Zavirovaný laptop

[draace]

Zdravím, chtěla jsem se dívat na Velkou národní a nějaký idiot mě přesměroval na stream, který mě dokonale obalamutil. A to jsem si myslela, že se tohle mně stát nemůže. Moc děkuji za pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
Ran by frost (administrator) on LAPTOP-JBRVN3F9 (LENOVO 81BV) (05-04-2025 18:01:25)
Running from C:\Users\frost\Desktop\FRST64.exe
Loaded Profiles: frost
Platform: Microsoft Windows 11 Home Version 24H2 26100.3476 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxEM.exe
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <34>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_d372a4ea3b959b1c\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0a3294d3216a4a83\jhi_service.exe
(services.exe ->) (Intel(R) Online Connect -> Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(services.exe ->) (Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Windows\System32\ymc.exe
(services.exe ->) (McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2503.1198.0_x64__8wekyb3d8bbwe\WebViewHost.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25022.57.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\frost\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382824 2017-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LVA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [APP] => C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe [999216 2017-04-28] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [455976 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\frost\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [87577920 2025-04-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\frost\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\RunOnce: [Uninstall 25.041.0303.0002\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\frost\AppData\Local\Microsoft\OneDrive\25.041.0303.0002\i386" [0 2025-04-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\RunOnce: [Uninstall 25.041.0303.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\frost\AppData\Local\Microsoft\OneDrive\25.041.0303.0002" [0 2025-04-05] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\134.0.6998.179\Installer\chrmstp.exe [2025-04-01] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\133.0.29113.143\Installer\chrmstp.exe [2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3A3D7D64-C4FC-4EAD-8716-12388001445A} - System32\Tasks\App Explorer => C:\Users\frost\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [8875296 2024-09-10] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {02D34073-2B6B-445E-A5E9-5CA91594B646} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3738496 2025-03-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {F087988E-68A7-4270-8226-92C8D6F77C96} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3738496 2025-03-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {DBA12989-1E8C-4377-A53A-690D4733D2D0} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8594216 2025-03-27] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {6C657120-987A-45EA-B411-6641FAC7C2A2} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5293864 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {E9DA3383-7042-47E4-BE26-806062B7F3DF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {AC4DF60D-92DF-4943-9D3C-C931059614D3} - System32\Tasks\AvastBrowserProtectS-1-5-21-676903284-4003579358-1577344595-1001 => C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1690008 2025-03-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {DEA6CF81-4679-437F-A326-B89F2C06D8B3} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {FF76CE82-C918-43F2-B0F8-7A6BD8554F2D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {B55D48EE-FF0C-42B8-B107-367B942E363A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem136.0.7079.0{B4E143C0-A387-44B6-B611-56236E67E86B} => C:\Program Files (x86)\Google\GoogleUpdater\136.0.7079.0\updater.exe [7017568 2025-03-20] (Google LLC -> Google LLC)
Task: {D89693B1-FDC0-4F12-857C-36609FE73AC1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2017-06-20] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B9E7F88B-511D-44B3-B2C2-D80A9FF14C6F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2017-06-20] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {59FD38CD-EF77-4039-8187-952349736C85} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2017-06-20] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {AFD8C0B4-04C1-4FCC-9E26-69A000AD9105} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2250472 2017-06-20] (Intel(R) Client Connectivity Division SW -> Intel Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalServiceStart
Task: {F3DD2D20-09F9-4D83-8088-47FBD595A435} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\WINDOWS\system32\sc.exe [102400 2025-04-02] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\start ThunderboltService
Task: {AC4CDDBA-1F26-41B4-8A86-8F1B66F9303F} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-12-21] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {6ED0DF23-88DE-476A-BC47-87F8AE7A19FA} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-12-21] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {AF9C78DB-95C6-4917-A6DD-6D70B3792A9D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {429495E9-746C-4049-9718-9851DF71710B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {69E6AE1E-6DB5-4C41-9F3C-767DCE0C635E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [102400 2025-04-02] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {5F412E8D-D531-4B44-9C05-251CA6FB9E22} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [110592 2025-04-02] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {578BF0A6-A2CA-4AC2-9805-9D38F3269205} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6425d98b-f694-4833-9a56-8d5dcf02b50b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {4F39C8CA-4021-424C-80F1-3283D4D45E78} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\86220c72-8401-4910-9107-5886ebd4f315 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {C24469BF-D201-427D-A775-B56C1275C6FD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\98ceae96-9e43-4a56-90d2-2ffe6dca103d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {7B3A1229-523F-487C-8B93-FF301B93D474} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ada41752-eb7f-4561-a1d8-43862d9a570b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {53BC1918-C778-4970-BFB8-816C24C530D9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\df35f897-a8a4-4e06-baf7-955c7cd42727 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {28D78A84-A7B8-4195-8223-E7F3BCEE8661} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223864 2025-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC5AB87A-F1A0-4920-8836-7C586DD017E6} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223864 2025-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {198BB6B0-3B61-4FFA-A224-36D25B831F05} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C869DD1-706A-40F1-A2C0-27C51E268D2B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {82AF27C4-70C9-474C-A91B-70208CDFFA64} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223864 2025-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3A34BD0-5A75-4253-A7EF-8AADFF7D52AF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223864 2025-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {02E0A684-EC74-4AC9-93EF-B6D0D65313C5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [72896 2025-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {4338904F-BDAC-42F4-8987-0F4DB50CA6D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {5C505926-3C79-4785-9101-E5C723A4CDBA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (No File)
Task: {4CC9745D-D891-463A-8BA4-E9918C6BA000} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {F4E19356-FC93-4526-AB87-38E029F6F218} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {40581C0F-CE77-437A-81AE-DB398578C3F6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {04099E9D-B7C5-4F64-9F2D-8D5E7D4E2B59} - System32\Tasks\OneDrive Startup Task-S-1-5-21-676903284-4003579358-1577344595-1001 => C:\Users\frost\AppData\Local\Microsoft\OneDrive\25.046.0310.0005\OneDriveLauncher.exe [673600 2025-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D836A0FE-3D60-49C9-A942-7A7E2E2E077F} - System32\Tasks\Zoner.Updater.S-1-5-21-676903284-4003579358-1577344595-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\updater.exe [1609528 2025-03-31] (ZONER a.s. -> ZONER a.s.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{5ffd5bc0-2f2f-4708-ad6d-d8a46880aa8c}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{5ffd5bc0-2f2f-4708-ad6d-d8a46880aa8c}: [DhcpDomain] home
Tcpip\..\Interfaces\{a901f015-c0a9-4d74-9596-b724b4efe3a5}: [DhcpNameServer] 150.206.1.2

Edge:
=======
Edge DefaultProfile: Profile 2
Edge Profile: C:\Users\frost\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2025-04-04]
Edge Extension: (Dokumenty Google offline) - C:\Users\frost\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\frost\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-12]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-07-07]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\frost\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-13]
CHR Profile: C:\Users\frost\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-05]
CHR Notifications: Profile 1 -> hxxps://cvokdum071bc739l60gg.steadychainconnection.co.in; hxxps://cvoke7m071bc739l6f90.steadychainconnection.co.in; hxxps://mf3vnxzxfvqna3.steadychainconnection.co.in; hxxps://teams.microsoft.com; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR StartupUrls: Profile 1 -> "hxxps://www.facebook.com/","hxxp://email.cz/"," ... ge-creator"
CHR Extension: (Sloučit PDF online) - C:\Users\frost\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ehbfcoenegfhpnnmkoaimmmlhikfccli [2025-03-31]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (McAfee® WebAdvisor) - C:\Users\frost\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-03-31]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\frost\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-31]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (EPUBReader) - C:\Users\frost\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2025-04-01]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\frost\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-13]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\frost\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0200431743757269mcinstcleanup; C:\ProgramData\McInstTemp0200431743757269\mcinst.exe [941448 2019-08-14] (McAfee, LLC. -> McAfee, LLC.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7500072 2025-04-05] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [807208 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2478376 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [859432 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\133.0.29113.143\elevation_service.exe [2207056 2025-03-23] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2025-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13768912 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX API Service; C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe [212784 2017-04-28] (Dolby Laboratories, Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [575216 2017-05-10] (Intel(R) Online Connect -> Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [306928 2017-05-10] (Intel(R) Online Connect -> Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-12-21] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [395000 2017-04-28] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-07-15] (McAfee, LLC -> McAfee, Inc.)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25020.1009-0\MpDefenderCoreService.exe [1968320 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25020.1009-0\NisSrv.exe [4464024 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25020.1009-0\MsMpEng.exe [270040 2025-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 YMC; C:\WINDOWS\System32\ymc.exe [66384 2017-06-18] (LENOVO -> Lenovo)
S3 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S3 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20536 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [248376 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [393296 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296528 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84560 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2025-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [37944 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [282680 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553528 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [98872 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69688 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [942672 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1427512 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [207440 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [391760 2025-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278960 2025-04-01] (Microsoft Windows -> Microsoft Corporation)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [50776 2017-03-06] (Intel(R) Online Connect Access -> Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20016 2025-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [601520 2025-04-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-01] (Microsoft Windows -> Microsoft Corporation)
R0 WinSetupMon; C:\WINDOWS\System32\DRIVERS\WinSetupMon.sys [169440 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
S0 cfwids; system32\drivers\cfwids.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfeplk; system32\drivers\mfeplk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-05 18:01 - 2025-04-05 18:01 - 000032409 _____ C:\Users\frost\Desktop\FRST.txt
2025-04-05 18:01 - 2025-04-05 18:01 - 000000000 ____D C:\FRST
2025-04-05 17:59 - 2025-04-05 17:59 - 002097152 _____ (Farbar) C:\Users\frost\Downloads\FRST (1).exe
2025-04-05 17:56 - 2025-04-05 17:56 - 002404864 _____ (Farbar) C:\Users\frost\Downloads\FRST64 (8).exe
2025-04-05 17:56 - 2025-04-05 17:56 - 002404864 _____ (Farbar) C:\Users\frost\Downloads\FRST64 (7).exe
2025-04-05 17:56 - 2025-04-05 17:56 - 002404864 _____ (Farbar) C:\Users\frost\Downloads\FRST64 (6).exe
2025-04-05 17:56 - 2025-04-05 17:56 - 002404864 _____ (Farbar) C:\Users\frost\Downloads\FRST64 (5).exe
2025-04-05 17:56 - 2025-04-05 17:56 - 002404864 _____ (Farbar) C:\Users\frost\Downloads\FRST64 (4).exe
2025-04-05 17:56 - 2025-04-05 17:56 - 002404864 _____ (Farbar) C:\Users\frost\Downloads\FRST64 (3).exe
2025-04-05 17:56 - 2025-04-05 17:56 - 002404864 _____ (Farbar) C:\Users\frost\Downloads\FRST64 (2).exe
2025-04-05 17:55 - 2025-04-05 17:55 - 002404864 _____ (Farbar) C:\Users\frost\Downloads\FRST64 (1).exe
2025-04-05 17:55 - 2025-04-05 17:55 - 002097152 _____ (Farbar) C:\Users\frost\Downloads\FRST.exe
2025-04-05 17:54 - 2025-04-05 17:54 - 002404864 _____ (Farbar) C:\Users\frost\Desktop\FRST64.exe
2025-04-05 17:38 - 2025-04-05 17:38 - 000002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2025-04-05 17:38 - 2025-04-05 17:38 - 000002488 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2025-04-05 17:38 - 2025-04-05 17:38 - 000000000 ____D C:\Users\frost\AppData\Roaming\Avast Software
2025-04-05 17:33 - 2025-04-05 17:38 - 000000000 ____D C:\Users\frost\AppData\Local\AVAST Software
2025-04-05 17:33 - 2025-04-05 17:33 - 000003844 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2025-04-05 17:33 - 2025-04-05 17:33 - 000003810 _____ C:\WINDOWS\system32\Tasks\AvastBrowserProtectS-1-5-21-676903284-4003579358-1577344595-1001
2025-04-05 17:33 - 2025-04-05 17:33 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2025-04-05 17:33 - 2025-04-05 17:33 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2025-04-05 17:33 - 2025-04-05 17:33 - 000003260 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2025-04-05 17:33 - 2025-04-05 17:33 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2025-04-05 17:32 - 2025-04-05 17:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-04-05 17:32 - 2025-04-05 17:33 - 000000000 ____D C:\Program Files\Avast Software
2025-04-05 17:32 - 2025-04-05 17:32 - 000316200 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-04-05 17:32 - 2025-04-05 17:32 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2025-04-05 17:32 - 2025-04-05 17:32 - 000002197 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2025-04-05 17:32 - 2025-04-05 17:32 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2025-04-05 17:32 - 2025-04-05 17:31 - 000055064 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-04-05 17:31 - 2025-04-05 17:32 - 000000000 ____D C:\ProgramData\Avast Software
2025-04-05 17:31 - 2025-04-05 17:31 - 000249072 _____ (Gen Digital Inc.) C:\Users\frost\Downloads\online_instalační_soubor_aplikace_avast_free_antivirus (3).exe
2025-04-05 17:31 - 2025-04-05 17:31 - 000249072 _____ (Gen Digital Inc.) C:\Users\frost\Downloads\online_instalační_soubor_aplikace_avast_free_antivirus (2).exe
2025-04-05 17:31 - 2025-04-05 17:31 - 000249072 _____ (Gen Digital Inc.) C:\Users\frost\Downloads\online_instalační_soubor_aplikace_avast_free_antivirus (1).exe
2025-04-05 17:30 - 2025-04-05 17:30 - 000249072 _____ (Gen Digital Inc.) C:\Users\frost\Downloads\online_instalační_soubor_aplikace_avast_free_antivirus.exe
2025-04-04 11:01 - 2025-04-04 11:01 - 000000000 ____D C:\ProgramData\McInstTemp0200431743757269
2025-04-04 10:17 - 2025-04-04 10:17 - 000714490 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-04 10:17 - 2025-04-04 10:17 - 000153652 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-03 09:38 - 2025-04-04 10:17 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-03 09:35 - 2025-04-03 09:35 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2025-04-03 09:33 - 2025-04-03 09:33 - 000000020 ___SH C:\Users\frost\ntuser.ini
2025-04-03 01:12 - 2025-04-03 09:33 - 000000000 ____D C:\Windows.old
2025-04-03 01:09 - 2025-04-03 01:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2025-04-03 01:08 - 2025-04-03 01:09 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2025-04-03 01:08 - 2025-04-03 01:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2025-04-03 01:06 - 2025-04-03 01:06 - 000000000 ____D C:\WINDOWS\Windows.SystemToast.PresenceSensing.OnlookerDetection
2025-04-03 01:06 - 2025-04-03 01:06 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-03 01:04 - 2025-04-03 01:04 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-04-03 01:04 - 2025-04-03 01:04 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-04-03 01:04 - 2025-04-03 01:04 - 000005264 _____ C:\WINDOWS\system32\ecoscore_config.json
2025-04-03 01:04 - 2025-04-03 01:04 - 000000998 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2025-04-03 01:03 - 2025-04-03 01:03 - 000027617 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-03 01:03 - 2025-04-03 01:03 - 000027617 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-04-03 01:00 - 2025-04-03 01:00 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2025-04-03 01:00 - 2025-04-03 01:00 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2025-04-03 01:00 - 2025-04-03 01:00 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2025-04-03 01:00 - 2025-04-03 01:00 - 000000000 ____D C:\WINDOWS\addins
2025-04-03 01:00 - 2025-04-03 01:00 - 000000000 ____D C:\Program Files\Reference Assemblies
2025-04-03 01:00 - 2025-04-03 01:00 - 000000000 ____D C:\Program Files\MSBuild
2025-04-03 01:00 - 2025-04-03 01:00 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2025-04-03 01:00 - 2025-04-03 01:00 - 000000000 ____D C:\Program Files (x86)\MSBuild
2025-04-03 00:57 - 2025-04-03 01:10 - 000000000 ____D C:\WINDOWS\system32\Intel
2025-04-03 00:57 - 2025-04-03 00:57 - 000000000 ____D C:\WINDOWS\system32\cAVS
2025-04-03 00:57 - 2025-04-03 00:57 - 000000000 ____D C:\WINDOWS\Lenovo
2025-04-03 00:18 - 2025-04-05 10:06 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-676903284-4003579358-1577344595-1001
2025-04-03 00:18 - 2025-04-05 10:06 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-676903284-4003579358-1577344595-1001
2025-04-03 00:18 - 2025-04-05 10:06 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-676903284-4003579358-1577344595-1001
2025-04-03 00:18 - 2025-04-05 10:00 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-03 00:18 - 2025-04-05 10:00 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-03 00:18 - 2025-04-04 11:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2025-04-03 00:18 - 2025-04-04 10:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-03 00:18 - 2025-04-03 00:18 - 000003162 _____ C:\WINDOWS\system32\Tasks\Zoner.Updater.S-1-5-21-676903284-4003579358-1577344595-1001
2025-04-03 00:18 - 2025-04-03 00:18 - 000003074 _____ C:\WINDOWS\system32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
2025-04-03 00:18 - 2025-04-03 00:18 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2025-04-03 00:18 - 2025-04-03 00:18 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-676903284-4003579358-1577344595-500
2025-04-03 00:18 - 2025-04-03 00:18 - 000002708 _____ C:\WINDOWS\system32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
2025-04-03 00:18 - 2025-04-03 00:18 - 000002408 _____ C:\WINDOWS\system32\Tasks\App Explorer
2025-04-03 00:18 - 2025-04-03 00:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2025-04-03 00:18 - 2025-04-03 00:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2025-04-03 00:18 - 2025-04-03 00:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2025-04-03 00:18 - 2025-04-03 00:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2025-04-03 00:18 - 2020-09-27 09:59 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1523831307-1528709374-2172491333-500
2025-04-03 00:17 - 2025-04-03 00:17 - 000000000 ____D C:\Users\frost\AppData\Roaming\Microsoft\SystemCertificates
2025-04-03 00:17 - 2025-04-03 00:17 - 000000000 ____D C:\Users\frost\AppData\Roaming\Microsoft\Network
2025-04-03 00:17 - 2025-04-03 00:17 - 000000000 ____D C:\Users\frost\AppData\Roaming\Microsoft\Crypto
2025-04-03 00:17 - 2025-04-03 00:17 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2025-04-03 00:16 - 2025-04-04 10:13 - 000000438 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-03 00:14 - 2025-04-03 09:33 - 000000000 ____D C:\Users\frost
2025-04-03 00:14 - 2025-04-03 00:17 - 000000000 ____D C:\Users\frost\AppData\Roaming\Microsoft\Windows
2025-04-03 00:14 - 2025-04-03 00:15 - 000000000 ____D C:\Users\frost\AppData\Roaming\Microsoft\Spelling
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Šablony
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Soubory cookie
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Poslední
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Okolní tiskárny
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Okolní síť
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Nabídka Start
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Dokumenty
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Documents\Obrázky
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Documents\Hudba
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Documents\Filmy
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\Data aplikací
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-04-03 00:14 - 2025-04-03 00:14 - 000000000 _SHDL C:\Users\frost\AppData\Local\Data aplikací
2025-04-03 00:13 - 2025-04-03 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2025-04-03 00:13 - 2025-04-03 00:13 - 000000000 ____D C:\Program Files\Dolby
2025-04-03 00:13 - 2025-04-03 00:13 - 000000000 ____D C:\Program Files\Common Files\Dolby
2025-04-03 00:12 - 2025-04-05 15:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-03 00:12 - 2025-04-03 00:12 - 000473360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-02 12:12 - 2025-04-02 23:31 - 000006464 _____ C:\Users\frost\Downloads\Jenny a Pandora po letech.odt
2025-04-01 22:03 - 2025-04-01 22:03 - 000000000 ____D C:\Users\frost\Desktop\Nová složka
2025-04-01 21:50 - 2025-04-01 21:50 - 003470031 _____ C:\Users\frost\Downloads\Dvur_kridel_a_zmaru (2).epub
2025-04-01 21:50 - 2025-04-01 21:50 - 003470031 _____ C:\Users\frost\Downloads\Dvur_kridel_a_zmaru (1).epub
2025-04-01 21:48 - 2025-04-01 21:48 - 003470031 _____ C:\Users\frost\Downloads\Dvur_kridel_a_zmaru.epub
2025-04-01 03:38 - 2025-04-05 09:59 - 000000000 ___DC C:\WINDOWS\Panther

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-05 17:38 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-05 17:37 - 2019-02-12 20:47 - 000000000 ____D C:\Users\frost\AppData\Roaming\Microsoft\Word
2025-04-05 17:36 - 2019-01-01 22:39 - 000000000 ____D C:\Users\frost\AppData\Local\Packages
2025-04-05 17:35 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-05 17:35 - 2021-10-09 22:58 - 000000000 ____D C:\Users\frost\AppData\Local\D3DSCache
2025-04-05 17:32 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-04-05 15:39 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-05 15:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-05 15:38 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-05 10:06 - 2023-07-04 13:03 - 000002384 _____ C:\Users\frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-05 10:06 - 2020-09-27 09:53 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-05 10:06 - 2020-09-27 09:53 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-04-05 10:06 - 2019-01-01 22:41 - 000000000 ___RD C:\Users\frost\OneDrive
2025-04-05 10:02 - 2019-01-01 22:36 - 000000000 ____D C:\Users\frost\AppData\Local\Host App Service
2025-04-05 09:59 - 2019-01-01 22:39 - 000000000 __SHD C:\Users\frost\IntelGraphicsProfiles
2025-04-04 11:34 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-04 11:08 - 2024-04-01 09:21 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2025-04-04 11:08 - 2017-10-22 01:20 - 000000000 ____D C:\ProgramData\McAfee
2025-04-04 11:02 - 2019-04-04 19:28 - 000000000 ____D C:\Program Files\McAfeeDashboard
2025-04-04 11:01 - 2017-10-22 01:20 - 000000000 ____D C:\Program Files\Common Files\mcafee
2025-04-04 10:43 - 2020-09-27 09:55 - 000000000 ____D C:\ProgramData\Packages
2025-04-04 10:13 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-04 10:13 - 2020-09-27 07:50 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-03 23:56 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-03 12:03 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\appcompat
2025-04-03 09:48 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-04-03 09:34 - 2020-05-12 10:57 - 000000000 ____D C:\Users\frost\AppData\Local\PlaceholderTileLogoFolder
2025-04-03 09:33 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Windows NT
2025-04-03 09:33 - 2020-09-27 09:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-04-03 01:12 - 2024-04-01 09:29 - 000000000 ____D C:\WINDOWS\Setup
2025-04-03 01:12 - 2024-04-01 09:26 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2025-04-03 01:12 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2025-04-03 01:12 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\spool
2025-04-03 01:12 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-03 01:12 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-03 01:12 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-04-03 01:12 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-04-03 01:12 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\IME
2025-04-03 01:12 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-04-03 01:12 - 2022-05-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2025-04-03 01:12 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2025-04-03 01:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2025-04-03 01:12 - 2021-10-08 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2025-04-03 01:12 - 2020-02-17 04:06 - 000000000 ____D C:\WINDOWS\system32\%ProgramData%
2025-04-03 01:12 - 2019-07-09 01:40 - 000000000 ____D C:\Program Files\UNP
2025-04-03 01:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2025-04-03 01:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2025-04-03 01:12 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2025-04-03 01:12 - 2017-10-22 01:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software
2025-04-03 01:12 - 2017-10-22 01:13 - 000000000 ____D C:\Program Files\Intel
2025-04-03 01:11 - 2024-04-01 09:26 - 000000000 __RHD C:\Users\Public\Libraries
2025-04-03 01:10 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-03 01:10 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\schemas
2025-04-03 01:10 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Resources
2025-04-03 01:10 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Help
2025-04-03 01:10 - 2023-04-23 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2025-04-03 01:10 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2025-04-03 01:10 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2025-04-03 01:10 - 2017-10-22 01:17 - 000000000 ____D C:\Program Files\Realtek
2025-04-03 01:06 - 2024-04-01 18:31 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2025-04-03 01:06 - 2024-04-01 18:31 - 000028898 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2025-04-03 01:06 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-04-03 01:06 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-04-03 01:06 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-03 01:06 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-03 01:06 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2025-04-03 01:06 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\WUModels
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Com
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-03 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-03 01:06 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-03 01:04 - 2024-04-01 09:22 - 000063064 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcLpioDMA.dll
2025-04-03 01:04 - 2024-04-01 09:22 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcPseDMA.dll
2025-04-03 01:04 - 2024-04-01 09:22 - 000062944 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtPL080.dll
2025-04-03 01:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\OCR
2025-04-03 01:00 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2025-04-03 01:00 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2025-04-03 00:59 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2025-04-03 00:59 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2025-04-03 00:59 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2025-04-03 00:59 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2025-04-03 00:59 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\system32\winrm
2025-04-03 00:59 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\system32\WCN
2025-04-03 00:59 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\system32\slmgr
2025-04-03 00:59 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2025-04-03 00:59 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2025-04-03 00:18 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-04-03 00:17 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Registration
2025-04-03 00:16 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-03 00:16 - 2019-02-05 20:47 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2025-04-03 00:15 - 2019-01-01 22:43 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-03 00:15 - 2019-01-01 22:43 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-04-03 00:14 - 2024-04-01 09:26 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2025-04-03 00:14 - 2017-10-22 01:15 - 000000000 ___HD C:\Intel
2025-04-03 00:13 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-03 00:13 - 2017-10-22 01:17 - 000312687 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2025-04-03 00:13 - 2017-10-22 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2025-04-03 00:13 - 2017-10-22 01:17 - 000000000 ____D C:\WINDOWS\system32\DAX3
2025-04-03 00:13 - 2017-10-22 01:17 - 000000000 ____D C:\WINDOWS\system32\DAX2
2025-04-03 00:13 - 2017-10-22 01:15 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2025-04-03 00:12 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2025-04-01 21:42 - 2019-02-12 20:47 - 000000000 ____D C:\Users\frost\AppData\Roaming\Microsoft\Office
2025-04-01 03:33 - 2020-09-27 09:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-03-31 21:22 - 2020-09-27 15:21 - 000000000 ____D C:\ProgramData\Zoner
2025-03-31 15:23 - 2020-09-27 15:22 - 000001566 _____ C:\Users\frost\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2025-03-31 15:14 - 2019-01-30 22:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-03-31 15:13 - 2019-01-30 22:17 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-03-31 13:48 - 2017-10-22 00:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[draace]

# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-05-2025
# Duration: 00:00:00
# OS: Windows 11 (Build 26100.3476)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2997 octets] - [05/04/2025 18:58:39]
AdwCleaner[S01].txt - [3058 octets] - [05/04/2025 19:00:52]
AdwCleaner[S02].txt - [3119 octets] - [05/04/2025 19:01:56]
AdwCleaner[C02].txt - [2307 octets] - [05/04/2025 19:02:21]
AdwCleaner[S03].txt - [2480 octets] - [05/04/2025 19:05:08]
AdwCleaner[S04].txt - [1727 octets] - [05/04/2025 19:05:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

[Rudy]

Toto je OK. přidejte ještě log Addition (v souboru C:\Users\frost\Desktop\addition.txt) a dočistíme ručně.

[draace]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by frost (05-04-2025 18:03:22)
Running from C:\Users\frost\Desktop
Microsoft Windows 11 Home Version 24H2 26100.3476 (X64) (2025-04-03 07:33:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-676903284-4003579358-1577344595-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-676903284-4003579358-1577344595-503 - Limited - Disabled)
frost (S-1-5-21-676903284-4003579358-1577344595-1001 - Administrator - Enabled) => C:\Users\frost
Guest (S-1-5-21-676903284-4003579358-1577344595-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-676903284-4003579358-1577344595-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Apowersoft Video Konvertor V4.8.8.0 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.8.8.0 - APOWERSOFT LIMITED)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 25.3.9983.2649 - Gen Digital Inc.)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 133.0.29113.143 - Gen Digital Inc.)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
Dolby Atmos Windows API SDK (HKLM\...\{1F4A261B-588C-4A43-B1F0-49365AC430C7}) (Version: 1.1.3.23 - Dolby Laboratories, Inc.)
Dolby Atmos Windows APP (HKLM\...\{3CCE82BF-69CF-4172-8AFE-1DACB991A62B}) (Version: 1.1.3.21 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.179 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{27FC885E-2456-434E-ACE8-46569962CB04}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{ACCD589F-4082-473C-B5A6-2E0022D0DE61}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{15998D77-1F78-43EE-96D4-1067ECAA2412}) (Version: 3.5.2247 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client (HKLM\...\{F6AA7E43-41A4-4304-BA96-A495C5788231}) (Version: 1.45.447.1 - Intel Corporation) Hidden
Intel® Online Connect (HKLM\...\{F2C6DC12-3AF5-4412-9BB9-88406D5A7435}) (Version: 1.2.32.0 - Intel Corporation) Hidden
Intel® Online Connect (HKLM-x32\...\{04e7a7c6-e044-4581-bf78-150d6e97013d}) (Version: 1.2.32.0 - Intel Corporation)
Intel® Online Connect Access (HKLM\...\{A137A8E8-4BD4-4AE3-BD1C-19368FB25F00}) (Version: 1.9.22.0 - Intel) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo App Explorer (HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\Host App Service) (Version: 0.273.4.897 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.1.17.2 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
LibreOffice 6.2 Help Pack (Czech) (HKLM\...\{657865DF-740C-4855-B54F-12E57AC376F9}) (Version: 6.2.0.3 - The Document Foundation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.75 - McAfee, Inc.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18526.20168 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.93 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.18526.20168 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\OneDriveSetup.exe) (Version: 25.046.0310.0005 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.25702 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B00A8074-C8C0-48C9-B872-8CDC0ABEA33C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{BA5D4378-D3B5-4D4A-BFB8-ABFBAF483465}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 (HKLM\...\{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 (HKLM\...\{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18526.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18526.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18526.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13929.20372 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Thunderbolt™ Software (HKLM-x32\...\{549D4B45-A0D2-4C11-91E1-9DCF17DAA3D6}) (Version: 17.1.64.250 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B652B695-C849-4EF2-B09A-72771C7AD2BA}) (Version: 2.71.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Zoner Photo Studio X CS (HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\ZPS X) (Version: 19.2409.2.610 - ZONER a.s.)

Packages:
=========
Adobe Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeCreativeCloudExpress_2.1.1.0_neutral__ynb6jyjzte8ga [2024-10-13] (Adobe Inc.)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-09] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.26.3000.0_x64__rz1tebttyb220 [2025-03-31] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2025-03-31] (Fitbit)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-03-31] (LENOVO INC.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2025-03-31] (LENOVO INCORPORATED.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-10-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-10-09] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2503.28002.0_x64__8wekyb3d8bbwe [2025-04-04] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-10-08] (Microsoft Corp.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-31] (Microsoft Corporation)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2025-03-31] (Plex)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2022-10-10] (LENOVO INCORPORATED.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm [2025-03-31] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-03-31] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.424.1611.0_x64__8wekyb3d8bbwe [2025-03-31] (Microsoft Corp.)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2025-03-31] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-676903284-4003579358-1577344595-1001_Classes\CLSID\{DF1F7848-595D-4570-8E7C-35F77861C552}\InprocServer32 -> C:\Users\frost\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\ZpsThumbnailHandler.dll (ZONER a.s. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxDTCM.dll [2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-05] (Avast Software s.r.o. -> Gen Digital Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\frost\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-676903284-4003579358-1577344595-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-12-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-01-07] () [File not signed]
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-01-07] () [File not signed]
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-05-09 10:34 - 2021-05-09 10:39 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\frost\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\witch king 01 tapeta1.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Intel(R) Dual Band Wireless-AC 8265 -> Netwtw06.sys

nt_ndisrd: Intel(R) Technology Access Filter Driver

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E4B620E4-C313-4F24-AB4A-791D2C463A19}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A686038A-EDDE-445D-A08F-B93ECF1128B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{08873481-B94C-4015-BA08-692063F63F0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EC459A1-7EAC-44B1-9B4F-92B154249EE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{91F0A9A3-C52A-4E95-8EEA-5293D8C4EBEF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC149173-8ED5-4107-8BE2-53CD9DBA071A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.93\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B7F0F188-7CD8-4DBD-A3BE-6EB61E776F18}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFC24A68-66CA-4E47-83DB-A96BB8D78332}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B286D804-0539-4AC7-AA01-CA28C6B79FEF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B09AAB1F-A67B-4F83-B216-42507B693942}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3102.3183.2670_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35CD1734-AD4B-41B0-92CE-CF9AE644125A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3102.3183.2670_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9700197B-75F4-44F3-B9A7-EFEDA6E951C7}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CF577BD6-DB93-4401-89EC-DC3FB931ED5C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{F08531D7-3DEB-4CAE-9B2C-0C1F33944F49}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{315E55C2-71F4-443A-964E-5B4294A155D1}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{4F52F4E1-C800-468B-8EEF-5DA254C5E5A9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{88801D8D-73B2-4727-8413-79BAF711093B}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5E851ABB-6237-45A6-B463-6F8993666162}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{38AF3FF7-643F-4CA4-BEF7-9825D664106C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4A2C14DA-ECFE-4929-A103-B26AF0494A0C}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{487FB03A-7033-4046-A6CE-152C4732D473}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87787005-AFD2-4103-A354-9EF7428B2C00}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{EA6DB0AA-EF4F-4428-A044-D71A36B59D93}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{B4EADD0C-BA70-45F4-BF19-098B268B9EFC}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> Gen Digital Inc.)

==================== Restore Points =========================

03-04-2025 11:36:37 Windows Update

==================== Faulty Device Manager Devices ============
Name: Synaptics WBDI - SGX
Description: Synaptics WBDI - SGX
Class Guid: {53d29ef7-377c-4d14-864b-eb3a85769359}
Manufacturer: Synaptics Incorporated
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/04/2025 10:14:04 AM) (Source: IOCAgent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/03/2025 11:55:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (04/03/2025 11:55:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/03/2025 11:55:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (04/03/2025 11:55:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (04/03/2025 11:55:37 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: ymc.exe, verze: 2.0.0.9, časové razítko: 0x585cbd99
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.26100.3470, časové razítko: 0xcdfc8fa1
Kód výjimky: 0xe0434352
Posun chyby: 0x00000000000cab6a
ID chybujícího procesu: 0x12ec
Čas spuštění chybující aplikace: 0x1dba46aaf1fc949
Cesta k chybující aplikaci: C:\WINDOWS\System32\ymc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID sestavy: fef047d8-8a07-420f-8521-cca18cccd3c4
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (04/03/2025 09:33:50 AM) (Source: IOCAgent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/03/2025 12:18:47 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]


System errors:
=============
Error: (04/05/2025 05:35:04 PM) (Source: IntcOED) (EventID: 528) (User: )
Description: Event-ID 528

Error: (04/05/2025 05:26:21 PM) (Source: IntcOED) (EventID: 528) (User: )
Description: Event-ID 528

Error: (04/05/2025 03:39:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRD29V9-MICROSOFT.MICROSOFTOFFICEHUB.

Error: (04/05/2025 09:59:43 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter, {b452f19f-b52e-43b6-95f2-c67842ffca44}, došlo k události 74.

Error: (04/04/2025 12:08:18 PM) (Source: IntcOED) (EventID: 528) (User: )
Description: Event-ID 528

Error: (04/04/2025 10:15:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/04/2025 10:15:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (04/03/2025 11:56:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba RasMan závisí na službě SstpSvc, která neuspěla při spuštění v důsledku následující chyby:
Operace byla dokončena úspěšně.


Windows Defender:
================
Date: 2025-04-05 11:07:44
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-04 11:34:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2025-04-05 17:32:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2025-04-05 11:23:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25020.1009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2025-04-04 10:44:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2025-04-04 10:25:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 6MCN30WW 10/25/2018
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 72%
Total physical RAM: 8034.72 MB
Available physical RAM: 2226.91 MB
Total Virtual: 8923.23 MB
Available Virtual: 2107.19 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:87.08 GB) (Model: SAMSUNG MZVLW256HEHP-000L2) (Protected) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.53 GB) (Model: SAMSUNG MZVLW256HEHP-000L2) (Protected) NTFS

\\?\Volume{3aeb939c-72b1-45ef-92f3-faba0f0923f0}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.25 GB) NTFS
\\?\Volume{7fcdb382-ba78-4e0b-8cb1-3579eda77ad7}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 5579FC36)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{F08531D7-3DEB-4CAE-9B2C-0C1F33944F49}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\RunOnce: [Uninstall 25.041.0303.0002\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\frost\AppData\Local\Microsoft\OneDrive\25.041.0303.0002\i386" [0 2025-04-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\RunOnce: [Uninstall 25.041.0303.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\frost\AppData\Local\Microsoft\OneDrive\25.041.0303.0002" [0 2025-04-05] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3A3D7D64-C4FC-4EAD-8716-12388001445A} - System32\Tasks\App Explorer => C:\Users\frost\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [8875296 2024-09-10] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {AF9C78DB-95C6-4917-A6DD-6D70B3792A9D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {4338904F-BDAC-42F4-8987-0F4DB50CA6D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {5C505926-3C79-4785-9101-E5C723A4CDBA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (No File)
Task: {4CC9745D-D891-463A-8BA4-E9918C6BA000} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {F4E19356-FC93-4526-AB87-38E029F6F218} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {40581C0F-CE77-437A-81AE-DB398578C3F6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\ProgramData\McInstTemp0200431743757269
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[draace]

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by frost (05-04-2025 22:52:11) Run:1
Running from C:\Users\frost\Desktop
Loaded Profiles: frost
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{F08531D7-3DEB-4CAE-9B2C-0C1F33944F49}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\RunOnce: [Uninstall 25.041.0303.0002\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\frost\AppData\Local\Microsoft\OneDrive\25.041.0303.0002\i386" [0 2025-04-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-676903284-4003579358-1577344595-1001\...\RunOnce: [Uninstall 25.041.0303.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\frost\AppData\Local\Microsoft\OneDrive\25.041.0303.0002" [0 2025-04-05] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3A3D7D64-C4FC-4EAD-8716-12388001445A} - System32\Tasks\App Explorer => C:\Users\frost\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [8875296 2024-09-10] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {AF9C78DB-95C6-4917-A6DD-6D70B3792A9D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {4338904F-BDAC-42F4-8987-0F4DB50CA6D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {5C505926-3C79-4785-9101-E5C723A4CDBA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (No File)
Task: {4CC9745D-D891-463A-8BA4-E9918C6BA000} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {F4E19356-FC93-4526-AB87-38E029F6F218} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {40581C0F-CE77-437A-81AE-DB398578C3F6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\ProgramData\McInstTemp0200431743757269
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F08531D7-3DEB-4CAE-9B2C-0C1F33944F49}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-676903284-4003579358-1577344595-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 25.041.0303.0002\i386" => not found
"HKU\S-1-5-21-676903284-4003579358-1577344595-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 25.041.0303.0002" => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3A3D7D64-C4FC-4EAD-8716-12388001445A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A3D7D64-C4FC-4EAD-8716-12388001445A}" => not found
"C:\WINDOWS\System32\Tasks\App Explorer" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF9C78DB-95C6-4917-A6DD-6D70B3792A9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF9C78DB-95C6-4917-A6DD-6D70B3792A9D}" => removed successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4338904F-BDAC-42F4-8987-0F4DB50CA6D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4338904F-BDAC-42F4-8987-0F4DB50CA6D4}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C505926-3C79-4785-9101-E5C723A4CDBA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C505926-3C79-4785-9101-E5C723A4CDBA}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CC9745D-D891-463A-8BA4-E9918C6BA000}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CC9745D-D891-463A-8BA4-E9918C6BA000}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4E19356-FC93-4526-AB87-38E029F6F218}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4E19356-FC93-4526-AB87-38E029F6F218}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40581C0F-CE77-437A-81AE-DB398578C3F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40581C0F-CE77-437A-81AE-DB398578C3F6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully

"C:\ProgramData\McInstTemp0200431743757269" Folder move:

C:\ProgramData\McInstTemp0200431743757269 => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8435929 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 13184559 B
Edge => 0 B
Chrome => 304638816 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 424319 B
systemprofile32 => 424319 B
LocalService => 441519 B
NetworkService => 442691 B
frost => 206644830 B

RecycleBin => 4194304 B
EmptyTemp: => 515.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-04-2025 22:53:43)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 22:53:43 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[draace]

Dobré poledne,

vypadá to ok. Já jsem včera musela vypnout vyskakovací okna, protože jinak nebylo možné cokoliv na PC udělat, ale v nastavení oken to vypadá taky cajk, tak snad dobrý. Kdyby něco, hned hodím echo.

Včera jsem poslala kilčo a moc děkuju za víkendové vytrhnutí trnu z paty. <3

[Rudy]

Samozřejmě můžete kdykoliv. Za příspěvek děkujeme a vy nemáte zač!