VIRY.CZ

Hezký den,

prosím o kontrolu logu. Náhled na mě vyskočila hláška, že program onedriverpatcher.exe prosím o povolení provádět změny na počítači. Což jsem bezhlavě povolil, v hlášce byla uvedena certifikace. Později mě napadlo googlit, o co může jít a narazil jsem na to, že by to mohl využívat malware jako součást "DLL sideloading attack" (bohužel netuším, o co jde, jen chci předat všechny informace).

Počítač jsem projel Malwarebytes a AdwCleanerem, což odstranilo nějaké věci související s programem FormatFactory.

Předem moc za kontroluju děkuji

P.S. FRST mi následně smazal Avast

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2026
Ran by stepa (administrator) on LAPTOP-3LMH3KRC (LENOVO 82LM) (05-05-2026 23:16:40)
Running from C:\Users\stepa\Desktop\FRST64.exe
Loaded Profiles: stepa
Platform: Microsoft Windows 11 Home Version 25H2 26200.8328 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe
(C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(drivers\Lenovo\udc\Service\UDClientService.exe ->) (Lenovo -> ) C:\ProgramData\Lenovo\Udc\Hosts\x64\AppProvisioningPlugin.exe
(drivers\Lenovo\udc\Service\UDClientService.exe ->) (Lenovo -> ) C:\ProgramData\Lenovo\Udc\Hosts\x64\MessagingPlugin.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\stepa\AppData\Local\Microsoft\OneDrive\26.070.0414.0001_1\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_05fe713c4fadacd3\RtkAudUService64.exe [3477960 2022-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [1018024 2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM\...\Run: [Avast Cleanup UI] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [7279840 2026-03-25] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3348640 2026-04-30] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [Microsoft.Lists] => C:\Users\stepa\AppData\Local\Microsoft\OneDrive\26.070.0414.0001_1\OneDrive.Sync.Service.exe [956264 2026-05-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [42086872 2026-04-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [MicrosoftEdgeAutoLaunch_D8110E640FD3F8C5BCB7D3575AB1C9F3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [5026632 2026-04-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Uninstall 26.063.0405.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\26.063.0405.0002" [0 2026-05-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Uninstall 26.070.0414.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\26.070.0414.0001" [0 2026-05-05] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3971224 2026-04-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\148.0.7778.96\Installer\chrmstp.exe [7614616 2026-05-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {185D797C-9ACF-4C2F-8C78-C490C8102D05} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {3DFF74E6-8C18-4CE0-830D-47F51C619AB7} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030928 2025-12-11] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {997A2576-A70C-4A31-8AAE-F58BB0DB631C} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [184072 2025-12-11] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {A3513172-2BDF-4DF6-9D89-89B1194AD42B} - System32\Tasks\AMDScoSupportTypeUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030928 2025-12-11] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {E0FF6E89-698B-48FC-BC50-30013028FA32} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [9500384 2026-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {A1CE42DE-178E-4153-86B2-3AAED832D33A} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [6444768 2026-03-25] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup" --configpath "C:\ProgramData\Avast Software\Cleanup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cle (the data entry has 53 more characters).
Task: {8D96DE86-0989-42AC-A010-7A5ACC7A2098} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [9501920 2026-03-24] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {86BA124A-1271-48DF-8B02-4CFB00FC2CD7} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5739688 2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {60446D0E-543F-41E8-B164-D660B99846E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2977504 2025-10-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AA68F175-98FC-4CFE-8CF5-FD78EDA0951D} - System32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [5598328 2026-04-28] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {C5D3BD32-CB31-41C0-B9B8-9E982BE16115} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [3327808 2026-05-01] (Microsoft Windows -> Microsoft Corporation)
Task: {2A9CD888-49A0-42FF-AB44-0CC72D245313} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{D3A9C7FB-62E1-4CEB-81DC-29B992982252} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {A0B83ED7-CDE3-49CA-8E9E-A3B9D9E7D0E9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {0C8A1620-42A4-4EF5-AFF1-96622CC7BC47} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [102400 2025-06-26] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {99A873B2-3B96-4131-B8B3-ECDF53765135} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [110592 2025-09-03] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {2DEA6558-BDF3-433D-8454-77B999806CF4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d3383f4f-581e-4095-bd53-1d0a01aea451 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {56A788CD-C107-449D-AA9F-E16E4F881C76} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e095aa2d-bf31-414b-80c3-c75572bf7685 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {44443D70-6F91-4E36-A5AB-EE67D5FEA55C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e52005e6-330d-410e-9392-7a57cceed75f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {053C00E3-48AE-4082-8FD5-10B84F40134F} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [93520 2026-03-06] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {441170F8-82C9-4CE5-B43E-1AF590781599} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\WINDOWS\system32\sc.exe [102400 2025-06-26] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {B6F9029E-707F-4518-8015-7E79A7E86131} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [91024 2026-04-01] (Lenovo -> Lenovo Group Ltd.) -> C:\windows\system32\drivers\Lenovo\udc\Service\/onidle
Task: {7BBC7EDA-016C-4B79-BC2B-6834539C4A70} - System32\Tasks\Lenovo\UDC\Lenovo UDC Lazy Deployment => C:\WINDOWS\system32\sc.exe [102400 2025-06-26] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 221
Task: {27B15152-A6ED-431D-860C-521A6EF924FF} - System32\Tasks\Lenovo\UDC\Lenovo UDC Maintainance Task => C:\WINDOWS\system32\sc.exe [102400 2025-06-26] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 220
Task: {E6E206E4-924A-4B92-9084-CA4BE83A8942} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [257936 2026-04-01] (Lenovo -> Lenovo Group Ltd.)
Task: {66183271-86EE-4904-9469-5BFB692E90AD} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [102400 2025-06-26] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {94558482-EE32-4DC3-930E-0AF19F6058B1} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {97EF308F-2D04-4C3C-9680-4A69D4AEF7E1} - System32\Tasks\Lenovo\Vantage\Schedule\ConsumerAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {C94A3C78-F54D-42C0-B63E-24B09A6BC016} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {7104B411-F892-486A-9C1A-B2915A79B104} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {5C384B27-1B92-403F-82A7-A0031978F623} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin_Pulsation => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {EA27231B-80C5-4973-A26F-58E69CE58587} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {E215AAFD-9149-44FF-877D-BDF5D1F77D0F} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {E6FB855D-DE58-46F9-8F4F-37334FD8B1C2} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {DD0534FE-439C-4B97-8ED3-802E2F4E4F9F} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {CEBDE9D1-9F92-4FFD-A25A-3CC351011047} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSupportHealthReportSchedule => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {BA114CC9-C451-4F5D-89D1-F4893A3051BD} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {A3946D0C-0CD5-4D67-9D89-702D1D87D07B} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {D35F7319-EC06-4478-B64B-97DF3F5E6ABC} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {4B3AB4CE-EA66-4363-AB3B-43838322E1D2} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {9C70FF0F-9AD1-4779-8FDB-8D9D9EAFA79C} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {C8062E2E-E8BD-4E8C-B3F9-8724A72BABA0} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.1.0.29\x86\IdleScheduleEventAction.exe [173536 2026-04-21] (Lenovo -> )
Task: {CD5D1F12-F740-41AB-9DC9-63FC44AE168B} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\ScheduleEventAction.exe [276032 2026-03-19] (Lenovo -> Lenovo)
Task: {FDD3F547-4554-43A2-B3C7-EA439AFE3443} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
Task: {4F3F0437-0002-448A-AD29-D3B508E6DC36} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1915851472-2192339704-3292565872-1001 => MessengerHelper.exe --lassie (No File)
Task: {6EA4AEE4-F751-4B30-A967-C17B309554C2} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16380720 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE153DA6-386B-4441-80B5-E25A7118084F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28547472 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BFCD004-F1D1-460D-BEE0-30B0A6187F16} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [73560 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3653B47-8781-48FE-9DBD-AF9AF039E669} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28547472 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {94D9F048-340F-40F5-B1F8-7875C4F2B10B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CD55943-B346-48BE-B45C-EBCBD0F724E1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {5512C267-7703-4AAE-8F23-46FD7D94E5F8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [1366888 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7DC3C12-AF15-4EF5-8901-1EF39A03B512} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4423712 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {704DFF17-DD5E-4683-AEC7-F9CF19109CFF} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16380720 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {876CFDB8-96A5-41EA-9F2A-9391F83F7587} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {1FA7E9E9-A0C0-4F36-A8CA-24673A05DE4B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {47DF7232-0796-48F6-A5B1-682312353352} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {733AFBDB-F44F-481C-9ACC-F7E6E9CF2FF8} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030928 2025-12-11] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {3D01C6D6-5CB9-48F5-9FE1-66C1BA879F0B} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [5598328 2026-04-28] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {EE2EDF3E-511D-4562-8ABC-A87AF26CE8AF} - System32\Tasks\Piriform\CCleaner 7 - Scheduled Cleaning - default - S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [5598328 2026-04-28] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {13405212-3E8A-48C8-B652-51DC8F1224B8} - System32\Tasks\Piriform\CCleaner 7 BugReport => C:\Program Files\Piriform\CCleaner 7\CCleanerBugReport.exe [6635128 2026-04-28] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --product 234 --programpath "C:\Program Files\Piriform\CCleaner 7" --configpath "C:\Program Files\Piriform\CCleaner 7\data" --path "C:\Program Files\Piriform\CCleaner 7\log" --path "C:\Program Files\Piriform\CCleaner 7\data\dumps" --logpath "C:\Program Files\Piriform\CCleaner 7 (the data entry has 58 more characters).
Task: {B851B598-488C-43F7-A5D4-800A34967EB7} - System32\Tasks\Piriform\CCleaner 7 Update => C:\Program Files\Common Files\Piriform\Icarus\piriform-ccl\icarus.exe [9274080 2026-01-19] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {2A9DD550-455D-49AE-8133-A58F305539BF} - System32\Tasks\Samsung_PSSD_Registration_Plus => C:\Program Files (x86)\Samsung\Portable_SSD\SamsungPortableSSDMon_1.0.exe [869224 2021-08-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
Task: {E74CE94B-3BAA-4934-82B1-8604721ABB10} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [767240 2025-12-11] (Advanced Micro Devices -> AMD)
Task: {3741F1C5-FDE7-42A7-A36A-DDFC17B133BC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60680 2025-12-11] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {190EA8C3-89B5-4125-A27B-0E46E8460B5F} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60680 2025-12-11] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {BA038573-D5D5-42AA-A31E-87A8B510535B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [323856 2025-12-11] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {D2770682-27EF-4B48-A64D-7B03DD88C68C} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {9352CF23-3CB4-4F6E-BCAA-F43812F10BDB} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {380476C0-3D73-4F6D-BD2A-7881E443D753} - System32\Tasks\Ubisoft\Ubisoft Connect Background Update => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe [17255600 2026-03-24] (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}\05F44414F543432373: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}\05F44414F5434323735374: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}\C4F6A7E696365602D202E656A6A71646E656A637960207F6374756C6: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}\C6674667: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}\F426976716B602160267562716E6461602D202C6560737960207F63696471636: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}\F426976716B602160267562716E6461602D202C65607379602D6F62696C6: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-04-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2026-01-04] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\stepa\AppData\Local\Microsoft\Edge\User Data\Default [2026-05-05]
Edge Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-16]
Edge Extension: (Edge relevant text changes) - C:\Users\stepa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default [2026-05-05]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2026-05-03]
CHR Extension: (QR Code Generator) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2022-10-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-17]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2026-05-03]
CHR Extension: (Grammarly: AI Writing Assistant and Grammar Checker App) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2026-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-10]
CHR Extension: (Scopus Document Download Manager) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojplelelocihfchkdaebocpankipadmp [2024-07-12]
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-04]
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-01-03]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-10-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-10]
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Profile 3 [2025-12-13]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-09-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-19]
CHR Extension: (Participate by Lookback) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ppapgcbnefafdghpfglgilaghielefgn [2023-03-19]
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\System Profile [2026-05-05]
CHR HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7944360 2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
S2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [529168 0] (Advanced Micro Devices -> AMD)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [1039016 2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2733224 2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1092264 2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
R2 AvastCleanupSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [21550304 2026-03-25] (Gen Digital Inc. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-10] (Avast Software s.r.o. -> AVAST Software)
R2 CCleaner7; C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe [30293112 2026-04-28] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345080 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
S2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_3c3afc298e15df94\DAX3API.exe [2305576 2021-11-18] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [177021688 2026-03-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19984032 2026-04-30] (Electronic Arts, Inc. -> Electronic Arts)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-21] (Epic Games Inc. -> Epic Games, Inc.)
S2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [422808 2021-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
S2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_5e21bf389d23855a\LenovoUtilityService.exe [199744 2026-03-09] (Lenovo -> Lenovo)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2601.21.0\LenovoVantageService.exe [34368 2026-03-19] (Lenovo -> Lenovo)
S2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1704912 2024-06-23] (Lenovo -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11483256 2026-05-05] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-05-05] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [83432 2026-05-01] (Microsoft Windows -> Microsoft Corporation)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2026-02-13] (Even Balance, Inc. -> )
S2 SessionSvc; C:\WINDOWS\System32\DriverStore\FileRepository\wbdiusb.inf_amd64_c714a3e73767251c\SessionService.exe [73280 2024-09-12] (Shenzhen Goodix Technology Co., Ltd. -> Goodix)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14770472 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [72592 2026-04-01] (Lenovo -> Lenovo Group Ltd.)
S3 UpcElevationService; C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher Core\UpcElevationService.exe [351928 2026-03-24] (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_ce2b2bc149703709\amdacpafd.sys [436080 2025-09-15] (Advanced Micro Devices -> Advanced Micro Devices)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_56c8536a80b5c1bd\amdfendrmgr.sys [36720 2025-10-02] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [48328 2025-12-11] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys [114048 2025-09-15] (Advanced Micro Devices -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0197843.inf_amd64_82ec9e2b79afe28f\B025592\amdkmdag.sys [106659856 2026-01-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62856 2025-10-15] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [21088 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [258656 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [450144 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [315488 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [87136 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [29144 2025-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [31840 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [289888 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [634464 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [94816 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71776 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [910944 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1284192 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [241248 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [466016 2026-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2026-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [235584 2026-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2026-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [215104 2026-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [81000 2026-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245864 2026-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2026-05-05] (Malwarebytes Inc -> Malwarebytes)
S3 netrtp; C:\WINDOWS\System32\DRIVERS\netrtp.sys [46576 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 RODEConnect_VirtualAudio; C:\WINDOWS\System32\DriverStore\FileRepository\rodeconnectvad.inf_amd64_98367d8547a17141\rodeconnectvad.sys [82712 2021-03-01] (Freedman Electronics Pty Ltd -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20936 2024-05-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [601376 2024-05-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-05-10] (Microsoft Windows -> Microsoft Corporation)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath
S3 EAAntiCheat; system32\drivers\eaanticheat.sys (No File)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-05-05 23:16 - 2026-05-05 23:17 - 000042714 _____ C:\Users\stepa\Desktop\FRST.txt
2026-05-05 23:14 - 2026-05-05 23:15 - 002447360 _____ (Farbar) C:\Users\stepa\Desktop\FRST64.exe
2026-05-05 23:14 - 2026-05-05 23:14 - 002447360 _____ (Farbar) C:\Users\stepa\Downloads\FRST64.exe
2026-05-05 22:56 - 2026-05-05 22:58 - 000000000 ____D C:\Users\stepa\AppData\LocalLow\IGDump
2026-05-05 22:56 - 2026-05-05 22:56 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2026-05-05 22:52 - 2026-05-05 23:18 - 000000000 ____D C:\Users\stepa\AppData\Local\Malwarebytes
2026-05-05 22:52 - 2026-05-05 22:52 - 000002104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2026-05-05 22:52 - 2026-05-05 22:52 - 000002092 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2026-05-05 22:52 - 2026-05-05 22:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2026-05-05 22:52 - 2026-05-05 22:52 - 000000000 ____D C:\Program Files\Malwarebytes
2026-05-05 22:51 - 2026-05-05 23:04 - 009633072 _____ (Malwarebytes) C:\Users\stepa\Downloads\adwcleaner.exe
2026-05-05 22:50 - 2026-05-05 22:50 - 002851456 _____ (Malwarebytes) C:\Users\stepa\Downloads\MBSetup.exe
2026-05-05 21:56 - 2026-05-05 21:56 - 000713002 _____ C:\WINDOWS\system32\perfh005.dat
2026-05-05 21:56 - 2026-05-05 21:56 - 000153200 _____ C:\WINDOWS\system32\perfc005.dat
2026-05-04 23:39 - 2026-05-04 23:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-05-01 11:51 - 2026-05-05 22:00 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-05-01 11:48 - 2026-05-01 11:48 - 000085913 _____ C:\WINDOWS\SysWOW64\ctac.json
2026-05-01 11:48 - 2026-05-01 11:48 - 000085913 _____ C:\WINDOWS\system32\ctac.json
2026-05-01 11:48 - 2026-05-01 11:48 - 000003872 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2026-04-24 01:59 - 2026-05-01 11:15 - 000000000 ____D C:\WINDOWS\Minidump
2026-04-22 22:19 - 2026-04-22 22:19 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2026-04-18 01:51 - 2026-04-18 01:51 - 000000000 ____D C:\Users\stepa\AppData\Roaming\xpdf
2026-04-15 13:11 - 2026-04-15 13:11 - 005304104 _____ C:\Users\stepa\Downloads\Výzvánění táta.wav
2026-04-15 12:35 - 2026-04-15 12:35 - 000001247 _____ C:\Users\stepa\Downloads\066416.mid
2026-04-15 12:34 - 2026-04-15 12:34 - 000368442 _____ C:\Users\stepa\Downloads\Vseobecnevitani.wma
2026-04-15 02:00 - 2026-04-15 02:00 - 000323752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2026-04-14 23:14 - 2026-04-14 23:14 - 000004575 _____ C:\WINDOWS\system32\ResPriUHMImageList
2026-04-14 23:14 - 2026-04-14 23:14 - 000004575 _____ C:\WINDOWS\system32\ResPriLMImageList
2026-04-14 23:14 - 2026-04-14 23:14 - 000004575 _____ C:\WINDOWS\system32\ResPriImageList
2026-04-14 23:14 - 2026-04-14 23:14 - 000004575 _____ C:\WINDOWS\system32\ResPriHMImageList
2026-04-14 23:13 - 2026-04-14 23:13 - 000036843 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 23:13 - 2026-04-14 23:13 - 000036843 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2026-04-09 23:34 - 2026-04-15 16:15 - 000000000 ____D C:\Users\stepa\Desktop\R3

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-05-05 23:16 - 2022-01-25 22:04 - 000000000 ____D C:\FRST
2026-05-05 23:14 - 2021-10-11 01:11 - 000000000 ____D C:\Users\stepa\AppData\Local\D3DSCache
2026-05-05 23:11 - 2021-08-29 13:22 - 000000000 ___RD C:\Users\stepa\OneDrive
2026-05-05 23:10 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-05-05 23:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-05-05 23:06 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-05-05 23:06 - 2023-02-14 01:38 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-05-05 23:06 - 2023-02-14 01:38 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-05-05 22:54 - 2021-10-11 01:36 - 000000000 ____D C:\Program Files (x86)\Steam
2026-05-05 22:52 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2026-05-05 22:52 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-05-05 22:52 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2026-05-05 22:52 - 2022-02-22 15:34 - 000000000 ____D C:\Users\stepa\AppData\Local\Sentry
2026-05-05 22:52 - 2021-10-11 01:11 - 000000000 ____D C:\Users\stepa\AppData\Local\Packages
2026-05-05 22:52 - 2020-11-19 09:33 - 000000000 ____D C:\ProgramData\Packages
2026-05-05 22:44 - 2026-02-13 19:53 - 000002506 _____ C:\WINDOWS\system32\Tasks\StartAUEP
2026-05-05 22:44 - 2026-02-13 19:53 - 000002372 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2026-05-05 22:44 - 2026-02-13 19:50 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2026-05-05 22:44 - 2026-02-13 19:50 - 000002518 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2026-05-05 22:44 - 2026-02-13 19:49 - 000002194 _____ C:\WINDOWS\system32\Tasks\StartCN
2026-05-05 22:44 - 2026-02-13 19:49 - 000002114 _____ C:\WINDOWS\system32\Tasks\StartDVR
2026-05-05 22:44 - 2025-02-01 21:09 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-05-05 22:44 - 2025-02-01 21:09 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F95A899A-FAB6-4AA6-8240-140235E151DC}
2026-05-05 22:44 - 2025-02-01 21:09 - 000003340 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-05-05 22:44 - 2025-02-01 21:09 - 000003112 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2026-05-05 22:44 - 2025-02-01 21:09 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2026-05-05 22:44 - 2025-02-01 21:09 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2026-05-05 22:44 - 2025-02-01 21:09 - 000002426 _____ C:\WINDOWS\system32\Tasks\Samsung_PSSD_Registration_Plus
2026-05-05 22:44 - 2025-02-01 21:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2026-05-05 22:36 - 2021-10-11 00:08 - 000002394 _____ C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-05-05 21:56 - 2025-02-01 21:10 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-05-05 21:49 - 2025-02-01 21:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-05-05 21:49 - 2025-02-01 21:07 - 000011680 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-05-05 21:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2026-05-05 21:49 - 2021-10-13 09:34 - 000000000 ____D C:\Program Files\TeamViewer
2026-05-05 21:49 - 2021-10-11 01:30 - 000000000 ____D C:\ProgramData\Avast Software
2026-05-05 21:48 - 2025-02-01 21:03 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2026-05-05 21:48 - 2021-10-10 23:55 - 000000000 ____D C:\ProgramData\Goodix
2026-05-05 21:48 - 2020-11-27 02:59 - 000012288 ___SH C:\DumpStack.log.tmp
2026-05-05 21:47 - 2024-04-01 09:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2026-05-05 21:45 - 2025-03-07 00:09 - 000867176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-05-05 21:44 - 2025-06-29 12:37 - 000000000 ____D C:\WINDOWS\system32\ruxim
2026-05-05 21:44 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-05-05 21:44 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-05-05 21:44 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2026-05-05 21:43 - 2025-02-01 19:52 - 000000000 ____D C:\Users\stepa
2026-05-05 21:17 - 2021-10-11 01:34 - 000000000 ____D C:\Users\stepa\AppData\Local\Ubisoft Game Launcher
2026-05-05 21:11 - 2022-01-10 15:00 - 000000000 ____D C:\Users\stepa\Desktop\HRY
2026-05-04 23:35 - 2021-04-15 00:50 - 000000000 ____D C:\Program Files\Microsoft Office
2026-05-03 20:40 - 2025-02-01 21:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-05-02 13:56 - 2021-10-10 23:55 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2026-05-02 13:56 - 2020-11-19 09:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-05-01 11:47 - 2025-02-01 21:08 - 003268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-04-30 23:43 - 2025-03-13 22:53 - 000000000 ____D C:\ProgramData\EA Desktop
2026-04-28 20:03 - 2021-10-10 23:55 - 000000000 ____D C:\Program Files\AMD
2026-04-28 19:43 - 2021-10-11 02:05 - 000000000 ____D C:\Users\stepa\AppData\Local\CrashDumps
2026-04-25 02:06 - 2021-10-12 18:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\vlc
2026-04-25 01:00 - 2023-07-05 23:05 - 000000000 ____D C:\Users\stepa\AppData\Local\AMD_Common
2026-04-24 02:01 - 2025-02-01 19:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2026-04-24 02:01 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-04-24 02:01 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2026-04-24 02:01 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\system32\cs
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2026-04-24 02:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2026-04-24 02:00 - 2025-02-01 19:36 - 000000000 ____D C:\WINDOWS\en-GB
2026-04-24 02:00 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2026-04-24 02:00 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2026-04-24 01:59 - 2026-01-12 23:43 - 000002650 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2026-04-24 01:59 - 2025-11-28 13:33 - 000002466 _____ C:\WINDOWS\system32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-1915851472-2192339704-3292565872-1001
2026-04-24 01:59 - 2025-02-01 21:09 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2026-04-24 01:30 - 2026-02-13 19:50 - 000002766 _____ C:\WINDOWS\system32\Tasks\AMDScoSupportTypeUpdate
2026-04-24 01:30 - 2026-02-13 19:50 - 000002464 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2026-04-20 02:19 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2026-04-20 02:19 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2026-04-18 01:30 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2026-04-15 02:00 - 2021-10-11 01:33 - 001284192 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000910944 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000634464 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000466016 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000450144 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000315488 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000289888 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000258656 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000094816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000087136 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000071776 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000031840 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2026-04-15 02:00 - 2021-10-11 01:33 - 000021088 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2026-04-15 01:33 - 2021-10-13 00:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-04-15 01:30 - 2021-10-13 00:30 - 218249592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-04-14 21:58 - 2021-10-11 01:53 - 000000000 ____D C:\Users\stepa\AppData\Local\Steam
2026-04-09 23:30 - 2026-02-09 01:45 - 000000000 ____D C:\Users\stepa\Desktop\Bára
2026-04-08 18:28 - 2023-07-02 02:04 - 000000000 ____D C:\Users\stepa\Desktop\FILMY
2026-04-08 17:04 - 2022-10-19 00:39 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-04-08 17:04 - 2022-10-19 00:39 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk

==================== Files in the root of some directories ========

2023-12-26 22:42 - 2023-12-26 22:42 - 000001522 _____ () C:\Users\stepa\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2026
Ran by stepa (05-05-2026 23:18:36)
Running from C:\Users\stepa\Desktop
Microsoft Windows 11 Home Version 25H2 26200.8328 (X64) (2025-02-01 19:09:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1915851472-2192339704-3292565872-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-1915851472-2192339704-3292565872-503 - Limited - Disabled)
gabri (S-1-5-21-1915851472-2192339704-3292565872-1002 - Limited - Disabled)
Guest (S-1-5-21-1915851472-2192339704-3292565872-501 - Limited - Disabled)
Mezen (S-1-5-21-1915851472-2192339704-3292565872-1003 - Limited - Disabled)
stepa (S-1-5-21-1915851472-2192339704-3292565872-1001 - Administrators - Enabled) => C:\Users\stepa
WDAGUtilityAccount (S-1-5-21-1915851472-2192339704-3292565872-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {A537353A-1D6A-F6B5-9153-CE1CF80FBE66}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 26.001.21367 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.)
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.121 - Advanced Micro Devices, Inc.) Hidden
AMD MicroPEP Driver (HKLM-x32\...\{C36029EB-19FF-4462-A283-03B41BE9EFA4}) (Version: 1.0.40.1 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.24.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 26.1.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 26.3.18548.23092 - Gen Digital Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 26.3.10886.3573 - Gen Digital Inc.)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1631.4 - AVAST Software) Hidden
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blackmagic RAW Common Components (HKLM\...\{BF73F11D-8A70-438B-A357-38E1F1A62164}) (Version: 2.8 - Blackmagic Design)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
CCleaner 7 (HKLM\...\CCleaner 7) (Version: 7.7.1313.1667 - Piriform)
DaVinci Resolve (HKLM\...\{F3B6228C-4E5C-4ADB-BE3D-0B8684928424}) (Version: 18.1.10007 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{85AC7A9F-9630-42FD-AA1C-58329AB4B7D3}) (Version: 2.0.5.0 - Blackmagic Design)
DeepL (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: 25.7.2 - DeepL SE)
Discord (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Discord) (Version: 1.0.9006 - Discord Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.696.0.6209 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{d1306d31-50fd-4dae-83af-d68f640fd261}) (Version: 13.696.0.6209 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 148.0.7778.96 - Google LLC)
IBM SPSS Statistics 26 (HKLM-x32\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.1.2- - Inkscape)
jamovi 2.2.5.0 (HKLM-x32\...\jamovi 2.2.5.0) (Version: 2.2.5.0 - The jamovi Project)
Kontrola stavu osobního počítače s Windows (HKLM\...\{4F81B8ED-D6B5-497F-AAEC-9DECD42CB03D}) (Version: 3.9.2402.14001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.20 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.03.59 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2601.21.0 - Lenovo Group Ltd.)
Malwarebytes version 5.5.5.253 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.5.5.253 - Malwarebytes)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.19929.20106 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 147.0.3912.98 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 147.0.3912.98 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\OneDriveSetup.exe) (Version: 26.070.0414.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Teams) (Version: 1.6.00.24915 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.26.08901 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19929.20106 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RODE Application Fonts (HKLM\...\{13191F69-0CDE-4C8A-9009-A62643686134}) (Version: 0.9.0.0 - RØDE Microphones)
RODE Connect (HKLM\...\{3664B3D5-E4BF-4340-804F-72150FA8131C}) (Version: 1.3.6 - RØDE Microphones)
RODEConnect Virtual Audio Driver (HKLM\...\{0F1C062D-0326-4300-9D91-382CF431FCD5}) (Version: 1.0.0 - RØDE Microphones)
RStudio (HKLM-x32\...\RStudio) (Version: 2021.09.0+351 - RStudio)
RyzenMasterSDK (HKLM\...\{27A4D549-98FC-4C60-904E-E6C47B47AA8C}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Samsung Portable SSD Software 1.0 (HKLM-x32\...\SamsungPortableSSD_1.0_is1) (Version: 1.7.4.3 - Samsung Electronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.51 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 126.0.10593 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\ZoomUMX) (Version: 5.14.10 (17221) - Zoom Video Communications, Inc.)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-06] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2026-04-08] ()
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2026-02-13] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.30201.210.0_x64__rz1tebttyb220 [2024-07-12] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-19] (Microsoft Corporation)
Glance by Mirametrix® -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_11.43.256.0_x64__17mer8kcn3j54 [2026-03-21] (Mirametrix Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.7.18.0_x64__5grkq8ppsgwt4 [2025-05-17] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2511.10.0_x64__k1h2ywk1493x8 [2025-12-28] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.43.0_x64__w1wdnht996qgy [2025-12-25] (LinkedIn) [Startup Task]
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2026-05-04] ()
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2026-05-05] ()
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.1.0.0_x64__8xx8rvfyw5nnt [2025-03-11] (Meta)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-12-17] (Microsoft Corp.)
Microsoft.AIFabric.CBS.1.6 -> C:\WINDOWS\SystemApps\Microsoft.AIFabric.CBS.1.6_8wekyb3d8bbwe [2026-05-05] (Microsoft Corporation)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2026-05-04] ()
Movie Maker - FREE -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.9.6.0_x64__bzg06mxvgh4fa [2026-03-13] (AI Photo Editor Lab)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2026-05-04] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.17.231.0_x64__dt26b99r8h8gj [2021-10-10] (Realtek Semiconductor Corp)
Smart Microphone Setting -> C:\Program Files\WindowsApps\4505Fortemedia.FMAPOControl_1.0.38.0_x64__4pejv7q2gmsnr [2025-01-19] (Fortemedia)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0 [2026-04-24] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2615.101.0_x64__cv1g1gvanyjgm [2026-04-24] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.806.2252.0_x64__8wekyb3d8bbwe [2026-03-19] (Microsoft Corp.)
Windows Package Manager Source (platform) -> C:\Program Files\WindowsApps\Microsoft.Winget.Platform.Source_2024.105.1947.899_neutral__8wekyb3d8bbwe [2024-03-27] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\stepa\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\stepa\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.26.08901\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-02-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [Avast Cleanup Premium] -> {13004120-FCAF-4232-A255-807EAD6E7D01} => C:\Program Files\Avast Software\Cleanup\tucontextmenu.dll [2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-05-05] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [Avast Cleanup Premium] -> {13004120-FCAF-4232-A255-807EAD6E7D01} => C:\Program Files\Avast Software\Cleanup\tucontextmenu.dll [2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-04-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [Avast Cleanup Premium] -> {13004120-FCAF-4232-A255-807EAD6E7D01} => C:\Program Files\Avast Software\Cleanup\tucontextmenu.dll [2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-05-05] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [MidisrvTransferComplete] => 1
HKLM\...\Drivers32: [midi1] => C:\WINDOWS\system32\wdmaud2.drv [143360 2026-05-01] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [95744 2026-05-01] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\stepa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Štěvanra - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2025-05-14 14:45 - 2025-05-14 14:45 - 000035840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000044032 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000033792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000564736 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000029696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qpdf.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000026624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000024064 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000540672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000890368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 001964544 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qmodernwindowsstyle.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000299520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\Qt5Compat\GraphicalEffects\private\qtgraphicaleffectsprivateplugin.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000556032 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\Qt5Compat\GraphicalEffects\qtgraphicaleffectsplugin.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000020480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtMultimedia\quickmultimediaplugin.dll
2025-05-14 14:45 - 2025-05-14 14:45 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Controls\Basic\qtquickcontrols2basicstyleplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000018944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Controls\Fusion\impl\qtquickcontrols2fusionstyleimplplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Controls\Fusion\qtquickcontrols2fusionstyleplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000028160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Controls\qtquickcontrols2plugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000018944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Controls\Windows\impl\qtquickcontrols2windowsstyleimplplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000468992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Controls\Windows\qtquickcontrols2windowsstyleplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000018944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Dialogs\qtquickdialogsplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000018944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Effects\effectsplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000018944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000767488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\NativeStyle\qtquickcontrols2nativestyleplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Templates\qtquicktemplates2plugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtQuick\Window\quickwindowplugin.dll
2025-05-14 14:46 - 2025-05-14 14:46 - 000022016 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\qml\QtWebEngine\qtwebenginequickplugin.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 006071296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Core.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 008933376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Gui.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000972288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Multimedia.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000250368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6MultimediaQuick.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 001725952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Network.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 001964544 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6OpenGL.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 005337600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Pdf.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000500224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Positioning.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 005204992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Qml.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QmlMeta.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000721920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QmlModels.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000062976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QmlWorkerScript.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 006282752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Quick.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000084992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickControls2.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 001313280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickControls2Basic.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 001131008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickControls2Fusion.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000195584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickControls2FusionStyleImpl.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000276480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickControls2Impl.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000058368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickControls2WindowsStyleImpl.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000142336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickDialogs2.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 001992704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickDialogs2QuickImpl.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickDialogs2Utils.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000389120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickEffects.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000192512 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickLayouts.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 001864192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6QuickTemplates2.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 004028416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6ShaderTools.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000303616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Sql.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000513024 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Svg.dll
2025-06-17 04:46 - 2025-06-17 04:46 - 154372608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6WebEngineCore.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000580096 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6WebEngineQuick.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000228352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6WebChannel.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000050176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6WebChannelQuick.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 006447616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Widgets.dll
2025-05-14 14:44 - 2025-05-14 14:44 - 000141824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt6Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\stepa\Desktop\FRST64.exe:MBAM.Zone.Identifier [450]
AlternateDataStreams: C:\Users\stepa\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [282]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2026-01-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2026-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2025-02-12 01:18 - 2025-02-12 01:18 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 62.129.50.20 - 85.135.32.100
Windows Firewall is enabled.

Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX200 160MHz -> Netwtw10.sys

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stepa\OneDrive\Pictures\background\rainbow_texture679.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\StartupApproved\StartupFolder: => "DeepL.lnk"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{521AB269-55BB-4A39-A956-8F6359D22D28}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{378C7874-89AE-4C5F-8180-8D0398A7A065}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{414845BE-C30B-4E80-AECD-9FE5BF445163}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{F50FDD23-FD1D-4AC2-8D18-20687B26D8A2}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{843023C5-7CE7-42F1-A1DD-DA031E83A77E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16914F6F-9C0C-45F4-AA4E-8CA6E6E3413A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99717A7B-5B50-4519-BC22-A7802A869230}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DAC5FF3-5D23-4BDD-8ABD-DE43F17EE517}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8522670A-572B-45B2-AD6E-E5880CD6490E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6AC4204-A446-4AF9-BC9A-8720DEA41F35}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{9D429E0D-5D8F-4527-92D3-A5AE1EE482BF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{C8C4363F-E59C-4DCC-BB68-58558EFF786B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2A5191A0-2AF2-4AF1-982A-2A0DAB3DC749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{4F672B85-0E36-48D8-B05D-910954EBC9C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{65643EFB-AB0A-4460-807A-AA4C96AA3545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{37EAB394-6071-4794-87A6-4EEB10700F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{F707F5AE-5FCA-4DF4-A5EB-B2C435966C4B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2D96B337-9D2B-4D87-A20F-296E6718A554}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2473B47C-8CE8-4060-8467-C4F26D7E7340}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{34A1B26B-916D-40F6-B0E2-3B34119F00A6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9BD50D10-8F03-48F2-A3FE-DAD613BAD1C2}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AE9D95CE-574E-4916-AF88-A4E837EC9B7C}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{736FF52B-9B7D-41D1-880C-B3A6BCEB870B}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7ABC7093-FB2C-4F24-8CA0-232C2D11B41C}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{4345FE25-71DA-49F3-A8F5-C58426CDBF75}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{403CB423-6789-4828-BB7B-DD65B9CA3CCA}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{6DFD9827-E1EC-4041-9E07-4B575C888527}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{F75880F5-76CD-4C1C-92FD-D210A6AD9635}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{A8F3D334-BD5F-4E5A-BECC-6A382A9BBE0D}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{AB3EAEC8-48C8-47CF-8E5D-0C93B51782B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{697E4AEC-3CF2-4A81-B15D-71F115F35A58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{61D7766B-3011-4D69-88EE-85C2FC300C1F}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{6FBA622D-98D4-4864-97B1-68BB7F453502}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [TCP Query User{93E8F37E-8EE0-4279-883B-E1667BCEECC8}C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{66A2F6E6-3E6A-479F-92DE-50DBBDB86C46}C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{057B133F-9501-4BCE-89F9-AAA9FBE71EE8}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{E3219C35-F6AB-46BF-A70F-2F4E728DAEE7}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{0BCCF83A-8134-4F9C-8546-4BEEB57FD963}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{106B351E-48C7-4DC1-9398-C36349BE1840}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{829A84A3-8DC8-48AC-B9BD-9F8FD3F2912D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{CABD3C58-C3CF-4E80-B953-1BC9D983DB30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B4F24B91-B7C7-458F-9842-A25E26C63F92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{C89EAD2A-91A2-46DC-A9D6-7DE73B6801E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{375E4D18-0D80-4CDD-935B-3B2DF4A3D032}C:\program files (x86)\ibm\spss\statistics\26\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [UDP Query User{03EA7205-FCB7-49D3-AEF0-416D6DC26D9F}C:\program files (x86)\ibm\spss\statistics\26\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [TCP Query User{97AC19CF-CC57-441D-9C67-603A40689162}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Block) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{9E44F153-3525-4906-A25D-9BFA252DC22C}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Block) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{C48622DC-1C33-4E44-AED0-1FE6412D361E}C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{5C7A0D39-1F83-43C8-B8DC-2BE972CA44C3}C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5BE4D6A-0FDC-416E-8D7F-7A243EBD5615}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GovernorofPoker2_SE_Full\GovernorofPoker2_SE.exe (I Sioux B.V.) [File not signed]
FirewallRules: [{ADA9160A-C41C-4CDE-96D8-7DAB0F1A00C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GovernorofPoker2_SE_Full\GovernorofPoker2_SE.exe (I Sioux B.V.) [File not signed]
FirewallRules: [{98A415D8-8E55-4646-B619-83CA33238721}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{75FE09B7-1053-4819-9673-BB4668F8520C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{D2AA82A0-6F85-4936-B60C-34EC425C58B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{115EFB36-E481-4426-87BF-D13713863403}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [TCP Query User{1267330A-E0CC-4737-97F7-A6B083D0E597}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{51675BC8-BE1B-4FBB-81B5-6CF5CC509396}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{52693EDF-FE61-405E-BBE0-17E6E3AF8F44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe => No File
FirewallRules: [{19D6CE0C-353E-431E-9E66-7E2A2F12643F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe => No File
FirewallRules: [{C6D52BD7-5F51-4DCF-8276-A5D7ED42D1B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe (11 BIT STUDIOS S A -> )
FirewallRules: [{3ADA70FA-7E8F-4EAD-BB83-AA3FB105A764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe (11 BIT STUDIOS S A -> )
FirewallRules: [{68830628-26D6-4E47-B772-1F2D70F596AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{CBC985B6-B808-491A-BB9E-DA151816B5D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{4167E051-AE32-4428-B002-3702345FB71F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{BF6FE5C1-ED62-43A5-B8E3-FAC981B7033F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{861C06DF-7B24-4CFE-8176-90C46D7D47F3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{6E9901DC-808E-466B-A821-934CCB1E6D73}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C3B31DC5-00BE-488D-9D50-561579464421}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2C2C141C-6B83-4C73-9A91-C3635D9541E1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{AD90414A-2342-42E8-8CDE-7868CFA288B3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{676C7942-94B0-4FDD-9568-041EFF8A2A90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{59E70BC9-E3F7-4D5B-9954-E82021F266FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{09378974-FC28-4BD8-A369-005F14B13746}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{92AC693D-5120-4F75-8579-8CA23931E241}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [TCP Query User{432A3B19-1293-49AB-B504-22B9C1165F98}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{F3FDE6B2-5059-4C99-9C30-2DA73D19876F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{6857AD92-5A99-4456-95DF-80EA2DEF95C2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E4D478BE-D6E0-4DCF-8D1D-00C824C7C47D}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{B52E99B5-603B-454B-BC40-2B4156830AE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{A34868E0-09D4-4FD7-AE5D-01517F7B154C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{7B515266-56B8-4872-8D2B-47D840B7FBB4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Game.exe => No File
FirewallRules: [{448D15A6-38BB-4CB9-B996-4601ABB070D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Game.exe => No File
FirewallRules: [{38A7B797-3AD0-44B2-A176-6605C8AD54B4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{DBFE72E9-B8EC-4661-A648-58CFB68C8E7B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{D631962B-B281-4B92-9D35-BBF2CE58D78B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx10.exe => No File
FirewallRules: [{7C0E5F35-66DF-43B2-BE36-C24802C9D4AA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx10.exe => No File
FirewallRules: [TCP Query User{DD08FA69-0B4F-4385-864E-BFC3A37ECFC0}C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe => No File
FirewallRules: [UDP Query User{252DB1F6-78E7-4282-A2B7-6CF69BC0F499}C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe => No File
FirewallRules: [{630D5B47-ACBC-497C-A8A5-0B5AE9592C4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd)
FirewallRules: [{097CCDC1-174B-4E08-959C-28DBEDA87CC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd)
FirewallRules: [TCP Query User{3B7BCA7D-18B3-4C1B-A29F-281F8BCCAD34}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd)
FirewallRules: [UDP Query User{E65D65E6-42DB-4926-9B98-93F972E9BFAE}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd)
FirewallRules: [{E24F2973-7E82-421C-A55E-5295369FA35F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe () [File not signed]
FirewallRules: [{20DB5DCF-E07E-4ABE-AA69-3926DD65AF5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe () [File not signed]
FirewallRules: [{56CCB8A0-8DCF-4A54-840E-4F99369FD90D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe (Jordan Freeman Group, LLC. -> )
FirewallRules: [{659E847A-A061-425E-81DE-661B3739CC82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe (Jordan Freeman Group, LLC. -> )
FirewallRules: [TCP Query User{EBFDD751-2DF9-49EE-9483-E474C4308F26}C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe => No File
FirewallRules: [UDP Query User{AB8A8B94-DB3C-4DA0-BA9F-5E9809902E48}C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe => No File
FirewallRules: [{A4988B91-C8CD-4111-ADAE-A71CF741C199}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A0888F16-E140-4A79-8BE5-ECE4B8ABCEB0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8D360A20-E32F-40F3-87D5-2C1C2110FE50}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E0979511-9358-466C-8181-467A6944AB46}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{860433C8-4268-4CE0-9DE1-24488D4147C7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{103D63BB-5C8E-4DA7-8623-8A9B315E074B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3577CE5F-8A40-4BF9-AD78-3F490CD58E8A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{53BED389-1E87-4126-B1A2-2BB4C70E8CF9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{15C20445-6D2B-4ECE-987B-D8EFAF2CDFA5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B5AAB62C-643F-4245-902B-4DC88BD5127E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{448BCCDF-D792-4953-9C41-27DD20A4E2E5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{470DC871-8AD1-48DD-8571-D671E7F3EBB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VLAK\VLAK.exe () [File not signed]
FirewallRules: [{984AB9BA-9329-40F3-B13F-7C6C54F29B11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VLAK\VLAK.exe () [File not signed]
FirewallRules: [{2B173EF5-1B07-4099-A697-219EEF1E3A28}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B8BABC82-BCE4-44FF-B4C8-D9C1AB938893}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AF4736EE-B7D7-4EF6-9F51-9019A0C5E5E0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B3382447-5251-4E4D-86F1-86461238DE59}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{753ECC0F-EE73-4CD5-9D66-F5B9C2BCE2CB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{614B611B-2024-46B9-9E8C-B7146FCA3C58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerfight\Hammerfight.exe () [File not signed]
FirewallRules: [{9DFC6AD8-C90F-4B1E-8090-C6D71B800FB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerfight\Hammerfight.exe () [File not signed]
FirewallRules: [{12B7F7B9-A21C-4E98-A7E5-09C9661560B4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe => No File
FirewallRules: [{F326AB2A-1B4C-4518-A530-38249CEEB0F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{4326EFC8-ADBB-4089-BF50-5F6875B4559F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3B2C7D36-7E1C-4268-9246-B8CE40A62996}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C8196895-C2A4-4A13-934B-E3CF32578362}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FC7C7F89-DAAF-43F5-96F7-405B4D36A985}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B136AE6E-1F85-4CF5-990D-FC7DC7E26DAF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3892E719-E7E8-4E6C-BAC1-12D19377FAEC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{E1832A6D-BDA8-44E3-810C-35D2F0248ECB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4EF6988C-D808-49F1-96EE-A22DA214CBF4}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{4B71751B-6336-4C96-A8AC-F1649252D18D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{4FA6FABA-E0E9-49BE-A98C-000CEF3B296C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F06B182C-69A4-4337-91FF-B1F76D76486D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{320BB5E9-29F5-4EF5-92B4-CF9A589CEB5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C698F5E3-B690-49A8-8A1C-2D13BB586090}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{90C59200-1468-43EF-AE8B-39D10AD3CA4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D5C85E7-6BF5-4437-868A-46C5380C5CB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{43C61E68-1119-45C2-A3CA-AACD13EB6ABD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C63D3DC9-F4D1-4F16-96B4-CDD75877848A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{65005884-5A42-4A75-88E4-A330A8E29879}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9C47BD88-5776-4B7A-8BC0-5379E412CD5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F5423AAA-4398-42A4-902A-985C6A8FBBC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7284F60-16C7-47ED-AFC5-9C178296C273}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{888AD41D-A7DD-4773-A6DA-BC2FC67725D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{111B1453-224D-42C5-A134-981EF8816AE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{67AE563F-2B00-4146-BC13-A4856A420AB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [EdgeWebView2-MDNS-In-UDP] => (Allow) C:\WINDOWS\system32\Microsoft-Edge-WebView\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D0451500-FF34-45F9-A410-AA244D6BFC42}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-05-2026 22:28:37 Windows Update
04-05-2026 23:35:57 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/05/2026 11:16:30 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 19804. ID zprávy: [0x2509].

Error: (05/05/2026 11:16:28 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 2420. ID zprávy: [0x2509].

Error: (05/05/2026 11:11:54 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 21128. ID zprávy: [0x2509].

Error: (05/05/2026 11:11:52 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 18724. ID zprávy: [0x2509].

Error: (05/05/2026 11:06:02 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 15320. ID zprávy: [0x2509].

Error: (05/05/2026 11:06:00 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 4196. ID zprávy: [0x2509].

Error: (05/05/2026 11:01:02 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 16828. ID zprávy: [0x2509].

Error: (05/05/2026 10:41:14 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 3380. ID zprávy: [0x2509].


System errors:
=============
Error: (05/05/2026 11:05:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/05/2026 11:05:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/05/2026 11:05:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Cleanup service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (05/05/2026 11:05:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Universal Device Client Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (05/05/2026 11:05:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba EABackgroundService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/05/2026 11:05:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/05/2026 11:05:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/05/2026 11:05:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Audio Universal Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===============
Date: 2026-05-05 23:19:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO G5CN70WW(V2.16) 03/26/2024
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 5700U with Radeon Graphics
Percentage of memory in use: 54%
Total physical RAM: 15706.06 MB
Available physical RAM: 7218.42 MB
Total Virtual: 25434.06 MB
Available Virtual: 14913.08 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:27.71 GB) (Model: WDC PC SN530 SDBPMPZ-512G-1101) (Protected) NTFS

\\?\Volume{9e6b0568-7b8a-49ac-9a30-4b40ae471739}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.19 GB) NTFS
\\?\Volume{ca95f999-bea6-46fc-8c11-b2f477cb7ad0}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D29A838C)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Uninstall 26.063.0405.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\26.063.0405.0002" [0 2026-05-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Uninstall 26.070.0414.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\26.070.0414.0001" [0 2026-05-05] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {FDD3F547-4554-43A2-B3C7-EA439AFE3443} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
Task: {4F3F0437-0002-448A-AD29-D3B508E6DC36} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1915851472-2192339704-3292565872-1001 => MessengerHelper.exe --lassie (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {876CFDB8-96A5-41EA-9F2A-9391F83F7587} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {1FA7E9E9-A0C0-4F36-A8CA-24673A05DE4B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {47DF7232-0796-48F6-A5B1-682312353352} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath
S3 EAAntiCheat; system32\drivers\eaanticheat.sys (No File)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\stepa\Desktop\FRST64.exe:MBAM.Zone.Identifier [450]
AlternateDataStreams: C:\Users\stepa\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [282]
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
FirewallRules: [{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{4F672B85-0E36-48D8-B05D-910954EBC9C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{7B515266-56B8-4872-8D2B-47D840B7FBB4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Game.exe => No File
FirewallRules: [{448D15A6-38BB-4CB9-B996-4601ABB070D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Game.exe => No File
FirewallRules: [{38A7B797-3AD0-44B2-A176-6605C8AD54B4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{DBFE72E9-B8EC-4661-A648-58CFB68C8E7B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{D631962B-B281-4B92-9D35-BBF2CE58D78B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx10.exe => No File
FirewallRules: [{7C0E5F35-66DF-43B2-BE36-C24802C9D4AA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx10.exe => No File
FirewallRules: [TCP Query User{DD08FA69-0B4F-4385-864E-BFC3A37ECFC0}C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe => No File
FirewallRules: [UDP Query User{252DB1F6-78E7-4282-A2B7-6CF69BC0F499}C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe => No File
FirewallRules: [TCP Query User{EBFDD751-2DF9-49EE-9483-E474C4308F26}C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe => No File
FirewallRules: [UDP Query User{AB8A8B94-DB3C-4DA0-BA9F-5E9809902E48}C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe => No File
FirewallRules: [{12B7F7B9-A21C-4E98-A7E5-09C9661560B4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Díky, zde fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-04-2026
Ran by stepa (06-05-2026 13:32:14) Run:3
Running from C:\Users\stepa\Desktop
Loaded Profiles: stepa
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Uninstall 26.063.0405.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\26.063.0405.0002" [0 2026-05-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Uninstall 26.070.0414.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\26.070.0414.0001" [0 2026-05-05] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {FDD3F547-4554-43A2-B3C7-EA439AFE3443} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
Task: {4F3F0437-0002-448A-AD29-D3B508E6DC36} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1915851472-2192339704-3292565872-1001 => MessengerHelper.exe --lassie (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {876CFDB8-96A5-41EA-9F2A-9391F83F7587} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {1FA7E9E9-A0C0-4F36-A8CA-24673A05DE4B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {47DF7232-0796-48F6-A5B1-682312353352} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath
S3 EAAntiCheat; system32\drivers\eaanticheat.sys (No File)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\stepa\Desktop\FRST64.exe:MBAM.Zone.Identifier [450]
AlternateDataStreams: C:\Users\stepa\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [282]
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
FirewallRules: [{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{4F672B85-0E36-48D8-B05D-910954EBC9C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{7B515266-56B8-4872-8D2B-47D840B7FBB4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Game.exe => No File
FirewallRules: [{448D15A6-38BB-4CB9-B996-4601ABB070D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Game.exe => No File
FirewallRules: [{38A7B797-3AD0-44B2-A176-6605C8AD54B4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{DBFE72E9-B8EC-4661-A648-58CFB68C8E7B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{D631962B-B281-4B92-9D35-BBF2CE58D78B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx10.exe => No File
FirewallRules: [{7C0E5F35-66DF-43B2-BE36-C24802C9D4AA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed 1\AssassinsCreed_Dx10.exe => No File
FirewallRules: [TCP Query User{DD08FA69-0B4F-4385-864E-BFC3A37ECFC0}C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe => No File
FirewallRules: [UDP Query User{252DB1F6-78E7-4282-A2B7-6CF69BC0F499}C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe => No File
FirewallRules: [TCP Query User{EBFDD751-2DF9-49EE-9483-E474C4308F26}C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe => No File
FirewallRules: [UDP Query User{AB8A8B94-DB3C-4DA0-BA9F-5E9809902E48}C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe => No File
FirewallRules: [{12B7F7B9-A21C-4E98-A7E5-09C9661560B4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AMDNoiseSuppression" => removed successfully
"HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => removed successfully
"HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 26.063.0405.0002" => removed successfully
"HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 26.070.0414.0001" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FDD3F547-4554-43A2-B3C7-EA439AFE3443}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD3F547-4554-43A2-B3C7-EA439AFE3443}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\StartupFixPlan => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\StartupFixPlan" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F3F0437-0002-448A-AD29-D3B508E6DC36}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F3F0437-0002-448A-AD29-D3B508E6DC36}" => removed successfully
C:\WINDOWS\System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1915851472-2192339704-3292565872-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Meta\Messenger-WSP-Helper-S-1-5-21-1915851472-2192339704-3292565872-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{876CFDB8-96A5-41EA-9F2A-9391F83F7587}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{876CFDB8-96A5-41EA-9F2A-9391F83F7587}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FA7E9E9-A0C0-4F36-A8CA-24673A05DE4B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FA7E9E9-A0C0-4F36-A8CA-24673A05DE4B}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47DF7232-0796-48F6-A5B1-682312353352}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47DF7232-0796-48F6-A5B1-682312353352}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\System\CurrentControlSet\Services\aswBcc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\Avast Business Console Client Antivirus Service => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\EAAntiCheat => removed successfully
EAAntiCheat => service removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\Users\stepa\Desktop\FRST64.exe" => ":MBAM.Zone.Identifier" ADS not found.
"C:\Users\stepa\Downloads\adwcleaner.exe" => ":MBAM.Zone.Identifier" ADS not found.
"HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{284E3018-91B6-4213-989F-8AF180E07044} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F672B85-0E36-48D8-B05D-910954EBC9C4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B515266-56B8-4872-8D2B-47D840B7FBB4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{448D15A6-38BB-4CB9-B996-4601ABB070D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38A7B797-3AD0-44B2-A176-6605C8AD54B4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBFE72E9-B8EC-4661-A648-58CFB68C8E7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D631962B-B281-4B92-9D35-BBF2CE58D78B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C0E5F35-66DF-43B2-BE36-C24802C9D4AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DD08FA69-0B4F-4385-864E-BFC3A37ECFC0}C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{252DB1F6-78E7-4282-A2B7-6CF69BC0F499}C:\program files (x86)\steam\steamapps\common\it takes two\nuts\binaries\win64\ittakestwo_trial.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EBFDD751-2DF9-49EE-9483-E474C4308F26}C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB8A8B94-DB3C-4DA0-BA9F-5E9809902E48}C:\program files (x86)\steam\steamapps\common\battlefield 1\bf1.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{12B7F7B9-A21C-4E98-A7E5-09C9661560B4}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 76947034 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 516743972 B
Windows/system/drivers => 519899422 B
Edge => 59946197 B
Chrome => 1282876552 B
Firefox => 0 B
Opera => 0 B

Local\Temp, Local\*.tmp, LocalLow\Temp, Roaming\Temp, Roaming\*.tmp , IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1258 B
systemprofile32 => 0 B
LocalService => 335716 B
NetworkService => 0 B
stepa => 458263879 B

RecycleBin => 369536447 B
EmptyTemp: => 3.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-05-2026 13:40:06)

C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
C:\DumpStack.log.tmp => Could not move

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswBcc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\Avast Business Console Client Antivirus Service => could not remove, key could be protected

==== End of Fixlog 13:40:06 ====