Zpomalený ntb

Zpráva

bek69 · #1 Příspěvek od **bek69** » 30 led 2025 18:49

Dobrý den.Poslední dobou se mi zdá ntb hodně zpomalený.Prosím o kontrolu logu .Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Ran by bek69 (administrator) on HP (HP HP Laptop 17-cn0xxx) (30-01-2025 18:40:28)
Running from C:\Users\bek69\OneDrive\Plocha\FRST64.exe
Loaded Profiles: bek69 & WsiAccount & miska
Platform: Microsoft Windows 11 Home Version 24H2 26100.3037 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\Intel Graphics Software\PresentMonService.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wps.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\promecefpluginhost.exe <2>
(C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\CurseForge.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\resources\app.asar.unpacked\plugins\curse\win\Curse.Agent.Host.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxEMN.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <4>
(explorer.exe ->) (Overwolf Ltd -> Overwolf) C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\CurseForge.exe <7>
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELAN_MOC_Service.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_1bfd060e625de086\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0db786bd9a6ade98\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_c39f1618966ba504\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_6\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (477B7FBA-7EF8-4233-86D2-322330786803 -> ) C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.39.0_x64__ffd303wmbhcjt\ArchiveObserver\ArchiveObserver.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24121.37.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2503.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wps.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wpscenter.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe [1987544 2024-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427816 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [7126312 2024-12-17] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-06-28] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [6676264 2025-01-19] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Intel® Graphics Software] => C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe [421072 2024-12-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [384808 2024-12-23] (Expressco Services LLC -> ExpressVPN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172920 2024-12-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45368112 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\bek69\AppData\Local\WhatsApp\Update.exe [2412768 2023-04-25] (WhatsApp LLC -> )
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [ut] => C:\Users\bek69\AppData\Roaming\uTorrent\uTorrent.exe [2720264 2023-03-11] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3380840 2024-07-23] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Discord] => C:\Users\bek69\AppData\Local\Discord\Update.exe [1526552 2024-06-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [71185152 2024-07-18] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\bek69\AppData\Local\Programs\Canva\Canva.exe [176670352 2024-09-30] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Run: [electron.app.CurseForge] => C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\CurseForge.exe [182252984 2025-01-27] (Overwolf Ltd -> Overwolf)
HKU\S-1-5-21-4181327758-2871050509-626065469-1007\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [MicrosoftEdgeAutoLaunch_FFF8B8C68180963EF2A835E221829B73] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [Discord] => C:\Users\miska\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\miska\AppData\Local\Programs\Canva\Canva.exe [186748040 2024-11-25] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [AvastBrowserAutoLaunch_A28BB13CE862A0B70F5243088C772B2E] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\miska\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [83427384 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\miska\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\RunOnce: [Uninstall 23.081.0416.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miska\AppData\Local\Microsoft\OneDrive\23.081.0416.0001" [36864 2024-12-07] () [File not signed]
HKLM\...\Windows x64\Print Processors\HPM11M13PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM11M13PP.DLL [74240 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\WINDOWS\system32\mvtcpmon.dll [541184 2009-06-25] (Marvell Semiconductor, Inc.) [File not signed]
HKLM\...\Print\Monitors\HPM11M13LM: C:\WINDOWS\system32\HPM11M13LM.DLL [288768 2016-02-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\131.0.27894.265\Installer\chrmstp.exe [2025-01-21] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\132.0.6834.160\Installer\chrmstp.exe [2025-01-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2C2DE322-309F-4C27-89E8-6FE81FF0CB10} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {1FB27D03-D96F-4D16-8AE3-BE4AF6CD5810} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8400680 2024-12-16] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {7F18DF67-D80D-4D88-A4B5-8439E7AADCEF} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [5979944 2025-01-19] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup" --configpath "C:\ProgramData\Avast Software\Cleanup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cle (the data entry has 53 more characters).
Task: {23988C63-8F42-46FC-A2F1-993946960053} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [8289064 2024-12-04] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {3E4C634A-0FDA-42BE-8CBE-E38564B5528D} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [5979944 2024-12-17] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater" --configpath "C:\ProgramData\Avast Software\Driver Updater" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramD (the data entry has 82 more characters).
Task: {7CF70557-CD79-46D8-9280-AE3759E961E1} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [8289064 2024-12-04] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {68334795-9A94-47E6-BE06-BF831BB93877} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5214504 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {832C47FC-80AA-4597-99AC-D6E7CB307C8D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {AA77236C-DA5E-4BAE-B9C5-DB3C4E07CA96} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [3327896 2025-01-08] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {60B44233-373E-418C-B83E-CE230A2159FF} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [3327896 2025-01-08] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {E8408181-F01C-4A6C-8E57-53ED2B077645} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4ACE6A6C-90D2-43E8-9911-EC4E07D32DAD} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-4181327758-2871050509-626065469-1001 => C:\Program Files\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1717416 2024-04-16] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {AFAADB24-7349-4AF0-8A61-4AE014E8ADB3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "0a381adc-b780-4592-894e-5008c842dbaa" --version "6.32.0.11432" --silent
Task: {F68DB64A-5DCE-4B49-B862-423BAD97484D} - System32\Tasks\CCleanerSkipUAC - bek69 => C:\Program Files\CCleaner\CCleaner.exe [39138608 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {385239AF-33CA-4F24-BB36-AE30E7179265} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {F4CE6DC4-E11E-4BA0-96C0-B8FDA7DBC5A8} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {34B956DC-AF86-496C-BCB9-3686BF328AC0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{E3F3B160-9DE2-4905-8528-FB14141E2ECF} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2025-01-27] (Google LLC -> Google LLC)
Task: {9DC6929C-8547-47E6-A67B-D2254297EA77} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{51EB39E6-1BFE-4BE2-9040-989D5389BC32} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {76B08F06-59A9-4F52-AB0C-616667C60B9C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6947.0{39641609-29F9-4309-B5DD-00C005D9FB84} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6947.0\updater.exe [5642336 2025-01-09] (Google LLC -> Google LLC)
Task: {333B6D11-606F-4737-9BBF-5582B1435AB5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {F912395D-FF4C-41CA-AD3B-06C9A906991B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {633A46AD-79E7-4055-9585-4BDF50C466BA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {9F33BA2D-319D-44FE-9E28-1179D678B8A2} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {8DE3433B-E7FE-49A3-866E-5597CC9D9689} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {2886CAAD-A64D-4B3D-B778-B742E09AA158} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {3B6B1AA7-2651-409F-8BE8-C8C1EABCA26F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {32168CBE-E83E-4FD1-AB84-56706F8B3105} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {DB7F4492-7BA3-4F53-B7F5-168CEF012B4F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\WINDOWS\system32\cmd.exe [339968 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {ADF68D9A-8D55-4DFF-A93B-9EF57AD0D753} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest => c:\Windows\System32\schtasks.exe [253952 2024-10-13] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
Task: {9477F558-8DEE-4302-9192-93B04AE8AFEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {486E13F7-BAFA-41D3-BC8C-F2BD7383213F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2024-12-17] (HP Inc. -> HP Inc.)
Task: {3C8C00EA-BB69-4397-9BD4-ABED45540B01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231944 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {D0114D00-F94B-439E-B9C3-F3FA7AB45C9D} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [102400 2024-10-13] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {352B3328-0BD2-43B0-B309-82F8BE7AF4D8} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-18] (HP Inc. -> HP Inc.)
Task: {929217E4-1B61-450A-8346-EE8F5BD6DE5C} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-18] (HP Inc. -> HP Inc.)
Task: {056E93B9-C5B0-4F40-854A-38A55506F421} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {4082FB95-AECB-47EB-BC36-F3D06B5C2907} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4983528 2024-08-02] (Intel Corporation -> Intel Corporation)
Task: {4503CB9E-B521-41A7-B06B-BAFC5D341031} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4983528 2024-08-02] (Intel Corporation -> Intel Corporation)
Task: {0B5265D7-0009-4C8B-9F28-2CE0B81B4F4B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F73EA8BE-23B5-4A51-929A-D85D657666CF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4565048 2024-01-23] (McAfee, LLC -> McAfee, LLC)
Task: {7ED45254-D1B0-44E6-9C3A-5AA115AB382C} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.117\DADUpdater.exe [4098112 2024-05-22] (McAfee, LLC -> McAfee, LLC)
Task: {B9D64E5C-AE68-4FD5-815E-544F363262D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {75D164DD-79A1-42A6-B973-610B809CD473} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {E58C4170-F509-41BB-9AA3-42BD0DD873C1} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC)
Task: {A2B06606-FA6E-40DB-9A6C-798AF470E81E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9E742B8-954C-43F2-A66A-4B5010C618B5} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [67304 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3533800-E115-4147-91D0-FB661F6A0A15} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E6FEAF3-A21A-40FC-94EE-3C8FEF453B75} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311416 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E1D2CE6-398A-42CD-B02A-31774D6F8520} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311416 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9335620-4479-47D0-A745-A52323E77D0F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [192144 2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {9B09E479-5908-4FA0-A75D-2F3B967BD23F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {366F5195-F81B-4E00-AEE8-500793EC9ABB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {8A74A216-A52E-40B5-855B-45B55F8FAD53} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {89B480A4-78B9-459D-8377-50B6531D3561} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator => C:\WINDOWS\system32\UIEOrchestrator.exe [336816 2025-01-30] (Microsoft Windows -> )
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A9550A20-1338-4CBD-80EE-A660E177D940} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {73AB78DC-6B60-4EDB-BC6E-3896504F3394} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4181327758-2871050509-626065469-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {6CD3DF73-1831-4F31-8217-BF1869E21D92} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {A2796A1D-176B-4254-8AE9-F2F63166D3E6} - System32\Tasks\Outbyte\PC Repair\CrashCheck => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /Crash <==== ATTENTION
Task: {9FDC11C1-536D-46A4-A4EA-5801B9F59D25} - System32\Tasks\Outbyte\PC Repair\DailyTip => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DailyTip <==== ATTENTION
Task: {1942090B-B656-41CF-B51B-0E616C22AA0F} - System32\Tasks\Outbyte\PC Repair\DiskCleaner1 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner1 <==== ATTENTION
Task: {F3CF16B5-67B9-49EB-A9FF-AC4EB9B72BCD} - System32\Tasks\Outbyte\PC Repair\DiskCleaner2 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner2 <==== ATTENTION
Task: {7651CBF4-BD33-4E8E-8C64-105C5AB5DA45} - System32\Tasks\Outbyte\PC Repair\HomePage => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /HomePage <==== ATTENTION
Task: {7597F9C2-4CF0-402F-A99B-C9ECC7A247F2} - System32\Tasks\Outbyte\PC Repair\MSExploit => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /MSExploit <==== ATTENTION
Task: {1B8EC3DD-9D13-470F-B8CA-F545C7E65E72} - System32\Tasks\Outbyte\PC Repair\NewDeceptors => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /NewDeceptors <==== ATTENTION
Task: {28202424-67AF-4762-AFE4-33E9A08EF03E} - System32\Tasks\Outbyte\PC Repair\ScanResults => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /AllResults <==== ATTENTION
Task: {F97FA40E-F08F-4D83-A840-9BC278D7E2A6} - System32\Tasks\Outbyte\PC Repair\SecurityBreach => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /SecurityBreach <==== ATTENTION
Task: {8374EDB5-D0BA-443E-A5EB-F17A74C325D3} - System32\Tasks\Outbyte\PC Repair\WeakPassword => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /WeakPassword <==== ATTENTION
Task: {DA16354C-8F17-4469-A4E4-EF823F0E9004} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2025-01-30] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {E376A3AC-AA96-426D-AC9B-FED7D778D712} - System32\Tasks\WpsExternal_bek69_20250115154722 => C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wpscloudsvr.exe [936832 2025-01-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {676B86A5-BC99-4458-B2D3-28B480B58D31} - System32\Tasks\WpsUpdateTask_bek69 => C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\wpsupdate.exe [1681792 2025-01-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.90.1
Tcpip\..\Interfaces\{be84a2cd-26d4-4844-82c6-0c3255580064}: [DhcpNameServer] 192.168.90.1
Tcpip\..\Interfaces\{be84a2cd-26d4-4844-82c6-0c3255580064}\34A5E4564764275656B42716D6E6972374: [DhcpNameServer] 192.168.90.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-19]
Edge Extension: (Google Docs Offline) - C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-23]
Edge Extension: (Edge relevant text changes) - C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-01]
Edge Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\bek69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjdgandcagmikhlbjnilkmfnjeamfikk [2024-12-30]
Edge HKU\S-1-5-21-4181327758-2871050509-626065469-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [mjdgandcagmikhlbjnilkmfnjeamfikk]

FireFox:
========
FF DefaultProfile: 6fm9s7cy.default
FF ProfilePath: C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\6fm9s7cy.default [2021-10-21]
FF ProfilePath: C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release [2025-01-30]
FF DownloadDir: C:\Users\bek69\OneDrive\Plocha
FF Homepage: Mozilla\Firefox\Profiles\01magi4y.default-release -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\01magi4y.default-release -> is enabled.
FF Extension: (Ferrari Logo) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{41e1753e-d439-4a0b-bc7a-c8d1d7297715}.xpi [2021-10-21]
FF Extension: (Ferrari Carbon Fiber) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{571cebb9-5e8c-4055-b6df-11630de4322b}.xpi [2021-10-21]
FF Extension: (Ferrari Red Logo) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{8893ca9c-749f-4fe2-b7b6-bd8111583bf4}.xpi [2021-10-21]
FF Extension: (Scuderia Ferrari F1) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{bf3d0394-da43-40fb-9542-0f40922058d5}.xpi [2021-10-21]
FF Extension: (No Name) - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\01magi4y.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-18]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @java.com/DTPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\dtplugin\npDeployJava1.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\plugin2\npjp2.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-01-20] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1651.5\npCCleanerBrowserUpdate3.dll [2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1651.5\npCCleanerBrowserUpdate3.dll [2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3 [2025-01-30]
CHR Extension: (Torrent Scanner) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-15]
CHR Extension: (FlipClock) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\copjokjinhlflggeifkidlmodfepbpgl [2023-09-23]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2024-12-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-20]
CHR Extension: (WPS PDF - Read, Edit, Fill, Convert, and AI Chat PDF with Ease) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kdpelmjpfafjppnhbloffcjpeomlnpah [2025-01-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-23]
CHR Extension: (Hesla na iCloudu) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2024-11-08]
CHR Profile: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4 [2025-01-19]
CHR Extension: (Torrent Scanner) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-18]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-01-18]
CHR Extension: (Google Docs Offline) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-18]
CHR Profile: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\System Profile [2025-01-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-4181327758-2871050509-626065469-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4181327758-2871050509-626065469-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kdpelmjpfafjppnhbloffcjpeomlnpah]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera:
=======
OPR Profile: C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable [2025-01-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-06-07]
OPR Extension: (Opera Wallet) - C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-06-07]
OPR Extension: (Opera AI Prompts) - C:\Users\bek69\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-06-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7381288 2024-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [778536 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2372904 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1229608 2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-21] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15747368 2024-04-19] (BattlEye Innovations e.K. -> )
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\131.0.27894.265\elevation_service.exe [1910112 2025-01-08] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2024-03-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-01-14] (Gen Digital Inc. -> Gen Digital Inc.)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18960168 2025-01-19] (Avast Software s.r.o. -> Gen Digital Inc.)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13572312 2025-01-03] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [17099048 2024-12-17] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [47000 2024-11-25] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [330136 2024-11-25] (Intel Corporation -> Intel)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [16452200 2024-07-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [965872 2024-11-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 ELAN_MOC_Service; C:\WINDOWS\System32\ELAN_MOC_Service.exe [257128 2024-08-13] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
S3 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [475680 2023-04-14] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe [887904 2024-12-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe [886392 2024-12-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe [882296 2024-12-10] (HP Inc. -> HP Inc.)
S3 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-15] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [128272 2016-03-30] (Hewlett-Packard Company -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe [887392 2024-12-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_c39f1618966ba504\AS\IAS\IntelAudioService.exe [532960 2024-12-11] (Intel Corporation -> Intel)
R2 IntelGraphicsSoftwareService; C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [289280 2024-12-20] (Intel Corporation) [File not signed]
S3 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2025-01-29] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-09-11] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-24] (McAfee, LLC -> McAfee, LLC)
R3 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe [2726312 2020-08-13] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1745400 2020-08-14] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4356880 2020-10-20] (McAfee, LLC -> McAfee, LLC)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9705560 2024-06-28] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3174840 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [133592 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1056000 2021-10-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235088 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [383056 2025-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296016 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84560 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2024-11-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275024 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [550992 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [98360 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69712 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [955960 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1424952 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204344 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381488 2024-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2024-12-23] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [41976 2024-09-13] (Expressco Services LLC -> ExpressVPN)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-25] (McAfee, LLC -> McAfee, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-07-19] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1560280 2023-12-13] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88776 2022-06-22] (Intel Corporation -> Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [40415320 2024-06-27] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [55856 2024-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [594304 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [105856 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-10-13] (Microsoft Windows -> Microsoft Corporation)
U3 aswArDisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-30 18:40 - 2025-01-30 18:41 - 000062214 _____ C:\Users\bek69\OneDrive\Plocha\FRST.txt
2025-01-30 18:39 - 2025-01-30 18:41 - 000000000 ____D C:\FRST
2025-01-30 18:37 - 2025-01-30 18:37 - 002403328 _____ (Farbar) C:\Users\bek69\OneDrive\Plocha\FRST64.exe
2025-01-30 17:58 - 2025-01-30 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2025-01-30 11:20 - 2025-01-30 11:20 - 000777646 _____ C:\WINDOWS\system32\perfh005.dat
2025-01-30 11:20 - 2025-01-30 11:20 - 000186616 _____ C:\WINDOWS\system32\perfc005.dat
2025-01-30 11:16 - 2025-01-30 11:16 - 000586728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-30 10:08 - 2025-01-30 16:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-01-29 11:53 - 2025-01-29 12:55 - 000000000 ___RD C:\Users\bek69\OneDrive\Plocha\Nová složka
2025-01-26 19:07 - 2025-01-26 19:07 - 000000000 ____D C:\ProgramData\Origin
2025-01-25 16:20 - 2025-01-25 16:20 - 000000000 ____D C:\Users\bek69\AppData\LocalLow\DDTNL
2025-01-25 10:34 - 2025-01-25 10:34 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Sun
2025-01-25 10:33 - 2025-01-25 10:34 - 000000000 ____D C:\Program Files\Java
2025-01-25 10:33 - 2025-01-25 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2025-01-25 10:33 - 2024-12-04 08:34 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2025-01-22 02:03 - 2025-01-25 10:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-21 15:03 - 2025-01-21 15:03 - 000000000 ____D C:\Users\bek69\AppData\Local\Sentry
2025-01-21 14:42 - 2025-01-21 14:42 - 000001750 _____ C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3k sims dump (Paradise Sims).lnk
2025-01-21 08:26 - 2025-01-13 12:30 - 000753976 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2025-01-21 08:26 - 2025-01-13 12:30 - 000640296 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 002098000 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 002098000 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 002021720 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 001656144 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 001656144 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-01-21 08:26 - 2025-01-13 12:22 - 001445720 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 001288000 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 000783160 _____ C:\WINDOWS\system32\ze_loader.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 000543544 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2025-01-21 08:26 - 2025-01-13 12:22 - 000409920 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2025-01-21 08:25 - 2025-01-13 12:28 - 000945552 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2025-01-21 08:25 - 2025-01-13 12:20 - 000322104 _____ C:\WINDOWS\system32\ControlLib.dll
2025-01-21 08:25 - 2025-01-13 12:20 - 000269416 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2025-01-20 16:15 - 2025-01-20 16:15 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-01-19 16:00 - 2025-01-19 16:00 - 000002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk
2025-01-19 13:00 - 2025-01-19 13:02 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2025-01-19 11:20 - 2025-01-19 12:28 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2025-01-19 11:02 - 2025-01-19 11:02 - 000000000 ____D C:\Users\Default\AppData\Local\HP
2025-01-15 15:47 - 2025-01-30 12:06 - 000003054 _____ C:\WINDOWS\system32\Tasks\WpsExternal_bek69_20250115154722
2025-01-15 15:47 - 2025-01-30 12:06 - 000002626 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_bek69
2025-01-15 15:47 - 2025-01-15 15:47 - 000002449 _____ C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office.lnk
2025-01-15 12:43 - 2025-01-15 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2025-01-13 13:05 - 2025-01-13 13:05 - 000201513 _____ C:\Users\bek69\OneDrive\Plocha\09024 Tomáš Kramný T6.pdf
2025-01-05 11:57 - 2025-01-05 11:57 - 068131968 _____ C:\Users\bek69\OneDrive\Plocha\m2033-upd2cz.rar
2025-01-02 17:50 - 2025-01-02 17:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-01-02 17:50 - 2025-01-02 17:50 - 000000000 ____D C:\Program Files\Bloxshade
2025-01-02 17:48 - 2025-01-02 17:48 - 000000000 ____D C:\Users\bek69\AppData\Local\com.bloxshade.tauri

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-30 18:42 - 2024-06-24 16:10 - 000000000 ____D C:\Users\bek69\AppData\Local\Discord
2025-01-30 18:42 - 2023-07-14 10:45 - 000000000 ____D C:\Users\bek69\AppData\Roaming\discord
2025-01-30 18:41 - 2024-06-24 16:10 - 000002256 _____ C:\Users\bek69\OneDrive\Plocha\Discord.lnk
2025-01-30 18:30 - 2024-12-08 01:00 - 000000000 ____D C:\Users\bek69\AppData\Roaming\CurseForge
2025-01-30 18:28 - 2024-10-13 08:10 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-01-30 18:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-30 18:19 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-30 18:15 - 2024-10-13 08:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-30 16:16 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-30 12:06 - 2024-12-07 18:15 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4181327758-2871050509-626065469-1008
2025-01-30 12:06 - 2024-12-07 18:15 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4181327758-2871050509-626065469-1008
2025-01-30 12:06 - 2024-10-13 08:10 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-01-30 12:06 - 2024-10-13 08:10 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2025-01-30 12:06 - 2024-10-13 08:10 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-01-30 12:06 - 2024-10-13 08:10 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2025-01-30 12:06 - 2024-10-13 08:10 - 000003092 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2025-01-30 12:06 - 2024-10-13 08:10 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2025-01-30 12:06 - 2024-10-13 08:10 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-01-30 12:06 - 2024-10-13 08:10 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2025-01-30 12:06 - 2024-10-13 08:10 - 000002820 _____ C:\WINDOWS\system32\Tasks\CCleanerBrowserProtectS-1-5-21-4181327758-2871050509-626065469-1001
2025-01-30 12:06 - 2024-10-13 08:10 - 000002788 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-01-30 12:06 - 2024-10-13 08:10 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2025-01-30 12:06 - 2024-10-13 08:10 - 000002610 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2025-01-30 12:06 - 2024-10-13 08:10 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2025-01-30 12:06 - 2024-10-13 08:10 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - bek69
2025-01-30 12:06 - 2024-10-13 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-01-30 12:06 - 2022-10-01 07:25 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-01-30 11:48 - 2023-03-11 12:10 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-30 11:47 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-01-30 11:20 - 2024-10-13 08:06 - 001884928 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-30 11:19 - 2022-02-12 09:16 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-30 11:18 - 2021-10-21 12:30 - 000000000 ____D C:\Users\bek69\AppData\Local\WhatsApp
2025-01-30 11:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-30 11:17 - 2021-10-21 09:54 - 000000000 __SHD C:\Users\bek69\IntelGraphicsProfiles
2025-01-30 11:16 - 2024-10-13 08:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-30 11:16 - 2024-10-13 08:05 - 000006278 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-01-30 11:16 - 2021-10-21 10:51 - 000000000 ____D C:\ProgramData\Avast Software
2025-01-30 11:16 - 2021-06-20 12:58 - 000000000 ____D C:\Intel
2025-01-30 11:16 - 2020-05-06 09:58 - 000012288 ___SH C:\DumpStack.log.tmp
2025-01-30 11:15 - 2024-10-13 08:00 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-01-30 11:15 - 2024-04-01 08:21 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2025-01-30 11:15 - 2021-10-21 16:08 - 000000000 ____D C:\Program Files\CCleaner
2025-01-30 11:14 - 2024-10-13 08:55 - 000000000 ____D C:\WINDOWS\InboxApps
2025-01-30 11:14 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-01-30 11:14 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-01-30 11:14 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-30 11:14 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-01-30 11:14 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-01-30 10:19 - 2021-11-08 17:17 - 000000000 ____D C:\Program Files (x86)\Steam
2025-01-30 10:19 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Teams
2025-01-30 10:19 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\hpqLog
2025-01-30 10:19 - 2021-10-21 15:54 - 000000000 ____D C:\Users\bek69\AppData\Local\CrashDumps
2025-01-30 10:19 - 2021-10-21 12:30 - 000000000 ____D C:\Users\bek69\AppData\Local\SquirrelTemp
2025-01-30 10:02 - 2024-10-13 08:03 - 003334656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-30 03:13 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-27 11:03 - 2024-10-13 08:02 - 000000000 ____D C:\Users\bek69
2025-01-26 18:37 - 2021-10-21 10:52 - 000000000 ____D C:\Users\bek69\AppData\Local\Avast Software
2025-01-26 18:36 - 2021-02-05 08:23 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-26 14:07 - 2021-10-21 13:26 - 000000000 ____D C:\Users\bek69\OneDrive\Dokumenty\Electronic Arts
2025-01-25 16:20 - 2024-12-15 17:37 - 000001404 _____ C:\Users\bek69\OneDrive\Plocha\Roblox Player.lnk
2025-01-25 16:20 - 2023-03-21 15:38 - 000000000 ____D C:\Users\bek69\OneDrive\Plocha\Míša hry
2025-01-25 16:20 - 2022-09-05 16:06 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2025-01-25 16:19 - 2024-12-15 17:37 - 000001232 _____ C:\Users\bek69\OneDrive\Plocha\Roblox Studio.lnk
2025-01-25 10:37 - 2024-10-01 07:08 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-01-25 10:03 - 2024-04-01 08:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-01-25 10:01 - 2021-10-21 10:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-25 08:49 - 2021-10-21 09:54 - 000000000 ____D C:\Users\bek69\AppData\Local\D3DSCache
2025-01-23 08:43 - 2024-10-13 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-01-23 08:43 - 2021-10-21 10:12 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-22 11:37 - 2024-12-08 01:00 - 000000000 ____D C:\Users\bek69\AppData\Local\curseforge-updater
2025-01-21 13:53 - 2024-03-18 19:53 - 000002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2025-01-21 13:53 - 2024-03-18 19:48 - 000000000 ____D C:\Program Files\CCleaner Browser
2025-01-21 11:50 - 2021-10-21 09:54 - 000000000 ____D C:\Users\bek69\AppData\Local\Packages
2025-01-21 10:40 - 2024-06-02 14:31 - 000002421 _____ C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic (work or school).lnk
2025-01-21 08:46 - 2024-04-14 16:24 - 000000130 _____ C:\Users\bek69\AppData\LocalLow\7107d4cac2bc4428fa0187dfd88ac646a0a936ba0c71f8a4e27055a4333f4375
2025-01-21 08:39 - 2023-10-01 17:54 - 000000130 _____ C:\Users\bek69\AppData\LocalLow\a8b141efd5a28a0535a4b1cef38c232052f69977de70ef5ac15dddb5a77f531f
2025-01-21 08:38 - 2023-10-01 17:54 - 000005855 _____ C:\Users\bek69\AppData\LocalLow\183fe6247284088bf5e3cb9f4cf38746039fa07f000070dabdfab908a343a64e
2025-01-21 08:28 - 2023-05-01 18:46 - 000000000 ____D C:\Program Files\Intel
2025-01-21 08:27 - 2024-04-14 16:24 - 000005874 _____ C:\Users\bek69\AppData\LocalLow\6d1a0d74b8983cab26a68cd0cdace1fb63918ce4f5f6aeaeeefb13009d6d5154
2025-01-20 16:15 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-20 16:15 - 2021-06-20 12:03 - 000000000 ____D C:\ProgramData\Packages
2025-01-20 16:15 - 2021-02-05 08:36 - 000000000 ____D C:\Program Files\Microsoft Office
2025-01-19 16:01 - 2021-06-20 12:10 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-19 16:00 - 2021-06-20 12:10 - 000000000 ____D C:\ProgramData\ExpressVPN
2025-01-19 16:00 - 2021-06-20 12:10 - 000000000 ____D C:\Program Files (x86)\ExpressVPN
2025-01-19 15:58 - 2021-10-21 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-01-19 15:40 - 2024-10-11 17:09 - 000000000 ___DC C:\WINDOWS\Panther
2025-01-19 15:40 - 2023-12-26 10:32 - 000000000 ____D C:\Users\bek69\AppData\Roaming\EasyAntiCheat
2025-01-19 15:40 - 2023-03-10 10:14 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Winamp
2025-01-19 15:40 - 2022-09-03 14:06 - 000000000 ____D C:\Users\bek69\AppData\Roaming\.minecraft
2025-01-19 15:40 - 2022-08-24 19:39 - 000000000 ____D C:\Users\bek69\OneDrive\Dokumenty\The Witcher 3
2025-01-19 15:40 - 2021-10-21 18:25 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Skype
2025-01-19 15:40 - 2021-10-21 18:25 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Windows Photo Viewer
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Office
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\MMC
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\HTML Help
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\HpUpdate
2025-01-19 15:40 - 2021-10-21 18:24 - 000000000 ____D C:\Users\bek69\AppData\Roaming\dvdcss
2025-01-19 15:40 - 2021-10-21 18:22 - 000000000 ____D C:\Users\bek69\AppData\Local\PokerStars.CZ
2025-01-19 15:40 - 2021-10-21 13:26 - 000000000 ____D C:\Users\bek69\OneDrive\Dokumenty\Add-in Express
2025-01-19 15:40 - 2021-10-21 12:30 - 000000000 ____D C:\Users\bek69\AppData\Roaming\WhatsApp
2025-01-19 15:40 - 2021-10-21 12:28 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Microsoft\Skype for Desktop
2025-01-19 15:39 - 2021-10-21 18:21 - 000000000 ____D C:\Users\bek69\AppData\Local\messengerfordesktop-updater
2025-01-19 13:00 - 2021-10-21 10:52 - 000000000 ____D C:\Users\bek69\AppData\Roaming\Avast Software
2025-01-19 12:59 - 2021-10-21 10:51 - 000000000 ____D C:\Program Files\Avast Software
2025-01-19 12:28 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-01-19 11:21 - 2024-12-07 18:13 - 000000000 ____D C:\Users\miska
2025-01-19 11:21 - 2024-12-07 18:09 - 000000000 ____D C:\Users\WsiAccount
2025-01-19 11:21 - 2024-10-13 08:02 - 000000000 ____D C:\Users\defaultuser100001
2025-01-19 11:21 - 2024-10-13 08:02 - 000000000 ____D C:\Users\defaultuser100000
2025-01-19 11:02 - 2021-02-05 08:33 - 000000000 ____D C:\Program Files\HP
2025-01-18 20:21 - 2023-10-11 16:39 - 000532958 _____ C:\Users\bek69\AppData\LocalLow\7bc5ee1f183e0e9cedb3a29f601ea14859c00f53dee857e6b51415c656d32a7f
2025-01-16 10:40 - 2024-12-05 17:00 - 000002264 _____ C:\Users\bek69\AppData\LocalLow\DeviceId=9A49_DeviceRevisionId=0001_DevicePciAddr=0.2.0_AppName=Spotify=_ApiClient=D3D12
2025-01-16 10:40 - 2023-10-11 16:39 - 000000130 _____ C:\Users\bek69\AppData\LocalLow\dfd8e4de2c43a69910ea1b6aa9c232836b2a22bfe407f70e53f2ee2cc540db02
2025-01-15 16:32 - 2024-12-06 13:57 - 000002264 _____ C:\Users\bek69\AppData\LocalLow\DeviceId=9A49_DeviceRevisionId=0001_DevicePciAddr=0.2.0_AppName=RuntimeBroker=_ApiClient=D3D12
2025-01-15 15:47 - 2021-12-28 10:42 - 000002553 _____ C:\Users\bek69\OneDrive\Plocha\WPS PDF.lnk
2025-01-15 12:55 - 2023-10-01 18:09 - 000008103 _____ C:\Users\bek69\AppData\LocalLow\abdfbee3f482f410934d1e17c2f7f6fa1d3b379b2a07284ffda6ea337445c922
2025-01-15 12:55 - 2023-10-01 18:09 - 000000026 _____ C:\Users\bek69\AppData\LocalLow\6bdad7e2b2f0e006a1b2964609240b6498c71fd5a1aeb1e97866f9a43779a743
2025-01-15 12:46 - 2021-10-21 10:51 - 000383056 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2025-01-15 12:41 - 2024-12-22 13:28 - 000316200 ____N (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-01-15 12:41 - 2022-07-14 07:35 - 000053048 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-01-15 12:21 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-15 10:02 - 2021-10-21 11:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-15 01:31 - 2023-10-01 17:49 - 000000000 ____D C:\Program Files\dotnet
2025-01-15 01:23 - 2021-10-21 11:08 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-10 20:49 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-01-02 17:59 - 2023-12-26 10:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

==================== Files in the root of some directories ========

2022-04-19 08:22 - 2022-04-19 08:22 - 000001540 _____ () C:\Users\bek69\AppData\Roaming\Microsoft\a03f15a4-e4c1-46a5-9ae6-e1700863d8af.tmp
2021-10-21 18:20 - 2020-06-03 17:10 - 000000000 _____ () C:\Users\bek69\AppData\Local\oobelibMkey.log
2021-10-21 18:20 - 2018-06-22 07:50 - 000000855 _____ () C:\Users\bek69\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#2 Příspěvek od **Rudy** » 30 led 2025 19:56

Zdravím!
Přidejte ještě log Addition ( je v C:\Users\bek69\OneDrive\Plocha v souboru addition.txt ), abycom mohli provést kompletní vyčištění. Děkuji.

bek69 · #3 Příspěvek od **bek69** » 30 led 2025 21:17

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-01-2025
Ran by bek69 (30-01-2025 18:43:38)
Running from C:\Users\bek69\OneDrive\Plocha
Microsoft Windows 11 Home Version 24H2 26100.3037 (X64) (2024-10-13 07:10:18)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4181327758-2871050509-626065469-500 - Administrator - Disabled)
bek69 (S-1-5-21-4181327758-2871050509-626065469-1001 - Administrator - Enabled) => C:\Users\bek69
DefaultAccount (S-1-5-21-4181327758-2871050509-626065469-503 - Limited - Disabled)
Guest (S-1-5-21-4181327758-2871050509-626065469-501 - Limited - Disabled)
miska (S-1-5-21-4181327758-2871050509-626065469-1008 - Limited - Enabled) => C:\Users\miska
WDAGUtilityAccount (S-1-5-21-4181327758-2871050509-626065469-504 - Limited - Disabled)
WsiAccount (S-1-5-21-4181327758-2871050509-626065469-1007 - Limited - Disabled) => C:\Users\WsiAccount

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: McAfee VirusScan (Disabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«Silent Hill 2: Director's Cut» (HKLM-x32\...\{532FA253-E5EE-4842-BEC5-8B275978E271}_is1) (Version: - Konami Computer Entertainment Tokyo, Inc.)
µTorrent (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\uTorrent) (Version: 3.6.0.46716 - BitTorrent Inc.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 24.005.20392 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AquaFish 2 (HKLM-x32\...\AquaFish 2_is1) (Version: - Play.pl)
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC17084FC500}) (Version: 23.008.20421 - Adobe Systems Incorporated)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 24.3.17165.19178 - Avast Software)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 24.3.5552.18930 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 24.12.9725.2387 - Gen Digital Inc.)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
Canva (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.96.0 - Canva Pty Ltd)
Canva (HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.99.0 - Canva Pty Ltd)
CapCut (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\CapCut) (Version: 4.8.0.1820 - Bytedance Pte. Ltd.)
CapCut (HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\CapCut) (Version: 5.2.0.1950 - Bytedance Pte. Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.32 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 131.0.27894.265 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1651.5 - Piriform Software) Hidden
CEWE fotosvet (HKLM\...\CEWE fotosvet) (Version: 7.4.4 - CEWE Stiftung u Co. KGaA)
CurseForge 1.270.4-22804 (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 1.270.4-22804 - Overwolf)
Discord (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Discord) (Version: 1.0.9151 - Discord Inc.)
Discord (HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Discord) (Version: 1.0.9003 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.257.0.5770 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{20a8704d-f282-4d39-b57c-177ec90557be}) (Version: 13.257.0.5770 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
ExpressVPN (HKLM-x32\...\{daca2b09-0a6e-43a0-ba86-dcfdc8e9a13f}) (Version: 12.95.0.42 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B89BBD785B}) (Version: 12.95.0.42 - ExpressVPN) Hidden
Freearc Repack [1.0] (HKLM-x32\...\Freearc Repack_is1) (Version: - Freearc638)
Google Chrome (HKLM\...\{336537CE-1139-3D06-B710-B459C974EF81}) (Version: 132.0.6834.160 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.20.0 - HP Inc)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version: - )
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud Outlook (HKLM\...\{7AB369BE-3EC1-475A-AEEE-BF91FE270A39}) (Version: 15.2.0.157 - Apple Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{E2412D7F-3FB3-4638-819A-953908EA116E}) (Version: 24.6.49.8 - Intel) Hidden
Intel(R) Arc Software & Drivers (HKLM\...\Intel(R) Arc Software & Drivers) (Version: 1.0.993.8 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{89E7E64C-A30C-4D24-9D12-B354CA2335DE}) (Version: 2.4.10888 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{E5FB0A2C-49A5-41B5-B5AB-249A3A05405E}) (Version: 24.6.49.8 - Intel)
Intel® Graphics Software (HKLM\...\{DD5B20EB-DD0A-4F58-9B16-F4DFAEACDA2E}) (Version: 24.50.1001.1 - Intel Corporation)
Intel® Graphics Software (HKLM\...\{F62983F3-2F42-4411-B808-6550DC1F61EF}) (Version: 24.50.1001.1 - Intel Corporation) Hidden
Java 8 Update 441 (64-bit) (HKLM\...\{77724AE4-039E-4CA4-87B4-2F64180441F0}) (Version: 8.0.4410.7 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.20 (x64) (HKLM\...\{EE5EB03B-D65C-4991-848E-2C6E024326DB}) (Version: 56.80.15184 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.12 (x64) (HKLM\...\{C4C6E39D-48AE-426C-960C-46ED3447DDEB}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.20 (x64) (HKLM\...\{B0FC828F-678C-4868-9B5B-99639758E6F3}) (Version: 56.80.15184 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.10 (x64) (HKLM\...\{062CD1ED-0A3C-483C-A871-50173240C545}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.12 (x64) (HKLM\...\{C9C872D5-3CA9-4E0E-AF90-1B85325F9243}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.20 (x64) (HKLM\...\{221BB52A-B763-4C9D-AA62-4B0B6C9AAD62}) (Version: 56.80.15184 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.10 (x64) (HKLM\...\{15B7D0C2-F209-4C28-AF1C-FD8326F4D58A}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.12 (x64) (HKLM\...\{1E606649-7E56-452F-8AC4-495C70D1E341}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18324.20194 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18324.20194 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.18324.20194 - Microsoft Corporation)
Microsoft ASP.NET Core 7.0.20 - Shared Framework (x64) (HKLM-x32\...\{6c2f4b5b-86d2-4aff-bf79-d1e73cc20ab3}) (Version: 7.0.20.24269 - Microsoft Corporation)
Microsoft ASP.NET Core 7.0.20 Shared Framework (x64) (HKLM\...\{BD401329-F877-391C-9E5A-FEB423C5A196}) (Version: 7.0.20.24269 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\{9ABA4408-FB9C-3BA1-87D2-C10432A44A67}) (Version: 132.0.2957.127 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 132.0.2957.127 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\OneDriveSetup.exe) (Version: 24.221.1103.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Teams) (Version: 1.8.00.1362 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.31301 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.20 (x64) (HKLM\...\{72C29BED-666F-4E5E-BC49-DF44C890742E}) (Version: 56.80.15245 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.20 (x64) (HKLM-x32\...\{362ea044-f96f-45c7-b59f-0dbe5ca98ff4}) (Version: 7.0.20.33720 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM\...\{614C9740-3FD4-4788-A277-7C35CB4C323B}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM-x32\...\{d990096d-6282-42c5-8d16-71272c5be274}) (Version: 8.0.10.34118 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM\...\{71CD19D6-C448-4B5D-9A38-018741753290}) (Version: 64.48.26178 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM-x32\...\{aafaa0cc-b975-4ffa-ba33-8690e64683c4}) (Version: 8.0.12.34404 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 134.0.2 (x64 cs)) (Version: 134.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 93.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18324.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18324.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
PCSX2 (HKLM\...\{13CEE6E5-8EB3-47D3-882E-E9DBB6A3251C}}_is1) (Version: 2.2.0 - PCSX2 Team)
Riot Client (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for bek69 (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\roblox-player) (Version: - Roblox Corporation)
Rush: A Disney Pixar Adventure (HKLM-x32\...\Rush: A Disney Pixar Adventure_is1) (Version: - )
Skype 8.134 (HKLM-x32\...\{6F9453A2-F32E-4BB7-9E60-F4EAD9B799A9}) (Version: 8.134.0.202 - Skype Technologies S.A.)
Skype verze 8.134 (HKLM-x32\...\Skype_is1) (Version: 8.134 - Skype Technologies S.A.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.9301 - TLauncher Inc.)
Toy Story 3 - The Video Game (HKLM-x32\...\Toy Story 3 - The Video Game_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
Videodownloader (HKLM-x32\...\{FEEBD562-6B8E-457A-9133-89B8C1E14443}) (Version: 1.1.8 - Videodownloader)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1006 - McAfee, LLC)
Winamp (HKLM-x32\...\Winamp) (Version: 5.92.0 - Winamp SA)
WPS Office (12.2.0.19805) (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\Kingsoft Office) (Version: 12.2.0.19805 - Kingsoft Corp.)

Chrome apps:
============
Disk Google (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\b25b06f84ba62d18c1d2c98a38046d05) (Version: 1.0 - Google\Chrome)
Disk Google (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\bc28d54e1ec5bac92ddc2a4c74a1b401) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\5f77fa4e2c8804ee4ca2e3875f53e3b7) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\f72d03dba911d80a4b33b41bad13dfd2) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\2f03cb720d3e882de2895a89ec3438da) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\f9ee0e40dbda3f2aa19e564e84c5f39e) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\343f9cba3f5caa932c9fa4f1aa764b95) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\f7555ff7dbd9f2a9187bf54d489a2ca6) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\0335dd3595a75001ecaa820f3903b6ff) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\04e2997e2fc0626492ad61dc06a1a23d) (Version: 1.0 - Google\Chrome)
TikTok (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\489691510362818483ef2e20b7d74a0d) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\ab62745c022aed53c7a436ba020f2ed4) (Version: 1.0 - Google\Chrome)

Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-09] (INTEL CORP) [Startup Task]
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2024-10-11] (Priceline Partner Network)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.39.0_x64__ffd303wmbhcjt [2024-11-28] (BreeZip) [Startup Task]
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-05] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2024-08-02] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2024-10-11] (HP Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.51.329.0_x64__v10z8vjag6ke6 [2024-10-11] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.7.0.0_x64__v10z8vjag6ke6 [2025-01-29] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-10-11] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2023-09-22] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-14] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.41.29.0_x64__v10z8vjag6ke6 [2024-12-20] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.4.0_x64__v10z8vjag6ke6 [2025-01-18] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa [2024-11-15] (Apple Inc.) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-10-11] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa [2024-10-24] (Apple Inc.) [Startup Task]
Mapy.cz -> C:\Program Files\WindowsApps\949FFEAB.Mapy.cz_8.23.0.0_x64__refxrrjvvv3cw [2024-10-08] (Seznam.cz a.s.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-22] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12002.0_x64__8wekyb3d8bbwe [2025-01-08] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-22] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-10] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe [2025-01-26] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6 [2024-11-26] (HP Inc.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-08-15] (Netflix, Inc.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-01-20] ()
Picsart - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PICSART-PHOTOSTUDIO_10.37.1.0_x64__crhqpqs3x1ygc [2025-01-21] (PicsArt Inc.)
Prisma Effects & Stickers -> C:\Program Files\WindowsApps\1861PHOTOCODERS.PrismaEffectsStickers_1.1.4.0_x64__w24ejb4x7jg96 [2024-12-10] (PHOTOCODERS) [MS Ad]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.22.0_x64__kx24dqmazqk8j [2024-10-22] (Random Salad Games LLC)
SoundCloud - Music & Songs -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_2.0.0.0_neutral__2xc63xn306dnw [2024-10-13] (SoundCloud Global Limited & Co. KG)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0 [2025-01-18] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2503.5.0_x64__cv1g1gvanyjgm [2025-01-24] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-29] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.373.1641.0_x64__8wekyb3d8bbwe [2025-01-29] (Microsoft Corp.)
Windows App Runtime DDLM 5001.119.156.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.5001.119.156.0-x6_5001.119.156.0_x64__8wekyb3d8bbwe [2024-06-09] (Microsoft Corporation)
Windows App Runtime DDLM 5001.119.156.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.5001.119.156.0-x8_5001.119.156.0_x86__8wekyb3d8bbwe [2024-06-09] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4181327758-2871050509-626065469-1001_Classes\CLSID\{0523DA1A-BA2C-453B-9A95-D43011AF480C}\localserver32 -> c:\program files\intel\intel graphics software\intelgraphicssoftware.exe (Intel Corporation -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4181327758-2871050509-626065469-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\bek69\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.31301\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4181327758-2871050509-626065469-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4181327758-2871050509-626065469-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4181327758-2871050509-626065469-1001_Classes\CLSID\{7d043d4e-4259-f459-3630-7b434fd7752c}\localserver32 -> C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (HP Inc. -> HP Inc.)
CustomCLSID: HKU\S-1-5-21-4181327758-2871050509-626065469-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\bek69\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_0b50502eadc264dd\OptaneShellExt.dll [2023-12-13] (Intel Corporation -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> [CC]{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_0b50502eadc264dd\OptaneShellExt.dll [2023-12-13] (Intel Corporation -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-22] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1_S-1-5-21-4181327758-2871050509-626065469-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\kwpsmenushellext64.dll [2025-01-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-4181327758-2871050509-626065469-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\bek69\AppData\Local\Kingsoft\WPS Office\12.2.0.19805\office6\kwpsmenushellext64.dll [2025-01-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2024-01-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2024-01-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\bek69\OneDrive\Plocha\Míša hry\Aplikace\TikTok.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc
ShortcutWithArgument: C:\Users\bek69\AppData\Local\Google\Chrome\User Data\Profile 3\Web Applications\_crx_nlalbmkafgmoifbeooblidblkmlhhpnc\TikTok.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc
ShortcutWithArgument: C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\TikTok.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc
ShortcutWithArgument: C:\Users\bek69\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Trials.lnk -> C:\Program Files (x86)\Online Services\Adobe\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?type=103&RedeemCode=A86nGl7qtTLQuuKzpltgWX%2b34vTefaL1K0Y%2fn%2bxl8i2opJvblRGpn1DHMmeX1h2hGXaQJjJ3lwr6TFLxg0Dn4%2favKUXcFQCLpLrN5cJcgxKWGK6XorNeghOw0aW9l4xqMhPGKdk469PmzByjxU2IzBw8rajZZCeURAnrNMvwLTc%3d
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utomik - Play over 1000 games.lnk -> C:\Program Files (x86)\Online Services\Utomik\WizLink.exe () -> hxxps://www.utomik.com/hp_desktop

==================== Loaded Modules (Whitelisted) =============

2024-12-08 01:00 - 2025-01-27 11:26 - 002682880 _____ () [File not signed] C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\ffmpeg.dll
2024-12-08 01:00 - 2025-01-27 11:26 - 000481280 _____ () [File not signed] C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\libegl.dll
2024-12-08 01:00 - 2025-01-27 11:26 - 008058368 _____ () [File not signed] C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\libglesv2.dll
2024-12-08 01:00 - 2025-01-27 11:26 - 005475328 _____ () [File not signed] C:\Users\bek69\AppData\Local\Programs\CurseForge Windows\vk_swiftshader.dll
2024-12-15 14:11 - 2024-12-15 14:11 - 000432128 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LauncherSDK\5dfa3daa8a6749a11f0f5a487763bae6\LauncherSDK.ni.dll
2024-12-15 14:11 - 2024-12-15 14:11 - 000037888 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Logging\f83258b406f7e0011032448137b9e628\Logging.ni.dll
2025-01-29 10:23 - 2025-01-29 10:23 - 000153088 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RpcClient\3a50d9a5b6fd4a2005a7f2b82703d9f3\RpcClient.ni.dll
2025-01-29 10:23 - 2025-01-29 10:23 - 000118272 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WMISDK\22bb97f0ba0549719d5f3e04efb6a2ff\WMISDK.ni.dll
2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\WINDOWS\System32\mvtcpmon.dll
2025-01-29 10:22 - 2025-01-29 10:22 - 003884544 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\dc471371b4b6df152439a9403c5deee3\Newtonsoft.Json.ni.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [File not signed] C:\WINDOWS\System32\slp64.dll
2024-08-04 23:16 - 2024-08-04 23:16 - 001626624 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2024-08-04 23:16 - 2024-08-04 23:16 - 003164160 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8710]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

SearchScopes: HKLM -> {29C43F6A-0E5B-473B-B40B-60EAE67AD3B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {29C43F6A-0E5B-473B-B40B-60EAE67AD3B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4181327758-2871050509-626065469-1001 -> {29C43F6A-0E5B-473B-B40B-60EAE67AD3B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_441\bin\ssv.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_441\bin\jp2ssv.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-12-17] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-12-17] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-10] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\sharepoint.com -> hxxps://zsenglisovacz-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2024-02-12 11:52 - 000002480 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bek69\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-4181327758-2871050509-626065469-1007\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\miska\Desktop\obrázky\f39b747c8579850b3b0e7dc100e2a889.jpg
DNS Servers: 192.168.90.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: ExpressVPN TUN Driver -> expressvpn-tun.sys
Wi-Fi: Realtek RTL8852AE WiFi 6 802.11ax PCIe Adapter -> rtwlane6.sys
Ethernet 2: ExpressVPN TAP Adapter -> tapexpressvpn.sys
Hamachi: LogMeIn Hamachi Virtual Ethernet Adapter -> Hamdrv.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "Intel® Arc™ Control"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "DownloadHelperTray"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "HPSEU_Host_Launcher"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_27737711D0E01AA5C243882DB699ADB4"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-4181327758-2871050509-626065469-1001\...\StartupApproved\Run: => "CanvaAutoLaunchAvailabilityCheckAgent"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A5C904DC-F544-4605-84C2-ACA89FE99985}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24256.2502.3123.1_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AE29CC20-0959-4006-A6F4-07F6CFB4A5BB}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24256.2502.3123.1_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13CAB7F6-B53E-4700-B9E9-8A6BBF35D25A}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [{EF64F8EC-B5AE-4E4C-B220-AB2D73CCF945}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{ABBD55E7-5D21-4341-A3EA-0EF53135DBA0}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{2BF8424E-4497-4B30-B5C9-C9F526498350}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{DD7996A9-FD69-4B6B-BBA0-1E94505F1F72}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9F8E9B67-6FF2-4517-8EEC-1DFDB7A2328E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B0051C93-4686-445B-9A41-09D502209A48}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9DB79A96-A78E-42D6-AE9E-3A6CCB40F179}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{CC59B226-6B81-4199-B1B2-313971E3A54A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3FB02378-FAE7-4E30-BC18-2D3787E587A6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{339BD7C7-DC39-413E-96E5-C98EDB908859}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D6678D53-FBC7-491D-9E80-E3623268B6AE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2EF2AAF6-E60F-4242-A4ED-4AA6D6EA45F0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{97E53E53-C04B-4399-BF05-01DF84BA50F3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5849995F-7A83-48C5-A9A7-3537CDAEEBF9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AAA844F6-7CB0-4DFE-A2F4-42457E436B4C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5F1D6297-FB0D-4E06-98E6-F6A95C2954C0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{BD338DD0-3D18-443C-AC58-92D6F107502D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B3B813BA-093C-4AB2-808F-FDC0D99A2047}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C921F7BE-2091-41EC-A6F4-15497B896288}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cakey's Twisted Bakery\Cakey's Twisted Bakery.exe () [File not signed]
FirewallRules: [{367C6F27-FEEE-418C-8027-08CC2121594D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cakey's Twisted Bakery\Cakey's Twisted Bakery.exe () [File not signed]
FirewallRules: [{01CFB9BE-DC92-40D9-AA2C-851FF2C721DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TellMeWhy\TME-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9C36019B-7A0A-44CF-AD0A-8A209DDE12D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TellMeWhy\TME-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{84B3EF90-6564-46BE-BDE7-9E052D462385}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Solitaire Forever II\Solitaire Forever II.exe (Solitaire Forever) [File not signed]
FirewallRules: [{53DCE4A3-42F1-4FE3-9E5A-35DB341EF3CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Solitaire Forever II\Solitaire Forever II.exe (Solitaire Forever) [File not signed]
FirewallRules: [UDP Query User{409A0EBE-A383-4732-A193-3C84EAC9E566}C:\users\bek69\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\bek69\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{2CA43956-765A-42D4-A734-1E1C249C27A4}C:\users\bek69\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\bek69\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{00858A66-76DD-4CF6-9884-FCCE5A260A4C}C:\users\bek69\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\bek69\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{189C47DA-0F39-4389-A205-A6AADC4B749B}C:\users\bek69\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\bek69\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{73C0A9C0-D276-4D86-9051-A92C20CECE58}] => (Allow) LPort=161
FirewallRules: [{E3EDE418-BA2E-47E7-99B4-9199FD052C3B}] => (Allow) LPort=427
FirewallRules: [{2EB3A137-8029-4277-9177-22473B3E67B5}] => (Allow) LPort=9100
FirewallRules: [{302FE36B-5486-473D-A2A5-2A7F1C459CB1}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{B6F49197-E050-48CB-9C27-3E33BD0657AD}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{D32C8B11-999E-4FD1-802D-CD82139D5F46}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{7BF57B17-BEF2-40A1-817F-E83612927091}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{B61BAB00-8C05-47EC-B30B-B1540777D276}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{4E5DB565-1BD4-4E07-9B15-D1B17E2A0AD9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D962B0F9-8FC6-4C73-B69E-A02C2C7A5477}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D321673C-4F38-4556-8875-2D779EF7D8A1}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{2A4B8FFF-58EB-45D0-84A3-48D69CD4F580}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{F430E2CF-9B83-49A3-82B2-C1716471ED31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{359B7DE1-3ED7-43B3-B20C-B51C6A0FB2EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E8BAA45D-1A5D-4263-B47D-2272E4D126A4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B3A0124D-645F-4573-86DC-782DDD68849B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1FC4929F-EE22-4882-BB09-DAE725340909}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{D42825D4-6C4D-4123-B359-93165161EDBD}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{5677FC97-F87A-4ADE-B504-70D515B84A3E}] => (Allow) C:\Users\bek69\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{0DC1C959-27C7-4E2B-B465-07F3D343C174}] => (Allow) C:\Users\bek69\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{F06F7134-ADD1-4FF7-BE64-C72A4D60DFDE}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{4EAEC803-6071-4177-88EC-B406BD2BC611}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{B0EAD4E8-F9F7-46EB-8F90-A7078D8517A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{6ED7FE1E-CC35-4602-A41D-B00905E3E176}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{62DC203A-FF9D-4B68-A976-6E9C9A8F23D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{E9BF5A92-1AF0-40B8-B2F0-EA914E136C63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{4F6A88CA-460F-48E8-9287-7ADBB9BCA76D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{20262A50-A844-4F69-993D-259E8F882DAE}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{2351634E-293A-4391-8F86-41228223FE68}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{81A5697A-E295-48BD-A19D-7ED72FBBCB8E}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{DE6059C7-0B66-49C3-92DB-6FDF2FAD6D77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe (Team Psykskallar) [File not signed]
FirewallRules: [{46260A98-2723-43E2-8E58-56AB5BA63A77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe (Team Psykskallar) [File not signed]
FirewallRules: [{35706630-D0B4-4EF1-B134-C391F70D81F6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{D77B6C02-4CB2-4438-8C10-7AF428E8ADDC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E8033100-138E-4F4A-BB86-220EFD4E2C57}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B45406A7-48A2-4588-B30C-20E2E9855335}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{D98A076F-FC9F-422E-ACE2-1CE3FCDED705}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{FC0785D9-D70C-48CC-91E5-90DB98075E9B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8A10CCB2-ECC7-4839-BE41-76307BCABBC7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4649FA30-65B2-4382-91C9-34C0A9206931}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4ACB95D6-1946-40F2-877F-C459E4F5D515}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A735008E-F064-4420-B6FD-F874BA9A8E44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One-armed cook\OAC.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6E1F2B68-4C5F-4AE7-8DAF-93CF081416E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One-armed cook\OAC.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{8CEDF224-EEA2-46C7-90CF-7D3A644643BE}] => (Allow) C:\Users\bek69\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{281F73D8-1DBB-4FBD-BDD9-C585F9FE2C28}] => (Allow) C:\Users\bek69\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{D8BBB3DA-A138-419A-B598-EEB307FBA30B}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{2E5198A8-4380-44BF-93E7-5D4F2DBC7C47}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{E6E9DA1D-C3EC-4937-893B-0FA68299FB4B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B61D189-1FBD-4360-9144-DBAF627AFFB2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CF82E25C-8FDA-4EDC-A1D7-834794C88A1C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F13E83F8-AE9C-4437-9804-1BA2D5AAA7C4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBD8A4C3-E867-4BF1-8905-08560406F8F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{930302A1-2A38-463B-B288-2FE2D5BA37FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EBF5AABF-CDE7-49EA-B318-5D6488C507F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{777D5996-8B42-4B04-A88E-05A04E432ED4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4E716184-42AC-4207-AB91-6841BDCB5360}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1CE1BE4C-E02D-4902-8726-4924BE8B530B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1708910A-76AF-467F-85B0-6AE6B2347378}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FFAAD476-D127-4309-97B6-2EC0ED7B9A07}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F55474C5-672B-4321-A192-66629D45E07A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1F827264-008A-443F-A55E-8BE575C5AC32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.255.235.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{564988AA-66C0-46FE-8D65-BF098815DD9A}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{43091AAB-4481-4DBE-9BE7-1AF6CFAAD964}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{7BD8605C-630E-4CED-9803-6D75EFBB296B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52830383-F35E-4504-911E-C721CF6BB7FC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5BA8FB07-A93E-4FFA-8D87-BC93F08E6BD3}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
FirewallRules: [{3FB5818F-7F34-413B-B9FF-59E8BE551C53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supermarket Together\Supermarket Together.exe () [File not signed]
FirewallRules: [{888D6163-5DAB-4B8F-BFE2-292197DAD69B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supermarket Together\Supermarket Together.exe () [File not signed]
FirewallRules: [{19167B98-667B-430D-BCBB-A38190CC62A6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.127\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54282E0A-BCBA-4F94-8460-3D1885EB7924}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25007.607.3371.8436_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEF25A78-3948-484F-811B-8EE2B6F09455}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25007.607.3371.8436_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5EF76EB8-8E04-4442-BD71-710D356A36EE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

21-01-2025 08:40:03 Avast Driver Updater Restore Point
25-01-2025 08:50:26 Windows Update
29-01-2025 08:49:14 Windows Update
29-01-2025 08:49:23 Windows Update
30-01-2025 09:53:31 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/30/2025 05:57:20 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP$ přes https://INTC-KeyId-b066d9697f5d3a07b425 ... s/Aik/scep se nepovedla:

GetCACertChainDone
GetCACaps: OK
HTTP/1.1 200 OK
Date: Thu, 30 Jan 2025 16:56:10 GMT
Content-Length: 89
Content-Type: text/plain
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 533105bc-3df8-4dd3-ba90-058b549ab1ac

Metoda: POST(71719ms)
Fáze: GetCACertChainDone
Operace nebyla v požadované době dokončena. 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)

Error: (01/30/2025 04:40:28 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 0.0.0.0 programu WhatsApp.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (01/30/2025 02:33:59 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP$ přes https://INTC-KeyId-b066d9697f5d3a07b425 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(16ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (01/30/2025 11:18:46 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP$ přes https://INTC-KeyId-b066d9697f5d3a07b425 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(138406ms)
Fáze: GetCACaps
Operace nebyla v požadované době dokončena. 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)

Error: (01/30/2025 11:18:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (17960,R,98,0) SUS20ClientDataStore: Při otevírání souboru protokolu C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00074.log došlo k chybě -1811 (0xfffff8ed).

Error: (01/30/2025 11:15:30 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: IntelGraphicsSoftware.Service.exe, verze: 24.50.1001.1, časové razítko: 0x66e80000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.26100.2454, časové razítko: 0x398a1cce
Kód výjimky: 0xe0434352
Posun chyby: 0x00000000000c837a
ID chybujícího procesu: 0x1e24
Čas spuštění chybující aplikace: 0x1db722d7e1f81b0
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID sestavy: bc1ce6cd-f640-4cb0-8133-dbc8bab47b71
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (01/30/2025 12:48:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Users\bek69\AppData\Local\CapCut\Apps\CapCut.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.2454_none_85b89f79f7add666.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.2454_none_3e0b68a2e331ad60.manifest.

Error: (01/30/2025 12:48:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Users\bek69\AppData\Local\CapCut\Apps\CapCut.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.2454_none_85b89f79f7add666.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.2454_none_3e0b68a2e331ad60.manifest.

System errors:
=============
Error: (01/30/2025 04:29:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) SUR QC Software Asset Manager bylo dosaženo časového limitu (30000 ms).

Error: (01/30/2025 11:26:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) SUR QC Software Asset Manager bylo dosaženo časového limitu (30000 ms).

Error: (01/30/2025 11:18:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/30/2025 11:18:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (01/30/2025 11:15:29 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.

Error: (01/30/2025 11:15:29 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.

Error: (01/30/2025 11:15:29 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.

Error: (01/30/2025 11:15:29 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.

CodeIntegrity:
===============
Date: 2025-01-30 16:30:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: AMI F.26 07/14/2023
Motherboard: HP 883C
Processor: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
Percentage of memory in use: 59%
Total physical RAM: 16051.31 MB
Available physical RAM: 6543.3 MB
Total Virtual: 25267.31 MB
Available Virtual: 13525.76 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:952.79 GB) (Free:54.11 GB) (Model: NVMe KBG40ZNV1T02 KIOXIA) (Protected) NTFS

\\?\Volume{cc6fb567-744b-47c7-a29c-db26ba78ad07}\ () (Fixed) (Total:0.8 GB) (Free:0.06 GB) NTFS
\\?\Volume{1bee1eec-0aa2-4305-a7b0-4f4eb5e1f24b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt =======================

#4 Příspěvek od **Rudy** » 30 led 2025 22:00

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> [CC]{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8710]
FirewallRules: [{13CAB7F6-B53E-4700-B9E9-8A6BBF35D25A}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [{EF64F8EC-B5AE-4E4C-B220-AB2D73CCF945}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{ABBD55E7-5D21-4341-A3EA-0EF53135DBA0}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{2BF8424E-4497-4B30-B5C9-C9F526498350}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{B0EAD4E8-F9F7-46EB-8F90-A7078D8517A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{6ED7FE1E-CC35-4602-A41D-B00905E3E176}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{D8BBB3DA-A138-419A-B598-EEB307FBA30B}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{2E5198A8-4380-44BF-93E7-5D4F2DBC7C47}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [AvastBrowserAutoLaunch_A28BB13CE862A0B70F5243088C772B2E] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {34B956DC-AF86-496C-BCB9-3686BF328AC0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{E3F3B160-9DE2-4905-8528-FB14141E2ECF} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2025-01-27] (Google LLC -> Google LLC)
Task: {9DC6929C-8547-47E6-A67B-D2254297EA77} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{51EB39E6-1BFE-4BE2-9040-989D5389BC32} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {76B08F06-59A9-4F52-AB0C-616667C60B9C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6947.0{39641609-29F9-4309-B5DD-00C005D9FB84} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6947.0\updater.exe [5642336 2025-01-09] (Google LLC -> Google LLC)
ask: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {9B09E479-5908-4FA0-A75D-2F3B967BD23F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {366F5195-F81B-4E00-AEE8-500793EC9ABB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {8A74A216-A52E-40B5-855B-45B55F8FAD53} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A2796A1D-176B-4254-8AE9-F2F63166D3E6} - System32\Tasks\Outbyte\PC Repair\CrashCheck => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /Crash <==== ATTENTION
Task: {9FDC11C1-536D-46A4-A4EA-5801B9F59D25} - System32\Tasks\Outbyte\PC Repair\DailyTip => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DailyTip <==== ATTENTION
Task: {1942090B-B656-41CF-B51B-0E616C22AA0F} - System32\Tasks\Outbyte\PC Repair\DiskCleaner1 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner1 <==== ATTENTION
Task: {F3CF16B5-67B9-49EB-A9FF-AC4EB9B72BCD} - System32\Tasks\Outbyte\PC Repair\DiskCleaner2 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner2 <==== ATTENTION
Task: {7651CBF4-BD33-4E8E-8C64-105C5AB5DA45} - System32\Tasks\Outbyte\PC Repair\HomePage => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /HomePage <==== ATTENTION
Task: {7597F9C2-4CF0-402F-A99B-C9ECC7A247F2} - System32\Tasks\Outbyte\PC Repair\MSExploit => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /MSExploit <==== ATTENTION
Task: {1B8EC3DD-9D13-470F-B8CA-F545C7E65E72} - System32\Tasks\Outbyte\PC Repair\NewDeceptors => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /NewDeceptors <==== ATTENTION
Task: {28202424-67AF-4762-AFE4-33E9A08EF03E} - System32\Tasks\Outbyte\PC Repair\ScanResults => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /AllResults <==== ATTENTION
Task: {F97FA40E-F08F-4D83-A840-9BC278D7E2A6} - System32\Tasks\Outbyte\PC Repair\SecurityBreach => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /SecurityBreach <==== ATTENTION
Task: {8374EDB5-D0BA-443E-A5EB-F17A74C325D3} - System32\Tasks\Outbyte\PC Repair\WeakPassword => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /WeakPassword <==== ATTENTION
U3 aswArDisk; no ImagePath
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\DumpStack.log.tmp
C:\Users\bek69\AppData\Roaming\Microsoft\a03f15a4-e4c1-46a5-9ae6-e1700863d8af.tmp

EmptyTemp:
Hosts:
End

Uložte do C:\Users\bek69\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

bek69 · #5 Příspěvek od **bek69** » 01 úno 2025 19:43

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-01-2025
Ran by bek69 (01-02-2025 19:36:55) Run:1
Running from C:\Users\bek69\OneDrive\Plocha
Loaded Profiles: bek69 & WsiAccount & miska
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> [CC]{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8710]
FirewallRules: [{13CAB7F6-B53E-4700-B9E9-8A6BBF35D25A}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [{EF64F8EC-B5AE-4E4C-B220-AB2D73CCF945}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{ABBD55E7-5D21-4341-A3EA-0EF53135DBA0}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{2BF8424E-4497-4B30-B5C9-C9F526498350}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{B0EAD4E8-F9F7-46EB-8F90-A7078D8517A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{6ED7FE1E-CC35-4602-A41D-B00905E3E176}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{D8BBB3DA-A138-419A-B598-EEB307FBA30B}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{2E5198A8-4380-44BF-93E7-5D4F2DBC7C47}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4181327758-2871050509-626065469-1008\...\Run: [AvastBrowserAutoLaunch_A28BB13CE862A0B70F5243088C772B2E] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {34B956DC-AF86-496C-BCB9-3686BF328AC0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{E3F3B160-9DE2-4905-8528-FB14141E2ECF} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2025-01-27] (Google LLC -> Google LLC)
Task: {9DC6929C-8547-47E6-A67B-D2254297EA77} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{51EB39E6-1BFE-4BE2-9040-989D5389BC32} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {76B08F06-59A9-4F52-AB0C-616667C60B9C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6947.0{39641609-29F9-4309-B5DD-00C005D9FB84} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6947.0\updater.exe [5642336 2025-01-09] (Google LLC -> Google LLC)
ask: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {9B09E479-5908-4FA0-A75D-2F3B967BD23F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {366F5195-F81B-4E00-AEE8-500793EC9ABB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {8A74A216-A52E-40B5-855B-45B55F8FAD53} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A2796A1D-176B-4254-8AE9-F2F63166D3E6} - System32\Tasks\Outbyte\PC Repair\CrashCheck => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /Crash <==== ATTENTION
Task: {9FDC11C1-536D-46A4-A4EA-5801B9F59D25} - System32\Tasks\Outbyte\PC Repair\DailyTip => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DailyTip <==== ATTENTION
Task: {1942090B-B656-41CF-B51B-0E616C22AA0F} - System32\Tasks\Outbyte\PC Repair\DiskCleaner1 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner1 <==== ATTENTION
Task: {F3CF16B5-67B9-49EB-A9FF-AC4EB9B72BCD} - System32\Tasks\Outbyte\PC Repair\DiskCleaner2 => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /DiskCleaner2 <==== ATTENTION
Task: {7651CBF4-BD33-4E8E-8C64-105C5AB5DA45} - System32\Tasks\Outbyte\PC Repair\HomePage => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /HomePage <==== ATTENTION
Task: {7597F9C2-4CF0-402F-A99B-C9ECC7A247F2} - System32\Tasks\Outbyte\PC Repair\MSExploit => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /MSExploit <==== ATTENTION
Task: {1B8EC3DD-9D13-470F-B8CA-F545C7E65E72} - System32\Tasks\Outbyte\PC Repair\NewDeceptors => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /NewDeceptors <==== ATTENTION
Task: {28202424-67AF-4762-AFE4-33E9A08EF03E} - System32\Tasks\Outbyte\PC Repair\ScanResults => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /AllResults <==== ATTENTION
Task: {F97FA40E-F08F-4D83-A840-9BC278D7E2A6} - System32\Tasks\Outbyte\PC Repair\SecurityBreach => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /SecurityBreach <==== ATTENTION
Task: {8374EDB5-D0BA-443E-A5EB-F17A74C325D3} - System32\Tasks\Outbyte\PC Repair\WeakPassword => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe -> C:\Program Files (x86)\Outbyte\PC Repair\/UseTray /Schedule /WeakPassword <==== ATTENTION
U3 aswArDisk; no ImagePath
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\DumpStack.log.tmp
C:\Users\bek69\AppData\Roaming\Microsoft\a03f15a4-e4c1-46a5-9ae6-e1700863d8af.tmp

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\McCtxMenuFrmWrk => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13CAB7F6-B53E-4700-B9E9-8A6BBF35D25A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF64F8EC-B5AE-4E4C-B220-AB2D73CCF945}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ABBD55E7-5D21-4341-A3EA-0EF53135DBA0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2BF8424E-4497-4B30-B5C9-C9F526498350}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B0EAD4E8-F9F7-46EB-8F90-A7078D8517A9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6ED7FE1E-CC35-4602-A41D-B00905E3E176}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D8BBB3DA-A138-419A-B598-EEB307FBA30B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E5198A8-4380-44BF-93E7-5D4F2DBC7C47}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-4181327758-2871050509-626065469-1008\Software\Microsoft\Windows\CurrentVersion\Run\\AvastBrowserAutoLaunch_A28BB13CE862A0B70F5243088C772B2E" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{34B956DC-AF86-496C-BCB9-3686BF328AC0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34B956DC-AF86-496C-BCB9-3686BF328AC0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{E3F3B160-9DE2-4905-8528-FB14141E2ECF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{E3F3B160-9DE2-4905-8528-FB14141E2ECF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9DC6929C-8547-47E6-A67B-D2254297EA77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DC6929C-8547-47E6-A67B-D2254297EA77}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{51EB39E6-1BFE-4BE2-9040-989D5389BC32} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{51EB39E6-1BFE-4BE2-9040-989D5389BC32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{76B08F06-59A9-4F52-AB0C-616667C60B9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76B08F06-59A9-4F52-AB0C-616667C60B9C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6947.0{39641609-29F9-4309-B5DD-00C005D9FB84} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6947.0{39641609-29F9-4309-B5DD-00C005D9FB84}" => removed successfully
ask: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B09E479-5908-4FA0-A75D-2F3B967BD23F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B09E479-5908-4FA0-A75D-2F3B967BD23F}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{366F5195-F81B-4E00-AEE8-500793EC9ABB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{366F5195-F81B-4E00-AEE8-500793EC9ABB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A74A216-A52E-40B5-855B-45B55F8FAD53}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A74A216-A52E-40B5-855B-45B55F8FAD53}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2796A1D-176B-4254-8AE9-F2F63166D3E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2796A1D-176B-4254-8AE9-F2F63166D3E6}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\CrashCheck => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\CrashCheck" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9FDC11C1-536D-46A4-A4EA-5801B9F59D25}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FDC11C1-536D-46A4-A4EA-5801B9F59D25}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\DailyTip => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\DailyTip" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1942090B-B656-41CF-B51B-0E616C22AA0F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1942090B-B656-41CF-B51B-0E616C22AA0F}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\DiskCleaner1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\DiskCleaner1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F3CF16B5-67B9-49EB-A9FF-AC4EB9B72BCD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3CF16B5-67B9-49EB-A9FF-AC4EB9B72BCD}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\DiskCleaner2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\DiskCleaner2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7651CBF4-BD33-4E8E-8C64-105C5AB5DA45}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7651CBF4-BD33-4E8E-8C64-105C5AB5DA45}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\HomePage => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\HomePage" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7597F9C2-4CF0-402F-A99B-C9ECC7A247F2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7597F9C2-4CF0-402F-A99B-C9ECC7A247F2}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\MSExploit => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\MSExploit" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B8EC3DD-9D13-470F-B8CA-F545C7E65E72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B8EC3DD-9D13-470F-B8CA-F545C7E65E72}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\NewDeceptors => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\NewDeceptors" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{28202424-67AF-4762-AFE4-33E9A08EF03E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28202424-67AF-4762-AFE4-33E9A08EF03E}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\ScanResults => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\ScanResults" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F97FA40E-F08F-4D83-A840-9BC278D7E2A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F97FA40E-F08F-4D83-A840-9BC278D7E2A6}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\SecurityBreach => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\SecurityBreach" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8374EDB5-D0BA-443E-A5EB-F17A74C325D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8374EDB5-D0BA-443E-A5EB-F17A74C325D3}" => removed successfully
C:\WINDOWS\System32\Tasks\Outbyte\PC Repair\WeakPassword => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Outbyte\PC Repair\WeakPassword" => removed successfully
HKLM\System\CurrentControlSet\Services\aswArDisk => removed successfully
aswArDisk => service removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\bek69\AppData\Roaming\Microsoft\a03f15a4-e4c1-46a5-9ae6-e1700863d8af.tmp => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16014985 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 441289459 B
Windows/system/drivers => 30930161 B
Edge => 0 B
Chrome => 1136424564 B
Firefox => 1247593809 B
Opera => 179357 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 9538730 B
systemprofile32 => 9538730 B
LocalService => 9551102 B
NetworkService => 9551102 B
bek69 => 166959864 B
defaultuser100000 => 166969080 B
defaultuser100001 => 166978296 B
WsiAccount => 166978296 B
miska => 167881477 B

RecycleBin => 15538850141 B
EmptyTemp: => 18 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-02-2025 19:40:45)

C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Is moved successfully
C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 19:40:45 ====

#6 Příspěvek od **Rudy** » 01 úno 2025 20:24

Bylo smazáno. Nastala nějaká změna?

VIRY.CZ

Zpomalený ntb

Zpomalený ntb

Re: Zpomalený ntb

Re: Zpomalený ntb

Re: Zpomalený ntb

Re: Zpomalený ntb

Re: Zpomalený ntb