B4BD9-2DC4-4C6C-BD5C-4F2A9F11E3A2} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin_Pulsation => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {05A27BEB-797D-4ACC-9217-F435494CC1DA} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {0F909CB2-61AE-45F3-BAE5-546F6ABDCA50} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {950D2A09-5E49-4F0E-94F2-45E625EFA973} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {25FDB64C-6F49-4870-ACC4-BAB5B439A69E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {5C65A52D-1017-4A56-BBC0-CB131ABC0742} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSupportHealthReportSchedule => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {D96182B2-7935-4AF1-9639-59CEFD99C036} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {73B3B500-5DAD-4B29-8632-ED7EC68E4B28} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {358E5210-2F84-4159-B401-9D086964C317} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {879144C6-190A-4FF5-9440-9F7285265673} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {A40F8059-89CF-441F-856D-3E9C3BF30C2B} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.1.0.7\x86\IdleScheduleEventAction.exe [172104 2025-10-22] (Lenovo -> )
Task: {85B9DD03-7629-4A00-BF44-BBDAC41EDF9D} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-12] (Lenovo -> Lenovo)
Task: {68EF8442-A580-4D02-9657-14A47A95D8CF} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
Task: {6BAFB5ED-67E4-4FEE-944A-2E6716776D28} - System32\Tasks\McAfee\DAD.WPS.Execute.Updates => "C:\Program Files\McAfee\WPS\1.7.209.1\dad\mc-dad.exe" (No File)
Task: {4E1445FA-3191-4E73-9C2B-8CDE31C53F60} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {3210794C-7982-4C4B-891F-AEC31B30C0D9} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {6EB92726-4DAE-452A-A840-FB57FFA4248B} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {10444018-179C-467C-9D97-42DE781ED64C} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {E16AE994-5936-4608-8AD1-46A14BB3F0FD} - System32\Tasks\McAfee\WPS\McAfee restart of PC => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {295571EC-A19B-4279-AA18-7F2C95B627B5} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {73A19094-3071-412B-9735-6269F2446264} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {DC1271E1-43BA-483E-A1D7-FEF6CE4B60F4} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {FC4B9C80-A5CF-461A-9D6E-35871C3BFB28} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16659240 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8194DDE-02A9-466E-BCA6-782E84E7215B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C96A8765-94F3-4574-82CC-6F766D208A1E} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [70968 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {563C15F6-742D-4F65-BFDA-BDBD76CEC471} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB4E6468-71D9-45BF-B228-8752D4055886} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311056 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7A7A813-930C-46B8-840C-A18C0018B6C2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311056 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {931392F5-E018-4886-BC07-AE34F479A69D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1347344 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB3DE5D4-C046-46C0-9970-62E7BC99ED07} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16659240 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {D39AE3BF-2461-4511-B290-67E7C2A8CCD5} - System32\Tasks\Microsoft\Windows\Setup\PITRTask => {093cb270-c282-4c22-b2ea-7d2bf1c30bbf} C:\WINDOWS\system32\oobe\PITRTask.dll [118784 2025-12-12] (Microsoft Windows -> Microsoft Corporation)
Task: {0BB36A32-0D9E-4297-AFD7-6BD7B5DB4C9B} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => %windir%\System32\UNP\UpdateNotificationMgr.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {25FBA56A-E73B-41A2-8FE5-DB01A66A1FC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpCmdRun.exe [1803016 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {09A85E12-C428-4443-952E-7C75B1C3B626} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpCmdRun.exe [1803016 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A21146D7-5DC4-43BF-AE8D-3C783B18EED9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpCmdRun.exe [1803016 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A0BEBBB6-ADAB-4A39-A04B-6AAB470F1D26} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpCmdRun.exe [1803016 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ABC97C61-1EB6-4B8E-A75F-48A0A2E0751A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {186D0435-924D-4F7C-9D6D-36AEF9B90690} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-02-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {08185764-4933-44F9-8F6F-B95DC480941B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {7D295A04-6DD6-4EB4-8702-7C863AE8A043} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33C2BA7F-382B-498F-B2D0-C466D7760E34} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A533BBED-6BAE-47E4-8251-7456373E2B68} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {092BAEFF-D3DD-4C3A-8E68-C4B5C79D06F3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E5EE795-C627-4389-BE44-083CDC9DB7B9} - System32\Tasks\OneDrive Startup Task-S-1-5-21-211460565-2364033777-153572910-1001 => C:\Users\patma\AppData\Local\Microsoft\OneDrive\25.222.1112.0002_1\OneDriveLauncher.exe [745832 2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8711249-5397-4580-8112-3FDE6F656382} - System32\Tasks\Opera scheduled assistant Autoupdate 1723969481 => C:\Users\patma\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-21] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\patma\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {2C4748CA-BD7F-4CB5-89B6-F1AE5B6EF7DE} - System32\Tasks\Opera scheduled assistant Autoupdate 1732345968 => C:\Users\patma\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-21] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\patma\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {2CC7334D-684B-4630-85B8-117376191234} - System32\Tasks\Opera scheduled Autoupdate 1723969481 => C:\Users\patma\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-21] (Opera Norway AS -> Opera Software)
Task: {FC734DE5-D4D1-4C7C-BE2D-CA1667FF359D} - System32\Tasks\Opera scheduled Autoupdate 1732345965 => C:\Users\patma\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-21] (Opera Norway AS -> Opera Software)
Task: {0C1DBC51-48F5-4954-8A7E-9A2E820E03AF} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-211460565-2364033777-153572910-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4856440 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {1AE813F6-3EE2-46E0-8807-9BD2779BA994} - System32\Tasks\Piriform\CCleaner 7 - Scheduled Cleaning - default - S-1-5-21-211460565-2364033777-153572910-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4856440 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {7E2CC1C2-8846-478E-AE39-44849DA5A7C0} - System32\Tasks\Piriform\CCleaner 7 BugReport => C:\Program Files\Piriform\CCleaner 7\CCleanerBugReport.exe [6274680 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --product 234 --programpath "C:\Program Files\Piriform\CCleaner 7" --configpath "C:\Program Files\Piriform\CCleaner 7\data" --path "C:\Program Files\Piriform\CCleaner 7\log" --path "C:\Program Files\Piriform\CCleaner 7\data\dumps" --logpath "C:\Program Files\Piriform\CCleaner 7 (the data entry has 58 more characters).
Task: {D53C47A2-AFA3-429A-B787-12AD0CB96845} - System32\Tasks\Piriform\CCleaner 7 Update => C:\Program Files\Common Files\Piriform\Icarus\piriform-ccl\icarus.exe [9239776 2025-11-25] (Gen Digital Inc. -> Gen Digital Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{8dcf7671-feac-4597-89b4-58ec2334258a}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{8dcf7671-feac-4597-89b4-58ec2334258a}\051647D6164733037237027416C61687970214532337025374: [DhcpNameServer] 192.168.90.156
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\patma\AppData\Local\Microsoft\Edge\User Data\Default [2025-12-13]
Edge Notifications: Default -> hxxps://www.msn.com; hxxps://www.tiktok.com
Edge Extension: (Dokumenty Google offline) - C:\Users\patma\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-29]
Edge Extension: (Edge relevant text changes) - C:\Users\patma\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-08-17]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\patma\AppData\Local\Google\Chrome\User Data\Default [2025-12-13]
CHR Notifications: Default -> hxxps://d4ukkde071bc73a8pm0g.monexio.co.in; hxxps://fastshare.cz; hxxps://fr1.badoo.com; hxxps://www.daemon-tools.cc; hxxps://www.facebook.com; hxxps://www.messenger.com; hxxps://www.tiktok.com; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\patma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-29]
CHR Extension: (SPOT Survey Blocker) - C:\Users\patma\AppData\Local\Google\Chrome\User Data\Default\Extensions\kolklnebpigejnjdnddogpomkanjpmka [2024-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\patma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-08-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3318400 2025-02-08] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [20285608 2025-11-16] (BattlEye Innovations e.K. -> )
R2 CCleaner7; C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe [28341880 2025-12-13] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13419320 2025-12-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4938808 2024-09-30] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [141680 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
R2 GooglePlayGamesServices-25.12.110.0; C:\Program Files\Google\Play Games Services\25.12.110.0\Service\GooglePlayGamesServices.exe [509080 2025-12-05] (Google LLC -> Google LLC)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_e40ba436be734fd2\LenovoUtilityService.exe [199704 2025-09-28] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe [34368 2025-12-12] (Lenovo -> Lenovo)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958776 2025-12-12] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpDefenderCoreService.exe [2063328 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1910192 2024-08-20] (SteelSeries France SASU -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_7437c73094842db3\Display.NvContainer\NVDisplay.Container.exe [1274904 2024-07-04] (NVIDIA Corporation -> NVIDIA Corporation)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [72592 2025-08-18] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\NisSrv.exe [4426832 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MsMpEng.exe [290704 2025-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0417253.inf_amd64_a9b363c4f94f001d\B417132\amdkmdag.sys [106597288 2025-07-14] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [602112 2025-09-11] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-09-11] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2024-11-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2024-11-23] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
R1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [234688 2025-10-19] (Microsoft Windows Hardware Compatibility Publisher -> Google)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2025-11-14] (Microsoft Windows -> Microsoft Corporation)
R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [95856 2024-08-20] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [95896 2024-08-20] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [246272 2024-07-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_3037ec512dc36c3a\rt68cx21x64.sys [656328 2023-02-15] (Realtek Semiconductor Corp. -> Realtek)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21928 2025-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [635272 2025-12-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-12-13 12:54 - 2025-12-13 12:55 - 000035818 _____ C:\Users\patma\OneDrive\Plocha\FRST.txt
2025-12-13 12:52 - 2025-12-13 12:52 - 002444288 _____ (Farbar) C:\Users\patma\OneDrive\Plocha\FRST64.exe
2025-12-13 12:42 - 2025-12-13 12:42 - 000713018 _____ C:\WINDOWS\system32\perfh005.dat
2025-12-13 12:42 - 2025-12-13 12:42 - 000153196 _____ C:\WINDOWS\system32\perfc005.dat
2025-12-13 12:31 - 2025-12-13 12:31 - 000003264 _____ C:\WINDOWS\system32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-211460565-2364033777-153572910-1001
2025-12-13 12:31 - 2025-12-13 12:31 - 000002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 7.lnk
2025-12-13 12:31 - 2025-12-13 12:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Piriform
2025-12-13 12:31 - 2025-12-13 12:31 - 000000000 ____D C:\Users\patma\AppData\Roaming\CCleaner
2025-12-13 12:30 - 2025-12-13 12:30 - 000056128 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-12-13 12:30 - 2025-12-13 12:30 - 000000000 ____D C:\Program Files\Piriform
2025-12-13 12:30 - 2025-12-13 12:30 - 000000000 ____D C:\Program Files\Common Files\Piriform
2025-12-12 19:26 - 2025-12-12 19:26 - 000000000 ____D C:\WINDOWS\system32\NarratorMCAT
2025-12-12 18:24 - 2025-12-12 18:24 - 000021502 _____ C:\Users\patma\OneDrive\Plocha\Majsner.webp
2025-12-12 16:27 - 2025-12-13 12:38 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-12-12 16:19 - 2025-12-12 16:19 - 000035602 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-12-12 16:19 - 2025-12-12 16:19 - 000035602 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-12-12 16:01 - 2025-12-12 16:01 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-12-12 15:48 - 2025-12-12 15:48 - 000004032 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-211460565-2364033777-153572910-1001_0
2025-11-29 10:48 - 2025-11-29 10:50 - 1539858050 _____ C:\Users\patma\OneDrive\Plocha\Tron - Ares (2025).mp4
2025-11-29 10:42 - 2025-11-29 10:46 - 3101092802 _____ C:\Users\patma\OneDrive\Plocha\Železná Srdce (2014).mkv
2025-11-29 10:14 - 2025-11-29 10:17 - 1994136138 _____ C:\Users\patma\OneDrive\Plocha\Memphiská kráska (1990).mkv
2025-11-16 13:43 - 2025-11-16 13:43 - 000000000 ____D C:\Users\patma\ansel
2025-11-16 13:43 - 2025-11-16 13:43 - 000000000 ____D C:\ProgramData\WarThunder
2025-11-16 13:42 - 2025-11-16 13:42 - 000000000 ____D C:\Users\patma\AppData\Local\BattlEye
2025-11-16 11:53 - 2025-11-16 11:53 - 000000000 ____D C:\Users\patma\AppData\Local\Gaijin
2025-11-16 11:53 - 2025-11-16 11:53 - 000000000 ____D C:\ProgramData\Gaijin
2025-11-16 11:46 - 2025-12-13 08:09 - 000000000 ____D C:\Users\patma\AppData\Local\WarThunder
2025-11-16 11:46 - 2025-11-16 13:41 - 000000000 ___RD C:\Users\patma\OneDrive\Dokumenty\My Games
2025-11-16 11:46 - 2025-11-16 11:46 - 000002042 _____ C:\Users\patma\OneDrive\Plocha\WarThunder.lnk
2025-11-16 11:46 - 2025-11-16 11:46 - 000000000 ____D C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-12-13 12:54 - 2024-08-31 10:28 - 000000000 ____D C:\FRST
2025-12-13 12:48 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-12-13 12:48 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-12-13 12:47 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-12-13 12:42 - 2025-09-11 10:25 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-12-13 12:42 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-12-13 12:41 - 2024-08-18 06:10 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-12-13 12:40 - 2024-08-17 16:35 - 000000000 ___RD C:\Users\patma\OneDrive
2025-12-13 12:38 - 2025-09-11 10:19 - 000003066 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-12-13 12:37 - 2025-09-13 09:32 - 000000000 ____D C:\Users\patma\AppData\Local\AVG
2025-12-13 12:37 - 2025-09-13 09:25 - 000000000 ____D C:\Users\patma\AppData\Roaming\AVG
2025-12-13 12:37 - 2025-09-11 10:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-12-13 12:37 - 2024-08-18 09:24 - 000000000 ____D C:\ProgramData\AVG
2025-12-13 12:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-12-13 12:37 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-12-13 12:37 - 2023-11-21 21:13 - 000000000 ____D C:\ProgramData\NVIDIA
2025-12-13 12:37 - 2022-05-25 20:05 - 000012288 ___SH C:\DumpStack.log.tmp
2025-12-13 12:36 - 2024-08-17 16:34 - 000000000 ____D C:\Users\patma\AppData\Local\D3DSCache
2025-12-13 12:32 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-12-13 12:31 - 2025-09-13 09:23 - 000000000 ____D C:\ProgramData\Piriform
2025-12-13 12:31 - 2025-09-13 09:22 - 000000000 ____D C:\Program Files\CCleaner
2025-12-13 12:03 - 2025-09-11 10:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-12-13 08:01 - 2025-09-11 10:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-211460565-2364033777-153572910-1001
2025-12-13 08:01 - 2025-09-11 10:19 - 000003568 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-211460565-2364033777-153572910-1001
2025-12-13 08:01 - 2025-09-11 10:19 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-211460565-2364033777-153572910-1001
2025-12-13 08:01 - 2024-08-17 16:35 - 000002390 _____ C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-12-13 08:01 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-12-12 19:27 - 2025-09-11 10:16 - 000472664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-12-12 19:26 - 2025-09-11 07:47 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-12-12 19:26 - 2025-09-11 07:47 - 000000000 ____D C:\WINDOWS\InboxApps
2025-12-12 19:26 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\WUModels
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-12-12 19:26 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-12-12 19:26 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-12-12 18:23 - 2025-10-26 08:07 - 000000000 ____D C:\ProgramData\Whesvc
2025-12-12 16:19 - 2025-09-11 10:19 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-12-12 16:13 - 2024-08-20 14:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-12-12 16:12 - 2024-08-20 14:01 - 218369424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-12-12 16:03 - 2022-05-25 20:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-12-12 16:00 - 2023-11-21 21:05 - 000000000 ____D C:\Program Files\Microsoft Office
2025-12-12 15:51 - 2022-05-25 20:06 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-11-29 10:06 - 2025-09-26 13:27 - 000436592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_b.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 004581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000878968 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000285040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000244088 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000166264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-11-29 10:06 - 2024-08-18 11:43 - 000153976 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-11-29 10:06 - 2024-08-18 11:43 - 000076152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-11-29 09:47 - 2025-10-26 23:20 - 000000000 ____D C:\WINDOWS\Minidump
2025-11-29 09:47 - 2024-08-18 09:26 - 000000000 ____D C:\Users\patma\AppData\Local\CrashDumps
2025-11-29 09:46 - 2025-09-11 10:19 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-11-29 09:46 - 2025-09-11 10:19 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-11-29 09:44 - 2023-11-21 21:20 - 000001324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Now.lnk
2025-11-29 09:44 - 2023-11-21 21:19 - 000000000 ____D C:\WINDOWS\TempInst
2025-11-16 13:43 - 2025-09-11 07:51 - 000000000 ____D C:\Users\patma
2025-11-16 13:43 - 2024-08-17 16:34 - 000000000 ____D C:\Users\patma\AppData\Local\NVIDIA Corporation
2025-11-16 13:38 - 2023-11-21 21:14 - 000000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories ========
2025-10-26 10:11 - 2025-10-26 10:12 - 000000000 _____ () C:\Users\patma\AppData\Roaming\FileIn.cns
2025-10-26 10:11 - 2025-10-26 10:12 - 000000000 _____ () C:\Users\patma\AppData\Roaming\FileOut.cns
2025-11-01 09:13 - 2025-11-01 09:19 - 000149446 _____ () C:\Users\patma\AppData\Local\dxdiag.log
2025-02-08 07:47 - 2025-02-08 07:51 - 000001687 _____ () C:\Users\patma\AppData\Local\log.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by patma (13-12-2025 12:56:21)
Running from C:\Users\patma\OneDrive\Plocha
Microsoft Windows 11 Home Version 25H2 26200.7462 (X64) (2025-09-11 09:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-211460565-2364033777-153572910-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-211460565-2364033777-153572910-503 - Limited - Disabled)
Guest (S-1-5-21-211460565-2364033777-153572910-501 - Limited - Disabled)
patma (S-1-5-21-211460565-2364033777-153572910-1001 - Administrator - Enabled) => C:\Users\patma
WDAGUtilityAccount (S-1-5-21-211460565-2364033777-153572910-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 24.07 (x64) (HKLM\...\7-Zip) (Version: 24.07 - Igor Pavlov)
CCleaner 7 (HKLM\...\CCleaner 7) (Version: 7.2.1080.1295 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.1.0.2213 - Disc Soft Ltd)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 143.0.7499.41 - Google LLC)
Google Play Games (HKLM\...\GooglePlayGames) (Version: 25.12.11.0 - Google LLC)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Lenovo Now (HKLM-x32\...\{622FA116-13E7-4BB6-839C-A3E0E3ECDFE6}_is1) (Version: 4.4.2.1 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2511.18.0 - Lenovo Group Ltd.)
Lesta Game Center (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Lesta Game Center) (Version: 25.3.0.944 - Lesta Games)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft .NET Host - 8.0.3 (x86) (HKLM-x32\...\{C3185BE9-A193-4021-91F1-1E196C20CAB6}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.8 (x64) (HKLM\...\{3BA242F8-BDB5-4096-9FBC-333CD663BBAD}) (Version: 64.32.18380 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.3 (x86) (HKLM-x32\...\{AA217943-D70A-4078-988C-31E5EC26AFE1}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.8 (x64) (HKLM\...\{7FE24458-0796-4428-99C2-9A0F8DAB93CC}) (Version: 64.32.18380 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.3 (x86) (HKLM-x32\...\{CE4A2F26-87B5-4569-A582-62A8D3B20BE9}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.8 (x64) (HKLM\...\{9ACB23DB-4D32-49ED-A5E3-F4E2F8D9D2AA}) (Version: 64.32.18380 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.3 - Shared Framework (x86) (HKLM-x32\...\{27b7a489-233a-488c-b81b-0cb173d4cd15}) (Version: 8.0.3.24116 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.3 Shared Framework (x86) (HKLM-x32\...\{66F03628-AF73-329C-9DB7-59A701E08AB7}) (Version: 8.0.3.24116 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 143.0.3650.75 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 143.0.3650.80 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM\...\{ECB4BDD1-984C-9F25-299C-A9EF75C14197}) (Version: 10.1.26100.6879 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\OneDriveSetup.exe) (Version: 25.222.1112.0002 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x86) (HKLM-x32\...\{2907caa8-4808-4b6b-b7e7-fb8c862823d2}) (Version: 8.0.3.33416 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.3 (x86) (HKLM-x32\...\{D383E279-1AD9-4DD8-9EB4-7C831665F9CC}) (Version: 64.12.10377 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM\...\{663E7053-3B36-4AE5-8223-234867FAEAE6}) (Version: 64.32.18376 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM-x32\...\{33832ff3-5583-4b81-b270-d9fd42760e1a}) (Version: 8.0.8.33916 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.114 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.114 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 555.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 555.99 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Open Rails 1.3.1.4328 (HKLM-x32\...\{94E15E08-869D-4B69-B8D7-8C82075CB51C} ; Generat~67F3DAC8_is1) (Version: 1.3.1.4328 - Open Rails)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
uTorrent Web (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\utweb) (Version: 1.4.0 - BitTorrent Limited)
War Thunder Launcher 1.0.3.496 (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Network)
Wargaming.net Game Center (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\Wargaming.net Game Center) (Version: 25.6.0.709 - Wargaming.net)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1084 - McAfee, LLC)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\2314027414) (Version: - Wargaming.net)
Мир танков (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\LGC-4094243768) (Version: - Lesta Games)
Мир танков Общий тест (HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\LGC-1739465547) (Version: - Lesta Games)
Packages:
=========
@{MicrosoftWindows.58683691.InpApp_1000.26100.6725.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-12] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6899.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-12] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6901.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-12] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.7019.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-12] ()
@{MicrosoftWindows.59379618.InpApp_1000.26100.7019.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.59379618.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-12] (Microsoft Windows)
@{MicrosoftWindows.59379618.InpApp_1000.26100.7171.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.59379618.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-12] (Microsoft Windows)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19012.0_x64__0a9344xs7nr4m [2025-08-07] (Advanced Micro Devices Inc.) [Startup Task]
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57242383.Tasbar_cw5n1h2txyewy [2025-12-12] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-12] (Microsoft Windows)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.36.0_x64__xbfy0k16fey96 [2025-12-12] (Dropbox Inc.)
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.25150.49.0_x64__8wekyb3d8bbwe [2025-07-19] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2509.13.0_x64__k1h2ywk1493x8 [2025-10-27] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.7.18.0_x64__5grkq8ppsgwt4 [2025-05-17] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.42.0_x64__w1wdnht996qgy [2025-03-15] (LinkedIn) [Startup Task]
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-12-12] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2410.16002.0_x64__8wekyb3d8bbwe [2024-12-07] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-08-24] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20610.576.0_x64__8wekyb3d8bbwe [2025-07-19] (Microsoft Corporation)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-12-12] ()
MSN Počasí -> C:\Program Files\WindowsApps\www.msn.com-7FB783BD_1.0.0.0_neutral__q77jw2zwjvy92 [2025-09-07] (www.msn.com)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-16] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-12-12] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.328.0_x64__dt26b99r8h8gj [2024-09-13] (Realtek Semiconductor Corp)
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2025-09-07] (Bytedance Pte. Ltd.)
WinRAR -> C:\Program Files\WinRAR [2025-01-25] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{1fbfb627-93ed-88f1-57b8-78ec8c9febe7}\localserver32 -> "C:\ProgramData\Lenovo\Udc\Hosts\23.4.0.8\x64\MessagingPlugin.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\patma\AppData\Local\Microsoft\OneDrive\25.222.1112.0002_1\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\patma\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (SteelSeries France SASU -> A-Volute)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\patma\AppData\Local\Microsoft\OneDrive\25.222.1112.0002_1\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-211460565-2364033777-153572910-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-06-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-09-30] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-09-30] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-06-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_7437c73094842db3\nvshext.dll [2024-07-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-06-19] (Igor Pavlov) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lesta Games\Tanki_PT\Мир танков Общий тест.lnk -> C:\Games\Tanki_PT\lgc_api.exe (©2022-2025 Lesta Games Agency, LLC) -> --open <==== Cyrillic
ShortcutWithArgument: C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lesta Games\Tanki_PT\Удалить Мир танков Общий тест.lnk -> C:\Games\Tanki_PT\lgc_api.exe (©2022-2025 Lesta Games Agency, LLC) -> --uninstall <==== Cyrillic
ShortcutWithArgument: C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lesta Games\Tanki\Мир танков.lnk -> C:\Games\Tanki\lgc_api.exe (©2022-2025 Lesta Games Agency, LLC) -> --open <==== Cyrillic
ShortcutWithArgument: C:\Users\patma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lesta Games\Tanki\Удалить Мир танков.lnk -> C:\Games\Tanki\lgc_api.exe (©2022-2025 Lesta Games Agency, LLC) -> --uninstall <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 06:24 - 2025-03-15 13:44 - 000003992 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
109.94.209.70 fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 fitgirls-repacks.com # Fake FitGirl site
109.94.209.70 fitgirlrepack.cc # Fake FitGirl site
109.94.209.70 fitgirlrepacks.org # Fake FitGirl site
2025-04-05 06:30 - 2025-07-17 16:16 - 000000436 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek 8822CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\patma\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\3252015542758410307\134077767608020034.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-211460565-2364033777-153572910-1001\...\StartupApproved\Run: => "utweb"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{46AADDFF-78D6-479B-A351-9ECD54E79E86}C:\games\tanki\win64\tanki.exe] => (Allow) C:\games\tanki\win64\tanki.exe (LESTA LLC -> Lesta)
FirewallRules: [TCP Query User{67E72D77-939F-40E9-A136-1CEAE8957C8D}C:\games\tanki\win64\tanki.exe] => (Allow) C:\games\tanki\win64\tanki.exe (LESTA LLC -> Lesta)
FirewallRules: [UDP Query User{E6F2AC4E-CE46-4CC3-917B-34C99397D5F2}C:\programdata\lesta\gamecenter\lgc.exe] => (Allow) C:\programdata\lesta\gamecenter\lgc.exe (LESTA LLC -> ©2022-2025 Lesta Games Agency, LLC)
FirewallRules: [TCP Query User{DC39E146-3507-4F60-8F9B-1A0010DB4EC9}C:\programdata\lesta\gamecenter\lgc.exe] => (Allow) C:\programdata\lesta\gamecenter\lgc.exe (LESTA LLC -> ©2022-2025 Lesta Games Agency, LLC)
FirewallRules: [{8F437965-0413-486C-9C84-75BE891AF0BC}] => (Allow) C:\Users\patma\AppData\Local\Temp\7zF4C967C8\aria2c.exe => No File
FirewallRules: [{4CDE3673-B195-445E-B5DD-7441699951D7}] => (Allow) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRWUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{3E81BCF9-D63B-43AB-9D27-704A3BA2EC92}] => (Allow) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRWUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{5EC3369F-97BE-4F19-B5D4-4AE93887F809}] => (Allow) C:\Users\patma\AppData\Local\Programs\Opera\opera.exe => No File
FirewallRules: [{D6E60FA7-AF17-4226-9F0B-749FEEDF011B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{28D631DE-54E6-405F-A6C1-B89F954C2C45}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{A95EC880-C28C-4237-84EC-595881481E28}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => No File
FirewallRules: [{9F704AC7-561A-49E1-B237-18ED5C58C8E3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{5C7A9B83-2E48-4907-A48F-F6BD20C7FA00}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{ABE54436-D969-4184-BAAE-3C89A4B3287B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{C84277C4-C456-40E1-B5B2-413CCFE1957D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{05B2846B-89C5-440F-B2B2-9F9F25A32B2D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{DF543A98-3F3E-41FF-9F6F-3D071AC5E5DF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{A7C22E02-BBB3-4C99-A862-2F882D997C8B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [{23CD6B85-5F66-4BD6-9EB9-B875D0627D8E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [{6147DDED-1287-4685-A71E-B56872A113F6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe => No File
FirewallRules: [{D918AEE4-5D0E-4B42-8712-2ADE6E0A4613}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe => No File
FirewallRules: [UDP Query User{3E8DC745-B959-4E89-BBE8-90A93F0BB621}C:\xboxgames\call of duty\content\sp23\sp23-cod.exe] => (Allow) C:\xboxgames\call of duty\content\sp23\sp23-cod.exe => No File
FirewallRules: [TCP Query User{E43CA15C-B336-450B-8550-B6DAD61B7368}C:\xboxgames\call of duty\content\sp23\sp23-cod.exe] => (Allow) C:\xboxgames\call of duty\content\sp23\sp23-cod.exe => No File
FirewallRules: [UDP Query User{136A534E-8EA8-4C4E-8930-014A9363B665}C:\xboxgames\call of duty\content\cod.exe] => (Allow) C:\xboxgames\call of duty\content\cod.exe => No File
FirewallRules: [TCP Query User{E888CF2B-2628-4B1A-A326-BC5E54E17550}C:\xboxgames\call of duty\content\cod.exe] => (Allow) C:\xboxgames\call of duty\content\cod.exe => No File
FirewallRules: [UDP Query User{F6B01CB4-3BF4-4877-B6E7-C85C577A2A69}C:\program files (x86)\call of duty deluxe edition\codmp.exe] => (Allow) C:\program files (x86)\call of duty deluxe edition\codmp.exe => No File
FirewallRules: [TCP Query User{0A878231-1D3F-4262-882D-97A61A523656}C:\program files (x86)\call of duty deluxe edition\codmp.exe] => (Allow) C:\program files (x86)\call of duty deluxe edition\codmp.exe => No File
FirewallRules: [UDP Query User{A146787D-A2D0-4562-86E7-30A0E06F87EC}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{A64E1424-E8C8-4B03-95C9-DF22F29E67F1}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{72336E96-0D45-4402-B946-0076D266BB0B}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{01C5EA54-17BE-49B5-B5ED-4C4E41FDD756}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{218C716F-2C27-4432-A0CF-272E7F1A14D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{43F73884-1DB8-4F0D-89CD-3083E5505E0A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EA7F613F-C178-474F-8F59-B84144AA3DF4}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AFAC08CC-29A8-4669-9AD5-D6650AFC2D94}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{025E596E-39EB-47E7-B578-37DB17FABB82}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{854F3A73-07AF-4473-B3C7-AB54C636A11C}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CC7C07ED-06B6-4A64-B3C8-9E1299569FAE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BCFB3624-920B-442B-8CD0-C284B5251BC6}] => (Allow) C:\Users\patma\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{9FE7BA3E-EAE7-48D0-B5F9-17383702248E}] => (Allow) C:\Users\patma\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{E6A5BE38-FEFA-4A4A-9BC4-9A16558BB90D}C:\users\patma\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\patma\appdata\local\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [UDP Query User{8A60F2ED-E96D-467C-9BF0-C72CD85250EB}C:\users\patma\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\patma\appdata\local\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{CC86B821-9148-47ED-A0B5-5EDEA18FDAD9}C:\users\patma\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\patma\appdata\local\warthunder\win64\aces.exe => No File
FirewallRules: [UDP Query User{D35ACF99-257D-4D29-AFF2-ED2CF3A872C1}C:\users\patma\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\patma\appdata\local\warthunder\win64\aces.exe => No File
FirewallRules: [{243CDB2E-624D-4A4F-8900-9A03A37AC30F}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{BB70FA0E-9C7F-40C1-A08A-676071B0ED1C}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{B4962BB5-D3D0-41D2-814B-423248FC0898}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
12-12-2025 15:51:14 Windows Update
12-12-2025 16:04:38 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/13/2025 12:40:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_none_758c8a477f89a995\8.0\8.0.50727.4053\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/13/2025 12:36:41 PM) (Source: AbtPaaS) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/13/2025 12:36:41 PM) (Source: AbtPaaS) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/13/2025 12:36:41 PM) (Source: AbtPaaS) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/13/2025 12:36:41 PM) (Source: AbtPaaS) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/13/2025 08:00:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_none_758c8a477f89a995\8.0\8.0.50727.4053\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/12/2025 07:29:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_none_758c8a477f89a995\8.0\8.0.50727.4053\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64"