Zdravím, sestra mi přinesla svůj velmi zasekaný notebook a snažím se ho vyčistit, prosím o kontrolu logu. Moc díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2023
Ran by lenny (administrator) on LAPTOP-RMV2J42J (HP HP Laptop 15-bw0xx) (26-06-2023 01:36:51)
Running from C:\Users\lenny\Downloads\FRST64.exe
Loaded Profiles: lenny
Platform: Microsoft Windows 10 Home Version 22H2 19045.3086 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <32>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707768 2022-03-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [589840 2022-07-13] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [3738160 2022-06-29] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [Microsoft Edge Update] => C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\MicrosoftEdgeUpdateCore.exe [263640 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\lenny\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [1996656 2023-03-14] (ZONER a.s. -> ZONER a.s.)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [MicrosoftEdgeAutoLaunch_A63E3E2289A4932C53587DBDC515A86C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4113856 2023-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Policies\Explorer: []
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\MountPoints2: {0e7ac4db-e3e1-11eb-b213-80c5f2090282} - "F:\setup.exe"
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [110688 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lwn7: C:\WINDOWS\system32\hpz3lwn7.dll [45656 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [36176 2016-03-27] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider)
HKLM\Software\...\AppCompatFlags\Custom\BGMain.exe: [{94ca8f64-5aab-4151-9a1a-73cdb2faf787}.sdb] -> GOG.com Baldur's Gate
HKLM\Software\...\AppCompatFlags\InstalledSDB\{94ca8f64-5aab-4151-9a1a-73cdb2faf787}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{94ca8f64-5aab-4151-9a1a-73cdb2faf787}.sdb [2012-11-20]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.134\Installer\chrmstp.exe [2023-06-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10E3CA8F-73E3-482E-92AE-46D498F6F6AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\HPAudioSwitch" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-703552212-4080178173-21668911-1001" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1551696857" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\Zoner.Updater.S-1-5-21-703552212-4080178173-21668911-1001" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {19F419D7-EC23-48E0-B86B-DF09532705CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {328CA071-2DEF-43DD-B410-5061FFC708B4} - System32\Tasks\CCleanerSkipUAC - lenny => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {39B7BB94-0F6E-4D66-8AD1-4BCA7075C884} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {451BBCCE-0D5C-411C-85DD-A6853D3177C0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4D77ACFE-DA3F-460C-B920-6AB13A2F4197} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7CA0A71A-FD6C-4987-BCB3-64A213FB26E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7FE1CC50-5CC4-4DB9-8445-0B642332BACA} - System32\Tasks\Zoner.Updater.S-1-5-21-703552212-4080178173-21668911-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1615168 2023-03-16] (ZONER a.s. -> ZONER a.s.)
Task: {853265CA-6D9A-42A5-848C-181FDDB2AC5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CDD2AEA-0D6F-488B-B61B-4B5978802127} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001Core => C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9032AA64-0C75-437C-972D-9A2964E20A30} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "27ca5503-e686-49e3-8828-db4fd49e8f43" --version "6.13.10517" --silent
Task: {9E25265F-F677-4811-BF24-BF07F0C8D04E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0D893EE-9728-43E8-993C-2B5EEC26D3B8} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001UA => C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8FCED49-E280-4F96-9D9B-2CC1C58F6CF1} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [4036480 2023-06-06] (Easeware Technology Limited -> Easeware)
Task: {CA5AC25E-49B2-4607-9840-B9E8895ACC64} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
Task: {DED5398C-617A-4911-9E24-A47507A27017} - System32\Tasks\Opera scheduled Autoupdate 1538092358 => C:\Users\lenny\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {DF4258AB-B4A9-4219-9E0B-E1DC447A9381} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Task: {F1FD3101-2AA5-436B-8AA5-CC70C3B04509} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{6ae02b19-c4f1-453b-9cad-4455f4887d47}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{f872e33a-ee4c-4c9f-b663-4d0340d4ece4}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir:
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-26]
Edge Notifications: Default -> hxxps://www.youtube.com
Edge HomePage: Default -> hxxp://qip.ru/
Edge Extension: (Save to Pocket) - C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jicacccodjjgmghnmekophahpmddeemd [2021-08-25]
Edge Extension: (Edge relevant text changes) - C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-06-15]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-06-20]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\dtplugin\npDeployJava1.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\plugin2\npjp2.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default [2023-06-26]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://best.aliexpress.com; hxxps://cs.puntomarinero.com; hxxps://cz.pinterest.com; hxxps://doswinuba.com; hxxps://kfc.cz; hxxps://teams.microsoft.com; hxxps://www.4camping.cz; hxxps://www.booktook.cz; hxxps://www.daemon-tools.cc; hxxps://www.dailymail.co.uk; hxxps://www.em.muni.cz; hxxps://www.facebook.com; hxxps://www.freegamesdl.net; hxxps://www.iflirts.com; hxxps://www.luxor.cz; hxxps://www.reddit.com; hxxps://www.telecinco.es; hxxps://www.toonzshop.com; hxxps://www.wish.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Seznam doplněk - Email) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2023-03-29]
CHR Extension: (Volume Booster) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkiikneibegknkgimmihdpcbcedgmpo [2022-05-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-23]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-06-14]
CHR Extension: (Volume Master - ovladač hlasitosti) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2023-03-16]
CHR Extension: (Pocket) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2018-02-23]
CHR Extension: (Save to Pocket) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Seznam.cz) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-05-18]
CHR HKU\S-1-5-21-703552212-4080178173-21668911-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-703552212-4080178173-21668911-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
Opera:
=======
OPR Profile: C:\Users\lenny\AppData\Roaming\Opera Software\Opera Stable [2023-06-15]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\lenny\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-10]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1166352 2022-07-13] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-09-25] (Advanced Micro Devices, Inc. -> )
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [8485392 2022-07-21] (Autodesk, Inc. -> Autodesk, Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [73816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [153272 2019-02-21] (Letasoft LLC -> Letasoft)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-23] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-26 01:36 - 2023-06-26 01:40 - 000022345 _____ C:\Users\lenny\Downloads\FRST.txt
2023-06-26 01:34 - 2023-06-26 01:39 - 000000000 ____D C:\FRST
2023-06-26 01:30 - 2023-06-26 01:30 - 002383360 _____ (Farbar) C:\Users\lenny\Downloads\FRST64.exe
2023-06-24 00:40 - 2023-06-26 00:10 - 000000438 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2023-06-24 00:40 - 2023-06-24 00:40 - 000003912 _____ C:\WINDOWS\system32\Tasks\Driver Easy Scheduled Scan
2023-06-24 00:40 - 2023-06-24 00:40 - 000000979 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2023-06-24 00:40 - 2023-06-24 00:40 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Easeware
2023-06-24 00:40 - 2023-06-24 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2023-06-24 00:40 - 2023-06-24 00:40 - 000000000 ____D C:\Program Files\Easeware
2023-06-24 00:39 - 2023-06-24 00:39 - 005402688 _____ (Easeware ) C:\Users\lenny\Downloads\DriverEasy_Setup.exe
2023-06-19 20:28 - 2023-06-19 20:28 - 000001062 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2023-06-19 20:28 - 2023-06-19 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2023-06-19 20:21 - 2023-06-26 00:01 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2023-06-19 20:20 - 2023-06-19 20:20 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2023-06-19 20:14 - 2023-06-26 00:04 - 000000000 ____D C:\Users\lenny\AppData\Local\Battle.net
2023-06-19 20:14 - 2023-06-19 20:21 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Battle.net
2023-06-19 20:13 - 2023-06-19 20:13 - 000000932 _____ C:\Users\Public\Desktop\Battle.net.lnk
2023-06-19 20:13 - 2023-06-19 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2023-06-19 20:12 - 2023-06-19 20:20 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-06-19 20:10 - 2023-06-19 20:11 - 004887504 _____ (Blizzard Entertainment) C:\Users\lenny\Downloads\World-of-Warcraft-Setup (1).exe
2023-06-19 20:09 - 2023-06-19 20:10 - 000000000 ____D C:\ProgramData\Battle.net
2023-06-19 20:09 - 2023-06-19 20:09 - 004887504 _____ (Blizzard Entertainment) C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe
2023-06-18 16:24 - 2023-06-18 16:24 - 000000000 ___HD C:\$WinREAgent
2023-06-15 22:55 - 2023-06-15 22:55 - 000100686 _____ C:\Users\lenny\Desktop\1686842901 (1).jpeg
2023-06-13 21:26 - 2023-06-13 21:26 - 000033631 _____ C:\Users\lenny\Downloads\raya.and.the.last.dragon.(2021).eng.1cd.(8726204) (1).zip
2023-06-13 21:26 - 2023-06-13 21:26 - 000033629 _____ C:\Users\lenny\Downloads\raya.and.the.last.dragon.(2021).eng.1cd.(8726204).zip
2023-06-13 17:19 - 2023-06-13 20:24 - 3408263019 _____ C:\Users\lenny\Downloads\Raya and the Last Dragon (2021) [Cartoon] 1080p H264 DolbyD 5.1 ⛦ nickarad.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-26 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-26 01:20 - 2021-12-15 23:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-26 01:20 - 2018-02-22 20:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-26 01:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-26 01:04 - 2018-02-22 20:15 - 000000000 ____D C:\Users\lenny\AppData\Local\Packages
2023-06-26 00:57 - 2020-10-07 06:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-26 00:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-06-26 00:57 - 2018-01-17 02:59 - 000000000 ____D C:\ProgramData\Realtek
2023-06-26 00:56 - 2020-10-07 04:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-26 00:55 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-06-26 00:54 - 2018-01-17 02:56 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2023-06-26 00:52 - 2020-10-07 04:25 - 000000000 ____D C:\Users\lenny
2023-06-26 00:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-26 00:36 - 2021-07-15 13:48 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Disc-Soft
2023-06-26 00:36 - 2021-07-15 13:46 - 000000000 ____D C:\ProgramData\Disc-Soft
2023-06-26 00:29 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-06-26 00:18 - 2021-06-30 15:35 - 000000000 ____D C:\Program Files\CCleaner
2023-06-26 00:17 - 2023-05-14 20:22 - 000000000 ____D C:\Users\lenny\AppData\Local\Malwarebytes
2023-06-26 00:10 - 2020-10-07 04:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-26 00:07 - 2018-10-04 14:39 - 000000000 ____D C:\Users\lenny\AppData\Local\CrashDumps
2023-06-25 00:04 - 2018-02-22 21:44 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Microsoft\Word
2023-06-24 19:21 - 2023-01-17 19:15 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-06-24 19:21 - 2020-12-27 16:03 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-23 19:31 - 2018-03-25 10:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-22 15:23 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-06-22 14:57 - 2020-10-07 04:47 - 001840828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-22 14:57 - 2019-12-07 16:41 - 000766546 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-22 14:57 - 2019-12-07 16:41 - 000170290 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-21 19:21 - 2021-06-30 15:36 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-06-21 18:44 - 2020-10-07 04:17 - 000781800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-06-21 18:28 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-21 18:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-21 18:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-20 21:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-06-19 20:10 - 2018-09-29 11:24 - 000000000 ____D C:\Users\lenny\AppData\Local\Blizzard Entertainment
2023-06-18 20:14 - 2018-02-22 20:39 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-18 20:14 - 2018-02-22 20:39 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-06-18 17:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-18 15:25 - 2018-02-23 19:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-17 23:56 - 2018-02-23 19:31 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-17 21:59 - 2022-10-21 11:39 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-17 21:39 - 2020-10-07 04:24 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-16 17:52 - 2017-09-29 15:46 - 000000199 _____ C:\WINDOWS\win.ini
2023-06-15 23:20 - 2018-09-28 01:51 - 000000000 ____D C:\Users\lenny\AppData\Roaming\uTorrent
2023-06-15 23:13 - 2020-11-21 23:39 - 000000000 ____D C:\WINDOWS\Minidump
2023-06-15 23:09 - 2022-08-02 18:16 - 000000000 ____D C:\Users\lenny\Desktop\Promoce já FB
2023-06-15 22:48 - 2018-06-04 14:27 - 000000000 ____D C:\Users\lenny\Desktop\Ostatní
2023-06-15 22:46 - 2022-09-20 00:42 - 000000000 ____D C:\Users\lenny\Desktop\Práce e-maily
2023-06-15 22:45 - 2022-08-16 18:21 - 000000000 ____D C:\Users\lenny\Desktop\Techgeo
2023-06-15 22:40 - 2020-11-14 20:44 - 000000000 ____D C:\filmy
2023-06-15 20:15 - 2020-10-07 06:00 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-06-15 20:15 - 2020-10-07 06:00 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-06-14 19:18 - 2022-11-15 13:12 - 000003470 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-06-14 19:14 - 2020-12-27 16:03 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-14 19:14 - 2020-12-27 16:03 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-13 17:00 - 2022-06-19 21:07 - 000003892 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001UA
2023-06-13 17:00 - 2022-06-19 21:07 - 000003828 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001Core
2023-06-06 23:33 - 2019-03-17 23:10 - 000000000 ____D C:\Users\lenny\AppData\Local\BitTorrentHelper
2023-06-06 19:09 - 2022-09-18 22:07 - 000000000 ____D C:\ProgramData\Autodesk
2023-05-28 14:08 - 2020-08-23 17:31 - 000000000 ____D C:\ProgramData\Zoner
==================== Files in the root of some directories ========
2020-08-23 16:59 - 2020-08-23 20:22 - 000003584 _____ () C:\Users\lenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-22 09:02 - 2018-08-22 09:02 - 000000017 _____ () C:\Users\lenny\AppData\Local\resmon.resmoncfg
2020-06-18 15:24 - 2020-06-18 15:24 - 000000000 _____ () C:\Users\lenny\AppData\Local\{3FBF0BF9-3563-4637-B2A1-4CB9CFC05CD8}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2023
Ran by lenny (26-06-2023 01:42:44)
Running from C:\Users\lenny\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3086 (X64) (2020-10-07 04:06:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-703552212-4080178173-21668911-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-703552212-4080178173-21668911-503 - Limited - Disabled)
Guest (S-1-5-21-703552212-4080178173-21668911-501 - Limited - Disabled)
lenny (S-1-5-21-703552212-4080178173-21668911-1001 - Administrator - Enabled) => C:\Users\lenny
WDAGUtilityAccount (S-1-5-21-703552212-4080178173-21668911-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\uTorrent) (Version: 3.6.0.46812 - BitTorrent Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\{F216C14C-7D19-DD58-9E00-795CFF488E4C}) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AutoCAD 2021 – Čeština (Czech) (HKLM\...\{28B89EEF-4101-0405-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
AutoCAD Open in Desktop (HKLM\...\{2B8E195A-0082-4B8F-9284-0FCCB6017C23}) (Version: 1.0.26.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{4EF1F1D4-E74F-45A8-AF89-95907847D484}) (Version: 3.3.0 - Autodesk)
Autodesk AutoCAD 2021 – Čeština (Czech) (HKLM\...\AutoCAD 2021 – Čeština (Czech)) (Version: 24.0.47.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.12 (HKLM-x32\...\{293C8AB2-59FA-4C6E-A707-EE7457D8F567}) (Version: 1.3.12.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{3F9E7D4B-C2ED-48C6-ABB1-F7611724ACD9}) (Version: 5.0.0.134 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library 2023 (HKLM-x32\...\{8E133591-B0FD-4DB0-B60E-FB593CAF72B0}) (Version: 21.0.1.1 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2023 (HKLM-x32\...\{3B564A94-BA47-4E42-ACD6-B5C35291210B}) (Version: 21.0.1.1 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{88003D19-C1C3-402D-A162-42D9B924266C}) (Version: 13.3.3.1803 - Autodesk)
Baldur's Gate - The Original Saga (HKLM-x32\...\GOGPACKBALDURSGATE1_is1) (Version: 2.0.0.20 - GOG.com)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\1207666353_is1) (Version: 2.6.6.0 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1090 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 6.13 - Piriform)
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (HKLM-x32\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
Driver Easy 5.8.1 (HKLM\...\DriverEasy_is1) (Version: 5.8.1 - Easeware)
GOG.com Baldur's Gate (HKLM\...\{94ca8f64-5aab-4151-9a1a-73cdb2faf787}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.134 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Registration Service (HKLM-x32\...\{EBF2C31B-E9A1-4929-BE35-6EBECF286110}) (Version: 1.0.0.30 - HP Inc.) Hidden
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 331 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180331F0}) (Version: 8.0.3310.9 - Oracle Corporation)
Kokeš 13.18.100649 "C:\KOKES_13_18\" (HKLM-x32\...\Kokeš_0) (Version: - )
Kokeš 13.18.100649 "C:\KOKES_13_18\" (HKLM-x32\...\Kokeš_1) (Version: - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Letasoft Sound Booster 1.11.0.514 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.514 - Letasoft LLC)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.32 - Shared Framework (x64) (HKLM-x32\...\{65fddc17-d55b-46b7-a750-5c179fef3d81}) (Version: 3.1.32.22566 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.32 Shared Framework (x64) (HKLM\...\{2E69E59E-17DF-3977-A405-49096F8B8432}) (Version: 3.1.32.22566 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2016 (HKLM-x32\...\{90160000-0016-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM-x32\...\{90160000-00BA-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2016 (HKLM\...\{90160000-002A-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E2-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM-x32\...\{90160000-002C-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM-x32\...\{90160000-001F-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2016 (HKLM\...\{90160000-002A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM-x32\...\{90160000-006E-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM-x32\...\{90160000-00A1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM-x32\...\{90160000-001A-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM-x32\...\{90160000-0018-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM-x32\...\{90160000-0019-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 x64 Hosting Support (HKLM\...\{10AB056B-1B8C-3E9E-95CC-43C33EB88513}) (Version: 15.0.26717 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 x86 Hosting Support (HKLM-x32\...\{AB46A6EF-12D2-3146-A38D-1D6FF1AFFF69}) (Version: 15.0.26717 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2016 (HKLM-x32\...\{90160000-001B-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Movavi Screen Recorder 21 (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Movavi Screen Recorder 21) (Version: 21.2.0 - Movavi)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Název společnosti:)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 12.0 - PlotSoft LLC)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.5.0.17 - Autodesk)
Processing Modflow 8 (HKLM-x32\...\Processing Modflow 8) (Version: 8.0.47 - Simcore Software)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.79 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.21.811.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.104 - REALTEK Semiconductor Corp.)
Speciální aplikace Autodesk (HKLM-x32\...\{DE8DA5A8-C311-4F2B-B1C3-27A8BC154154}) (Version: 3.3.0 - Autodesk)
StepMania 3.9 (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
The Elder Scrolls V Skyrim Special Edition (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{5AB49421-ADA1-4512-9E47-0AE9906F6A28}) (Version: 3.0.30 - Autodesk)
Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}_Office16.STANDARD_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.STANDARD_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoner Photo Studio X CS (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\ZPS X) (Version: 19.2209.2.437 - ZONER a.s.)
Zoom (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-06-11] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.16501.20210.0_x86__8wekyb3d8bbwe [2023-06-24] (Microsoft Corporation)
PDF Reader Editor Elf -> C:\Program Files\WindowsApps\42742filesuite.PDFreaderforadobeacrobat_1.0.30.0_x64__1cyam58dzt1cw [2023-01-24] (PDF reader apps)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\lenny\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2023\cs-CZ\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-25] (Advanced Micro Devices, Inc.) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\StepMania Web Site.lnk -> hxxp://www.stepmania.com
ShortcutWithArgument: C:\Users\lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe:MBAM.Zone.Identifier [124]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-703552212-4080178173-21668911-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {461158B0-AA99-4A0D-B7DD-AB98AA90F07B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {461158B0-AA99-4A0D-B7DD-AB98AA90F07B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-703552212-4080178173-21668911-1001 -> {461158B0-AA99-4A0D-B7DD-AB98AA90F07B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_331\bin\ssv.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_331\bin\jp2ssv.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2019-01-12 14:27 - 000000838 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Simcore\PM8\pest;C:\Program Files\PM8\pest;C:\Program Files\dotnet\
HKU\S-1-5-21-703552212-4080178173-21668911-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "RtlS5Wake"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A63E3E2289A4932C53587DBDC515A86C"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1225B0F1-B801-468E-9F9D-DB55A266BCEA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13231.20262.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2502B8D4-725A-40C4-9E60-0B12806135A1}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [TCP Query User{8392E14A-A179-49E0-8B62-26F064E9DBE2}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [UDP Query User{2D887E38-E06B-4B14-B234-2EEB1DF6AA00}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{9B762E56-A721-453B-878E-753B9F3ECF4D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{98FA161F-9C9A-46A2-82E9-7723AC084E95}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{D665E8C1-5635-48B1-A81F-6310450F8E7D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [{EE1C50DD-6891-4EF2-9595-5F7DEB23E7D4}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [{8B4B0917-3B66-48AC-AD5E-3A54C83E49EE}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{4D594A63-028E-4A40-9650-EFFEA97C4797}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{021E4D3E-323B-4B3A-ADD9-AC6DC75D794E}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{FDF6A9E2-EA4E-4028-AED2-8F3F8FDD74AA}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{2E96A1B9-6AE1-4FFA-8899-CA00815AF9BC}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{47FA4C58-FE5D-4B1C-9772-5F281FBB03A0}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{9AFBB99D-9AD9-4063-9CA7-2AB645125C96}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{841FE14A-5C48-4E3F-8733-66469897364E}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{03821B57-7F15-4EC9-A56B-E5E7D6C584A3}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{D41603DF-2B9C-44A2-BB65-63EE11089B54}] => (Allow) C:\Users\lenny\AppData\Local\Programs\Opera\56.0.3051.31\opera.exe => No File
FirewallRules: [TCP Query User{F5503B2E-F461-4141-9CAB-FCD696B4E8FB}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{70DB10DD-480E-4F85-AC61-84F9EC95F2BE}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{79DF1183-C4ED-4466-A4A4-AB18203160FF}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{0D94B33E-A8B3-4ED2-9329-79312443AD66}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{D683CB8F-34DF-40B8-9011-E594D804985E}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{15468984-DC86-41F6-8B01-F33F66BDC729}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{00D8BCD7-37A1-4938-8B1B-B94035A4EDE9}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{803792EC-6A31-4B02-B040-6DC04F8F7734}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{8A374F34-511F-46FA-BB2A-76B2CC8C0C44}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{A3EAAA48-35C2-4FF2-AFC0-85367E97B740}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{416A0A7A-4FAF-45C3-8EE4-F42FCCD453B5}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{320B97A4-7DB1-4040-882A-BD411F0099B7}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{ECE0A9B5-0747-4435-9418-C777CC21DE87}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [UDP Query User{B1FE4DB4-E7C0-425F-88FE-F65878AA41E1}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [TCP Query User{D56EB27B-8BC0-425B-B325-E9C6CFFEC240}C:\hry\stepmania 5\program\stepmania.exe] => (Allow) C:\hry\stepmania 5\program\stepmania.exe (StepMania Team hxxp://www.stepmania.com/) [File not signed]
FirewallRules: [UDP Query User{BBBB9102-1609-413A-92D2-45DD8CF21454}C:\hry\stepmania 5\program\stepmania.exe] => (Allow) C:\hry\stepmania 5\program\stepmania.exe (StepMania Team hxxp://www.stepmania.com/) [File not signed]
FirewallRules: [{85F81A3F-4E8F-4478-A47B-187E9B2A61A9}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C07DF7A0-CB4A-49EA-8755-FE12A84B0300}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{E3BD1CAB-E8AE-4957-857D-CD1E034BA2AC}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{1265EE5E-4A56-4F9D-8B8B-5844A627F891}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C50FEC11-2139-478E-A6CC-767144103920}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A4D494E-2DEA-468E-9223-75D7BB986672}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9057F62E-C805-40C4-BA52-A6FBAE123721}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8FA6D8B4-BB32-4D6B-8529-24BBE1696AC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{61E01EB2-8D71-41BB-B78A-1018FA52CC5B}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{47E8FE91-2B22-4CC9-899D-8CFEDE304784}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
18-06-2023 16:27:09 Instalační služba modulů systému Windows
26-06-2023 00:50:32 Removed Microsoft Silverlight
26-06-2023 01:07:14 Removed Ghostscript GPL 8.64 (Msi Setup).
26-06-2023 01:13:16 Removed Corel Graphics - Windows Shell Extension.
26-06-2023 01:16:13 Removed Corel Graphics - Windows Shell Extension 32 Bit Keys.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/25/2023 11:53:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2023.10030.27002.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 5038
Čas spuštění: 01d9a7483b8c2f84
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10030.27002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: ba653371-34da-4bd8-9a26-8db9b46ab59b
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2023.10030.27002.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (06/25/2023 11:49:32 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (06/25/2023 11:48:07 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (06/25/2023 10:45:35 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (06/24/2023 07:59:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (06/24/2023 07:59:51 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (06/24/2023 07:59:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (06/24/2023 07:59:27 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (06/26/2023 01:01:34 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (06/26/2023 12:57:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/26/2023 12:51:07 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RMV2J42J)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/26/2023 12:51:06 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RMV2J42J)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/26/2023 12:51:06 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RMV2J42J)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/26/2023 12:51:06 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RMV2J42J)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/26/2023 12:51:06 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RMV2J42J)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/26/2023 12:51:04 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RMV2J42J)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2023-06-24 20:09:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {847E545A-5FAC-45F8-A8F2-11E7AEB82365}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-23 20:40:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {58560BD9-4160-40AF-B38C-011827FADBEF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-23 20:24:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {782DD836-B3B7-4017-AA0C-433342178933}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-09 19:04:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8AEDBD5D-A2CA-4076-8EDD-12D1A4625FDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-08 18:12:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6FD8BBD8-5F77-40E2-8BA4-B1BD517D1401}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-05-15 18:25:58
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1375.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
Date: 2023-05-10 22:31:27
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.705.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2023-05-02 17:21:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.2537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-05-02 17:21:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.2537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-05-02 17:21:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.2537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
CodeIntegrity:
===============
Date: 2023-06-23 19:46:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-23 12:49:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.21 11/17/2017
Motherboard: HP 8331
Processor: AMD A9-9420 RADEON R5, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 53%
Total physical RAM: 7645.68 MB
Available physical RAM: 3542.88 MB
Total Virtual: 9821.68 MB
Available Virtual: 5163.25 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:917.41 GB) (Free:270.07 GB) (Model: ST1000LM035-1RK172) NTFS
Drive d: (RECOVERY) (Fixed) (Total:12.87 GB) (Free:1.55 GB) (Model: ST1000LM035-1RK172) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{bea691ec-e3cd-4f5d-812d-76ea916c48a2}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{f1bf73fd-3897-4e3c-916a-416ec29d0a15}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7E2B67A8)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, počítač tak zasekaný že se skoro nedá používat
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, počítač tak zasekaný že se skoro nedá používat
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu, počítač tak zasekaný že se skoro nedá používat
Hotovo, tady je log
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-26-2023
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.3086)
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Deleted Seznam Doplněk – Esko - olfeabkoenfaoljndfecamgilllcpiak
Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
***** [ Chromium URLs ] *****
Deleted Babylon
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6759 octets] - [07/06/2022 16:52:05]
AdwCleaner[C00].txt - [6638 octets] - [07/06/2022 18:38:37]
AdwCleaner[S01].txt - [1691 octets] - [26/06/2023 16:25:26]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-26-2023
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.3086)
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Deleted Seznam Doplněk – Esko - olfeabkoenfaoljndfecamgilllcpiak
Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
***** [ Chromium URLs ] *****
Deleted Babylon
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6759 octets] - [07/06/2022 16:52:05]
AdwCleaner[C00].txt - [6638 octets] - [07/06/2022 18:38:37]
AdwCleaner[S01].txt - [1691 octets] - [26/06/2023 16:25:26]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, počítač tak zasekaný že se skoro nedá používat
Teď dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu, počítač tak zasekaný že se skoro nedá používat
Nové logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2023
Ran by lenny (administrator) on LAPTOP-RMV2J42J (HP HP Laptop 15-bw0xx) (26-06-2023 17:14:35)
Running from C:\Users\lenny\Downloads\FRST64.exe
Loaded Profiles: lenny
Platform: Microsoft Windows 10 Home Version 22H2 19045.3086 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707768 2022-03-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [589840 2022-07-13] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [3738160 2022-06-29] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [Microsoft Edge Update] => C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\MicrosoftEdgeUpdateCore.exe [263640 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\lenny\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [1996656 2023-03-14] (ZONER a.s. -> ZONER a.s.)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [MicrosoftEdgeAutoLaunch_A63E3E2289A4932C53587DBDC515A86C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4113856 2023-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Policies\Explorer: []
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\MountPoints2: {0e7ac4db-e3e1-11eb-b213-80c5f2090282} - "F:\setup.exe"
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [110688 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lwn7: C:\WINDOWS\system32\hpz3lwn7.dll [45656 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [36176 2016-03-27] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider)
HKLM\Software\...\AppCompatFlags\Custom\BGMain.exe: [{94ca8f64-5aab-4151-9a1a-73cdb2faf787}.sdb] -> GOG.com Baldur's Gate
HKLM\Software\...\AppCompatFlags\InstalledSDB\{94ca8f64-5aab-4151-9a1a-73cdb2faf787}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{94ca8f64-5aab-4151-9a1a-73cdb2faf787}.sdb [2012-11-20]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.134\Installer\chrmstp.exe [2023-06-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10E3CA8F-73E3-482E-92AE-46D498F6F6AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\HPAudioSwitch" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-703552212-4080178173-21668911-1001" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1551696857" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\Zoner.Updater.S-1-5-21-703552212-4080178173-21668911-1001" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {19F419D7-EC23-48E0-B86B-DF09532705CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {328CA071-2DEF-43DD-B410-5061FFC708B4} - System32\Tasks\CCleanerSkipUAC - lenny => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {39B7BB94-0F6E-4D66-8AD1-4BCA7075C884} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {451BBCCE-0D5C-411C-85DD-A6853D3177C0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4D77ACFE-DA3F-460C-B920-6AB13A2F4197} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7CA0A71A-FD6C-4987-BCB3-64A213FB26E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7FE1CC50-5CC4-4DB9-8445-0B642332BACA} - System32\Tasks\Zoner.Updater.S-1-5-21-703552212-4080178173-21668911-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1615168 2023-03-16] (ZONER a.s. -> ZONER a.s.)
Task: {853265CA-6D9A-42A5-848C-181FDDB2AC5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CDD2AEA-0D6F-488B-B61B-4B5978802127} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001Core => C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9032AA64-0C75-437C-972D-9A2964E20A30} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "27ca5503-e686-49e3-8828-db4fd49e8f43" --version "6.13.10517" --silent
Task: {9E25265F-F677-4811-BF24-BF07F0C8D04E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0D893EE-9728-43E8-993C-2B5EEC26D3B8} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001UA => C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8FCED49-E280-4F96-9D9B-2CC1C58F6CF1} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [4036480 2023-06-06] (Easeware Technology Limited -> Easeware)
Task: {CA5AC25E-49B2-4607-9840-B9E8895ACC64} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
Task: {DED5398C-617A-4911-9E24-A47507A27017} - System32\Tasks\Opera scheduled Autoupdate 1538092358 => C:\Users\lenny\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {DF4258AB-B4A9-4219-9E0B-E1DC447A9381} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Task: {F1FD3101-2AA5-436B-8AA5-CC70C3B04509} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{6ae02b19-c4f1-453b-9cad-4455f4887d47}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{f872e33a-ee4c-4c9f-b663-4d0340d4ece4}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir:
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-26]
Edge HomePage: Default -> hxxp://qip.ru/
Edge Extension: (Save to Pocket) - C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jicacccodjjgmghnmekophahpmddeemd [2021-08-25]
Edge Extension: (Edge relevant text changes) - C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-06-15]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-06-20]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\dtplugin\npDeployJava1.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\plugin2\npjp2.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default [2023-06-26]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://best.aliexpress.com; hxxps://cs.puntomarinero.com; hxxps://cz.pinterest.com; hxxps://doswinuba.com; hxxps://kfc.cz; hxxps://teams.microsoft.com; hxxps://www.4camping.cz; hxxps://www.booktook.cz; hxxps://www.daemon-tools.cc; hxxps://www.dailymail.co.uk; hxxps://www.em.muni.cz; hxxps://www.facebook.com; hxxps://www.freegamesdl.net; hxxps://www.iflirts.com; hxxps://www.luxor.cz; hxxps://www.reddit.com; hxxps://www.telecinco.es; hxxps://www.toonzshop.com; hxxps://www.wish.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Volume Booster) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkiikneibegknkgimmihdpcbcedgmpo [2022-05-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-23]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-06-14]
CHR Extension: (Volume Master - ovladač hlasitosti) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2023-03-16]
CHR Extension: (Save to Pocket) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR HKU\S-1-5-21-703552212-4080178173-21668911-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-703552212-4080178173-21668911-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
Opera:
=======
OPR Profile: C:\Users\lenny\AppData\Roaming\Opera Software\Opera Stable [2023-06-26]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\lenny\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-10]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1166352 2022-07-13] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-09-25] (Advanced Micro Devices, Inc. -> )
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [8485392 2022-07-21] (Autodesk, Inc. -> Autodesk, Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [73816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [153272 2019-02-21] (Letasoft LLC -> Letasoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-23] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-26 17:12 - 2023-06-26 17:12 - 000000000 ____D C:\Users\lenny\AppData\Local\AMD_Common
2023-06-26 17:11 - 2023-06-26 17:11 - 000000000 ____D C:\Users\lenny\AppData\Local\AMDSoftwareInstaller
2023-06-26 17:10 - 2023-06-26 17:10 - 045475472 _____ (AMD Inc.) C:\Users\lenny\Downloads\amd-software-adrenalin-edition-23.5.2-minimalsetup-230621_web.exe
2023-06-26 16:21 - 2023-06-26 16:21 - 008791352 _____ (Malwarebytes) C:\Users\lenny\Desktop\adwcleaner.exe
2023-06-26 01:42 - 2023-06-26 01:48 - 000053787 _____ C:\Users\lenny\Downloads\Addition.txt
2023-06-26 01:36 - 2023-06-26 17:19 - 000021676 _____ C:\Users\lenny\Downloads\FRST.txt
2023-06-26 01:34 - 2023-06-26 17:18 - 000000000 ____D C:\FRST
2023-06-26 01:30 - 2023-06-26 01:30 - 002383360 _____ (Farbar) C:\Users\lenny\Downloads\FRST64.exe
2023-06-24 00:40 - 2023-06-26 00:10 - 000000438 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2023-06-24 00:40 - 2023-06-24 00:40 - 000003912 _____ C:\WINDOWS\system32\Tasks\Driver Easy Scheduled Scan
2023-06-24 00:40 - 2023-06-24 00:40 - 000000979 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2023-06-24 00:40 - 2023-06-24 00:40 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Easeware
2023-06-24 00:40 - 2023-06-24 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2023-06-24 00:40 - 2023-06-24 00:40 - 000000000 ____D C:\Program Files\Easeware
2023-06-24 00:39 - 2023-06-24 00:39 - 005402688 _____ (Easeware ) C:\Users\lenny\Downloads\DriverEasy_Setup.exe
2023-06-19 20:28 - 2023-06-19 20:28 - 000001062 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2023-06-19 20:28 - 2023-06-19 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2023-06-19 20:21 - 2023-06-26 00:01 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2023-06-19 20:20 - 2023-06-19 20:20 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2023-06-19 20:14 - 2023-06-26 00:04 - 000000000 ____D C:\Users\lenny\AppData\Local\Battle.net
2023-06-19 20:14 - 2023-06-19 20:21 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Battle.net
2023-06-19 20:13 - 2023-06-19 20:13 - 000000932 _____ C:\Users\Public\Desktop\Battle.net.lnk
2023-06-19 20:13 - 2023-06-19 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2023-06-19 20:12 - 2023-06-19 20:20 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-06-19 20:10 - 2023-06-19 20:11 - 004887504 _____ (Blizzard Entertainment) C:\Users\lenny\Downloads\World-of-Warcraft-Setup (1).exe
2023-06-19 20:09 - 2023-06-19 20:10 - 000000000 ____D C:\ProgramData\Battle.net
2023-06-19 20:09 - 2023-06-19 20:09 - 004887504 _____ (Blizzard Entertainment) C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe
2023-06-18 16:24 - 2023-06-18 16:24 - 000000000 ___HD C:\$WinREAgent
2023-06-15 22:55 - 2023-06-15 22:55 - 000100686 _____ C:\Users\lenny\Desktop\1686842901 (1).jpeg
2023-06-13 21:26 - 2023-06-13 21:26 - 000033631 _____ C:\Users\lenny\Downloads\raya.and.the.last.dragon.(2021).eng.1cd.(8726204) (1).zip
2023-06-13 21:26 - 2023-06-13 21:26 - 000033629 _____ C:\Users\lenny\Downloads\raya.and.the.last.dragon.(2021).eng.1cd.(8726204).zip
2023-06-13 17:19 - 2023-06-13 20:24 - 3408263019 _____ C:\Users\lenny\Downloads\Raya and the Last Dragon (2021) [Cartoon] 1080p H264 DolbyD 5.1 ⛦ nickarad.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-26 17:20 - 2021-12-15 23:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-26 17:20 - 2018-02-22 20:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-26 17:11 - 2018-08-04 20:32 - 000000000 ____D C:\AMD
2023-06-26 17:04 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-26 17:01 - 2020-10-07 06:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-26 17:01 - 2020-10-07 04:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-26 17:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-06-26 16:59 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-06-26 16:59 - 2018-01-17 02:56 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2023-06-26 16:56 - 2021-06-30 15:35 - 000000000 ____D C:\Program Files\CCleaner
2023-06-26 16:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-06-26 16:52 - 2018-10-04 14:39 - 000000000 ____D C:\Users\lenny\AppData\Local\CrashDumps
2023-06-26 16:20 - 2020-10-07 04:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-26 01:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-26 01:04 - 2018-02-22 20:15 - 000000000 ____D C:\Users\lenny\AppData\Local\Packages
2023-06-26 00:57 - 2018-01-17 02:59 - 000000000 ____D C:\ProgramData\Realtek
2023-06-26 00:52 - 2020-10-07 04:25 - 000000000 ____D C:\Users\lenny
2023-06-26 00:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-26 00:36 - 2021-07-15 13:48 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Disc-Soft
2023-06-26 00:36 - 2021-07-15 13:46 - 000000000 ____D C:\ProgramData\Disc-Soft
2023-06-26 00:29 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-06-26 00:17 - 2023-05-14 20:22 - 000000000 ____D C:\Users\lenny\AppData\Local\Malwarebytes
2023-06-25 00:04 - 2018-02-22 21:44 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Microsoft\Word
2023-06-24 19:21 - 2023-01-17 19:15 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-06-24 19:21 - 2020-12-27 16:03 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-23 19:31 - 2018-03-25 10:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-22 15:23 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-06-22 14:57 - 2020-10-07 04:47 - 001840828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-22 14:57 - 2019-12-07 16:41 - 000766546 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-22 14:57 - 2019-12-07 16:41 - 000170290 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-21 19:21 - 2021-06-30 15:36 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-06-21 18:44 - 2020-10-07 04:17 - 000781800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-06-21 18:28 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-21 18:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-21 18:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-19 20:10 - 2018-09-29 11:24 - 000000000 ____D C:\Users\lenny\AppData\Local\Blizzard Entertainment
2023-06-18 20:14 - 2018-02-22 20:39 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-18 20:14 - 2018-02-22 20:39 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-06-18 17:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-18 15:25 - 2018-02-23 19:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-17 23:56 - 2018-02-23 19:31 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-17 21:59 - 2022-10-21 11:39 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-17 21:39 - 2020-10-07 04:24 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-16 17:52 - 2017-09-29 15:46 - 000000199 _____ C:\WINDOWS\win.ini
2023-06-15 23:20 - 2018-09-28 01:51 - 000000000 ____D C:\Users\lenny\AppData\Roaming\uTorrent
2023-06-15 23:13 - 2020-11-21 23:39 - 000000000 ____D C:\WINDOWS\Minidump
2023-06-15 23:09 - 2022-08-02 18:16 - 000000000 ____D C:\Users\lenny\Desktop\Promoce já FB
2023-06-15 22:48 - 2018-06-04 14:27 - 000000000 ____D C:\Users\lenny\Desktop\Ostatní
2023-06-15 22:46 - 2022-09-20 00:42 - 000000000 ____D C:\Users\lenny\Desktop\Práce e-maily
2023-06-15 22:45 - 2022-08-16 18:21 - 000000000 ____D C:\Users\lenny\Desktop\Techgeo
2023-06-15 22:40 - 2020-11-14 20:44 - 000000000 ____D C:\filmy
2023-06-15 20:15 - 2020-10-07 06:00 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-06-15 20:15 - 2020-10-07 06:00 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-06-14 19:18 - 2022-11-15 13:12 - 000003470 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-06-14 19:14 - 2020-12-27 16:03 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-14 19:14 - 2020-12-27 16:03 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-13 17:00 - 2022-06-19 21:07 - 000003892 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001UA
2023-06-13 17:00 - 2022-06-19 21:07 - 000003828 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001Core
2023-06-06 23:33 - 2019-03-17 23:10 - 000000000 ____D C:\Users\lenny\AppData\Local\BitTorrentHelper
2023-06-06 19:09 - 2022-09-18 22:07 - 000000000 ____D C:\ProgramData\Autodesk
2023-05-28 14:08 - 2020-08-23 17:31 - 000000000 ____D C:\ProgramData\Zoner
==================== Files in the root of some directories ========
2020-08-23 16:59 - 2020-08-23 20:22 - 000003584 _____ () C:\Users\lenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-22 09:02 - 2018-08-22 09:02 - 000000017 _____ () C:\Users\lenny\AppData\Local\resmon.resmoncfg
2020-06-18 15:24 - 2020-06-18 15:24 - 000000000 _____ () C:\Users\lenny\AppData\Local\{3FBF0BF9-3563-4637-B2A1-4CB9CFC05CD8}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2023
Ran by lenny (26-06-2023 17:23:04)
Running from C:\Users\lenny\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3086 (X64) (2020-10-07 04:06:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-703552212-4080178173-21668911-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-703552212-4080178173-21668911-503 - Limited - Disabled)
Guest (S-1-5-21-703552212-4080178173-21668911-501 - Limited - Disabled)
lenny (S-1-5-21-703552212-4080178173-21668911-1001 - Administrator - Enabled) => C:\Users\lenny
WDAGUtilityAccount (S-1-5-21-703552212-4080178173-21668911-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\uTorrent) (Version: 3.6.0.46812 - BitTorrent Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\{F216C14C-7D19-DD58-9E00-795CFF488E4C}) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AutoCAD 2021 – Čeština (Czech) (HKLM\...\{28B89EEF-4101-0405-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
AutoCAD Open in Desktop (HKLM\...\{2B8E195A-0082-4B8F-9284-0FCCB6017C23}) (Version: 1.0.26.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{4EF1F1D4-E74F-45A8-AF89-95907847D484}) (Version: 3.3.0 - Autodesk)
Autodesk AutoCAD 2021 – Čeština (Czech) (HKLM\...\AutoCAD 2021 – Čeština (Czech)) (Version: 24.0.47.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.12 (HKLM-x32\...\{293C8AB2-59FA-4C6E-A707-EE7457D8F567}) (Version: 1.3.12.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{3F9E7D4B-C2ED-48C6-ABB1-F7611724ACD9}) (Version: 5.0.0.134 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library 2023 (HKLM-x32\...\{8E133591-B0FD-4DB0-B60E-FB593CAF72B0}) (Version: 21.0.1.1 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2023 (HKLM-x32\...\{3B564A94-BA47-4E42-ACD6-B5C35291210B}) (Version: 21.0.1.1 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{88003D19-C1C3-402D-A162-42D9B924266C}) (Version: 13.3.3.1803 - Autodesk)
Baldur's Gate - The Original Saga (HKLM-x32\...\GOGPACKBALDURSGATE1_is1) (Version: 2.0.0.20 - GOG.com)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\1207666353_is1) (Version: 2.6.6.0 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1090 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 6.13 - Piriform)
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
Driver Easy 5.8.1 (HKLM\...\DriverEasy_is1) (Version: 5.8.1 - Easeware)
GOG.com Baldur's Gate (HKLM\...\{94ca8f64-5aab-4151-9a1a-73cdb2faf787}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.134 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Registration Service (HKLM-x32\...\{EBF2C31B-E9A1-4929-BE35-6EBECF286110}) (Version: 1.0.0.30 - HP Inc.) Hidden
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 331 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180331F0}) (Version: 8.0.3310.9 - Oracle Corporation)
Kokeš 13.18.100649 "C:\KOKES_13_18\" (HKLM-x32\...\Kokeš_0) (Version: - )
Kokeš 13.18.100649 "C:\KOKES_13_18\" (HKLM-x32\...\Kokeš_1) (Version: - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Letasoft Sound Booster 1.11.0.514 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.514 - Letasoft LLC)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.32 - Shared Framework (x64) (HKLM-x32\...\{65fddc17-d55b-46b7-a750-5c179fef3d81}) (Version: 3.1.32.22566 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.32 Shared Framework (x64) (HKLM\...\{2E69E59E-17DF-3977-A405-49096F8B8432}) (Version: 3.1.32.22566 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2016 (HKLM-x32\...\{90160000-0016-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM-x32\...\{90160000-00BA-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2016 (HKLM\...\{90160000-002A-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E2-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM-x32\...\{90160000-002C-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM-x32\...\{90160000-001F-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2016 (HKLM\...\{90160000-002A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM-x32\...\{90160000-006E-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM-x32\...\{90160000-00A1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM-x32\...\{90160000-001A-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM-x32\...\{90160000-0018-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM-x32\...\{90160000-0019-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 x64 Hosting Support (HKLM\...\{10AB056B-1B8C-3E9E-95CC-43C33EB88513}) (Version: 15.0.26717 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 x86 Hosting Support (HKLM-x32\...\{AB46A6EF-12D2-3146-A38D-1D6FF1AFFF69}) (Version: 15.0.26717 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2016 (HKLM-x32\...\{90160000-001B-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Movavi Screen Recorder 21 (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Movavi Screen Recorder 21) (Version: 21.2.0 - Movavi)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Název společnosti:)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 12.0 - PlotSoft LLC)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.5.0.17 - Autodesk)
Processing Modflow 8 (HKLM-x32\...\Processing Modflow 8) (Version: 8.0.47 - Simcore Software)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.79 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.21.811.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.104 - REALTEK Semiconductor Corp.)
Speciální aplikace Autodesk (HKLM-x32\...\{DE8DA5A8-C311-4F2B-B1C3-27A8BC154154}) (Version: 3.3.0 - Autodesk)
StepMania 3.9 (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
The Elder Scrolls V Skyrim Special Edition (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{5AB49421-ADA1-4512-9E47-0AE9906F6A28}) (Version: 3.0.30 - Autodesk)
Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}_Office16.STANDARD_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.STANDARD_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoner Photo Studio X CS (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\ZPS X) (Version: 19.2209.2.437 - ZONER a.s.)
Zoom (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-06-11] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.16501.20210.0_x86__8wekyb3d8bbwe [2023-06-24] (Microsoft Corporation)
PDF Reader Editor Elf -> C:\Program Files\WindowsApps\42742filesuite.PDFreaderforadobeacrobat_1.0.30.0_x64__1cyam58dzt1cw [2023-01-24] (PDF reader apps)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\lenny\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2023\cs-CZ\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-25] (Advanced Micro Devices, Inc.) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\StepMania Web Site.lnk -> hxxp://www.stepmania.com
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe:MBAM.Zone.Identifier [124]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-703552212-4080178173-21668911-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {461158B0-AA99-4A0D-B7DD-AB98AA90F07B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {461158B0-AA99-4A0D-B7DD-AB98AA90F07B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-703552212-4080178173-21668911-1001 -> {461158B0-AA99-4A0D-B7DD-AB98AA90F07B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_331\bin\ssv.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_331\bin\jp2ssv.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2019-01-12 14:27 - 000000838 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Simcore\PM8\pest;C:\Program Files\PM8\pest;C:\Program Files\dotnet\
HKU\S-1-5-21-703552212-4080178173-21668911-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "RtlS5Wake"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A63E3E2289A4932C53587DBDC515A86C"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1225B0F1-B801-468E-9F9D-DB55A266BCEA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13231.20262.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2502B8D4-725A-40C4-9E60-0B12806135A1}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [TCP Query User{8392E14A-A179-49E0-8B62-26F064E9DBE2}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [UDP Query User{2D887E38-E06B-4B14-B234-2EEB1DF6AA00}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{9B762E56-A721-453B-878E-753B9F3ECF4D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{98FA161F-9C9A-46A2-82E9-7723AC084E95}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{D665E8C1-5635-48B1-A81F-6310450F8E7D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [{EE1C50DD-6891-4EF2-9595-5F7DEB23E7D4}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [{8B4B0917-3B66-48AC-AD5E-3A54C83E49EE}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{4D594A63-028E-4A40-9650-EFFEA97C4797}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{021E4D3E-323B-4B3A-ADD9-AC6DC75D794E}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{FDF6A9E2-EA4E-4028-AED2-8F3F8FDD74AA}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{2E96A1B9-6AE1-4FFA-8899-CA00815AF9BC}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{47FA4C58-FE5D-4B1C-9772-5F281FBB03A0}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{9AFBB99D-9AD9-4063-9CA7-2AB645125C96}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{841FE14A-5C48-4E3F-8733-66469897364E}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{03821B57-7F15-4EC9-A56B-E5E7D6C584A3}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{D41603DF-2B9C-44A2-BB65-63EE11089B54}] => (Allow) C:\Users\lenny\AppData\Local\Programs\Opera\56.0.3051.31\opera.exe => No File
FirewallRules: [TCP Query User{F5503B2E-F461-4141-9CAB-FCD696B4E8FB}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{70DB10DD-480E-4F85-AC61-84F9EC95F2BE}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{79DF1183-C4ED-4466-A4A4-AB18203160FF}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{0D94B33E-A8B3-4ED2-9329-79312443AD66}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{D683CB8F-34DF-40B8-9011-E594D804985E}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{15468984-DC86-41F6-8B01-F33F66BDC729}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{00D8BCD7-37A1-4938-8B1B-B94035A4EDE9}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{803792EC-6A31-4B02-B040-6DC04F8F7734}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{8A374F34-511F-46FA-BB2A-76B2CC8C0C44}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{A3EAAA48-35C2-4FF2-AFC0-85367E97B740}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{416A0A7A-4FAF-45C3-8EE4-F42FCCD453B5}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{320B97A4-7DB1-4040-882A-BD411F0099B7}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{ECE0A9B5-0747-4435-9418-C777CC21DE87}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [UDP Query User{B1FE4DB4-E7C0-425F-88FE-F65878AA41E1}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [TCP Query User{D56EB27B-8BC0-425B-B325-E9C6CFFEC240}C:\hry\stepmania 5\program\stepmania.exe] => (Allow) C:\hry\stepmania 5\program\stepmania.exe (StepMania Team hxxp://www.stepmania.com/) [File not signed]
FirewallRules: [UDP Query User{BBBB9102-1609-413A-92D2-45DD8CF21454}C:\hry\stepmania 5\program\stepmania.exe] => (Allow) C:\hry\stepmania 5\program\stepmania.exe (StepMania Team hxxp://www.stepmania.com/) [File not signed]
FirewallRules: [{85F81A3F-4E8F-4478-A47B-187E9B2A61A9}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C07DF7A0-CB4A-49EA-8755-FE12A84B0300}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{E3BD1CAB-E8AE-4957-857D-CD1E034BA2AC}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{1265EE5E-4A56-4F9D-8B8B-5844A627F891}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C50FEC11-2139-478E-A6CC-767144103920}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A4D494E-2DEA-468E-9223-75D7BB986672}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9057F62E-C805-40C4-BA52-A6FBAE123721}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8FA6D8B4-BB32-4D6B-8529-24BBE1696AC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{61E01EB2-8D71-41BB-B78A-1018FA52CC5B}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{47E8FE91-2B22-4CC9-899D-8CFEDE304784}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
18-06-2023 16:27:09 Instalační služba modulů systému Windows
26-06-2023 00:50:32 Removed Microsoft Silverlight
26-06-2023 01:07:14 Removed Ghostscript GPL 8.64 (Msi Setup).
26-06-2023 01:13:16 Removed Corel Graphics - Windows Shell Extension.
26-06-2023 01:16:13 Removed Corel Graphics - Windows Shell Extension 32 Bit Keys.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/25/2023 11:53:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2023.10030.27002.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 5038
Čas spuštění: 01d9a7483b8c2f84
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10030.27002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: ba653371-34da-4bd8-9a26-8db9b46ab59b
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2023.10030.27002.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (06/25/2023 11:49:32 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (06/25/2023 11:48:07 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (06/25/2023 10:45:35 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (06/24/2023 07:59:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (06/24/2023 07:59:51 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (06/24/2023 07:59:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (06/24/2023 07:59:27 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (06/26/2023 05:01:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Corel License Validation Service V2, Powered by arvato byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdaptiveSleepService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BTDevManager byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Autodesk Access Service Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2023-06-24 20:09:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {847E545A-5FAC-45F8-A8F2-11E7AEB82365}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-23 20:40:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {58560BD9-4160-40AF-B38C-011827FADBEF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-23 20:24:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {782DD836-B3B7-4017-AA0C-433342178933}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-09 19:04:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8AEDBD5D-A2CA-4076-8EDD-12D1A4625FDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-08 18:12:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6FD8BBD8-5F77-40E2-8BA4-B1BD517D1401}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-05-15 18:25:58
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1375.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
Date: 2023-05-10 22:31:27
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.705.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2023-05-02 17:21:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.2537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-05-02 17:21:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.2537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-05-02 17:21:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.2537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
CodeIntegrity:
===============
Date: 2023-06-26 13:44:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-23 12:49:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.21 11/17/2017
Motherboard: HP 8331
Processor: AMD A9-9420 RADEON R5, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 52%
Total physical RAM: 7645.68 MB
Available physical RAM: 3639.77 MB
Total Virtual: 9821.68 MB
Available Virtual: 5677.67 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:917.41 GB) (Free:271.66 GB) (Model: ST1000LM035-1RK172) NTFS
Drive d: (RECOVERY) (Fixed) (Total:12.87 GB) (Free:1.55 GB) (Model: ST1000LM035-1RK172) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{bea691ec-e3cd-4f5d-812d-76ea916c48a2}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{f1bf73fd-3897-4e3c-916a-416ec29d0a15}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7E2B67A8)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2023
Ran by lenny (administrator) on LAPTOP-RMV2J42J (HP HP Laptop 15-bw0xx) (26-06-2023 17:14:35)
Running from C:\Users\lenny\Downloads\FRST64.exe
Loaded Profiles: lenny
Platform: Microsoft Windows 10 Home Version 22H2 19045.3086 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707768 2022-03-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [589840 2022-07-13] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [3738160 2022-06-29] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [Microsoft Edge Update] => C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\MicrosoftEdgeUpdateCore.exe [263640 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\lenny\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [1996656 2023-03-14] (ZONER a.s. -> ZONER a.s.)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Run: [MicrosoftEdgeAutoLaunch_A63E3E2289A4932C53587DBDC515A86C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4113856 2023-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Policies\Explorer: []
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\MountPoints2: {0e7ac4db-e3e1-11eb-b213-80c5f2090282} - "F:\setup.exe"
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [110688 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lwn7: C:\WINDOWS\system32\hpz3lwn7.dll [45656 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [36176 2016-03-27] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider)
HKLM\Software\...\AppCompatFlags\Custom\BGMain.exe: [{94ca8f64-5aab-4151-9a1a-73cdb2faf787}.sdb] -> GOG.com Baldur's Gate
HKLM\Software\...\AppCompatFlags\InstalledSDB\{94ca8f64-5aab-4151-9a1a-73cdb2faf787}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{94ca8f64-5aab-4151-9a1a-73cdb2faf787}.sdb [2012-11-20]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.134\Installer\chrmstp.exe [2023-06-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10E3CA8F-73E3-482E-92AE-46D498F6F6AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\HPAudioSwitch" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-703552212-4080178173-21668911-1001" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1551696857" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\Zoner.Updater.S-1-5-21-703552212-4080178173-21668911-1001" /ENABLE
Task: {19B65696-AAEB-4C87-AABB-BFA22710F2C2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {19F419D7-EC23-48E0-B86B-DF09532705CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {328CA071-2DEF-43DD-B410-5061FFC708B4} - System32\Tasks\CCleanerSkipUAC - lenny => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {39B7BB94-0F6E-4D66-8AD1-4BCA7075C884} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {451BBCCE-0D5C-411C-85DD-A6853D3177C0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4D77ACFE-DA3F-460C-B920-6AB13A2F4197} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7CA0A71A-FD6C-4987-BCB3-64A213FB26E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7FE1CC50-5CC4-4DB9-8445-0B642332BACA} - System32\Tasks\Zoner.Updater.S-1-5-21-703552212-4080178173-21668911-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1615168 2023-03-16] (ZONER a.s. -> ZONER a.s.)
Task: {853265CA-6D9A-42A5-848C-181FDDB2AC5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CDD2AEA-0D6F-488B-B61B-4B5978802127} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001Core => C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9032AA64-0C75-437C-972D-9A2964E20A30} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "27ca5503-e686-49e3-8828-db4fd49e8f43" --version "6.13.10517" --silent
Task: {9E25265F-F677-4811-BF24-BF07F0C8D04E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0D893EE-9728-43E8-993C-2B5EEC26D3B8} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001UA => C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8FCED49-E280-4F96-9D9B-2CC1C58F6CF1} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [4036480 2023-06-06] (Easeware Technology Limited -> Easeware)
Task: {CA5AC25E-49B2-4607-9840-B9E8895ACC64} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
Task: {DED5398C-617A-4911-9E24-A47507A27017} - System32\Tasks\Opera scheduled Autoupdate 1538092358 => C:\Users\lenny\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {DF4258AB-B4A9-4219-9E0B-E1DC447A9381} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Task: {F1FD3101-2AA5-436B-8AA5-CC70C3B04509} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{6ae02b19-c4f1-453b-9cad-4455f4887d47}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{f872e33a-ee4c-4c9f-b663-4d0340d4ece4}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir:
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-26]
Edge HomePage: Default -> hxxp://qip.ru/
Edge Extension: (Save to Pocket) - C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jicacccodjjgmghnmekophahpmddeemd [2021-08-25]
Edge Extension: (Edge relevant text changes) - C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-06-15]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\lenny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-06-20]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\dtplugin\npDeployJava1.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\plugin2\npjp2.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default [2023-06-26]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://best.aliexpress.com; hxxps://cs.puntomarinero.com; hxxps://cz.pinterest.com; hxxps://doswinuba.com; hxxps://kfc.cz; hxxps://teams.microsoft.com; hxxps://www.4camping.cz; hxxps://www.booktook.cz; hxxps://www.daemon-tools.cc; hxxps://www.dailymail.co.uk; hxxps://www.em.muni.cz; hxxps://www.facebook.com; hxxps://www.freegamesdl.net; hxxps://www.iflirts.com; hxxps://www.luxor.cz; hxxps://www.reddit.com; hxxps://www.telecinco.es; hxxps://www.toonzshop.com; hxxps://www.wish.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Volume Booster) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkiikneibegknkgimmihdpcbcedgmpo [2022-05-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-23]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-06-14]
CHR Extension: (Volume Master - ovladač hlasitosti) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2023-03-16]
CHR Extension: (Save to Pocket) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR HKU\S-1-5-21-703552212-4080178173-21668911-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-703552212-4080178173-21668911-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
Opera:
=======
OPR Profile: C:\Users\lenny\AppData\Roaming\Opera Software\Opera Stable [2023-06-26]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\lenny\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-10]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1166352 2022-07-13] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-09-25] (Advanced Micro Devices, Inc. -> )
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [8485392 2022-07-21] (Autodesk, Inc. -> Autodesk, Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [73816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [153272 2019-02-21] (Letasoft LLC -> Letasoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-23] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-26 17:12 - 2023-06-26 17:12 - 000000000 ____D C:\Users\lenny\AppData\Local\AMD_Common
2023-06-26 17:11 - 2023-06-26 17:11 - 000000000 ____D C:\Users\lenny\AppData\Local\AMDSoftwareInstaller
2023-06-26 17:10 - 2023-06-26 17:10 - 045475472 _____ (AMD Inc.) C:\Users\lenny\Downloads\amd-software-adrenalin-edition-23.5.2-minimalsetup-230621_web.exe
2023-06-26 16:21 - 2023-06-26 16:21 - 008791352 _____ (Malwarebytes) C:\Users\lenny\Desktop\adwcleaner.exe
2023-06-26 01:42 - 2023-06-26 01:48 - 000053787 _____ C:\Users\lenny\Downloads\Addition.txt
2023-06-26 01:36 - 2023-06-26 17:19 - 000021676 _____ C:\Users\lenny\Downloads\FRST.txt
2023-06-26 01:34 - 2023-06-26 17:18 - 000000000 ____D C:\FRST
2023-06-26 01:30 - 2023-06-26 01:30 - 002383360 _____ (Farbar) C:\Users\lenny\Downloads\FRST64.exe
2023-06-24 00:40 - 2023-06-26 00:10 - 000000438 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2023-06-24 00:40 - 2023-06-24 00:40 - 000003912 _____ C:\WINDOWS\system32\Tasks\Driver Easy Scheduled Scan
2023-06-24 00:40 - 2023-06-24 00:40 - 000000979 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2023-06-24 00:40 - 2023-06-24 00:40 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Easeware
2023-06-24 00:40 - 2023-06-24 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2023-06-24 00:40 - 2023-06-24 00:40 - 000000000 ____D C:\Program Files\Easeware
2023-06-24 00:39 - 2023-06-24 00:39 - 005402688 _____ (Easeware ) C:\Users\lenny\Downloads\DriverEasy_Setup.exe
2023-06-19 20:28 - 2023-06-19 20:28 - 000001062 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2023-06-19 20:28 - 2023-06-19 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2023-06-19 20:21 - 2023-06-26 00:01 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2023-06-19 20:20 - 2023-06-19 20:20 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2023-06-19 20:14 - 2023-06-26 00:04 - 000000000 ____D C:\Users\lenny\AppData\Local\Battle.net
2023-06-19 20:14 - 2023-06-19 20:21 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Battle.net
2023-06-19 20:13 - 2023-06-19 20:13 - 000000932 _____ C:\Users\Public\Desktop\Battle.net.lnk
2023-06-19 20:13 - 2023-06-19 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2023-06-19 20:12 - 2023-06-19 20:20 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-06-19 20:10 - 2023-06-19 20:11 - 004887504 _____ (Blizzard Entertainment) C:\Users\lenny\Downloads\World-of-Warcraft-Setup (1).exe
2023-06-19 20:09 - 2023-06-19 20:10 - 000000000 ____D C:\ProgramData\Battle.net
2023-06-19 20:09 - 2023-06-19 20:09 - 004887504 _____ (Blizzard Entertainment) C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe
2023-06-18 16:24 - 2023-06-18 16:24 - 000000000 ___HD C:\$WinREAgent
2023-06-15 22:55 - 2023-06-15 22:55 - 000100686 _____ C:\Users\lenny\Desktop\1686842901 (1).jpeg
2023-06-13 21:26 - 2023-06-13 21:26 - 000033631 _____ C:\Users\lenny\Downloads\raya.and.the.last.dragon.(2021).eng.1cd.(8726204) (1).zip
2023-06-13 21:26 - 2023-06-13 21:26 - 000033629 _____ C:\Users\lenny\Downloads\raya.and.the.last.dragon.(2021).eng.1cd.(8726204).zip
2023-06-13 17:19 - 2023-06-13 20:24 - 3408263019 _____ C:\Users\lenny\Downloads\Raya and the Last Dragon (2021) [Cartoon] 1080p H264 DolbyD 5.1 ⛦ nickarad.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-26 17:20 - 2021-12-15 23:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-26 17:20 - 2018-02-22 20:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-26 17:11 - 2018-08-04 20:32 - 000000000 ____D C:\AMD
2023-06-26 17:04 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-26 17:01 - 2020-10-07 06:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-26 17:01 - 2020-10-07 04:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-26 17:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-06-26 16:59 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-06-26 16:59 - 2018-01-17 02:56 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2023-06-26 16:56 - 2021-06-30 15:35 - 000000000 ____D C:\Program Files\CCleaner
2023-06-26 16:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-06-26 16:52 - 2018-10-04 14:39 - 000000000 ____D C:\Users\lenny\AppData\Local\CrashDumps
2023-06-26 16:20 - 2020-10-07 04:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-26 01:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-26 01:04 - 2018-02-22 20:15 - 000000000 ____D C:\Users\lenny\AppData\Local\Packages
2023-06-26 00:57 - 2018-01-17 02:59 - 000000000 ____D C:\ProgramData\Realtek
2023-06-26 00:52 - 2020-10-07 04:25 - 000000000 ____D C:\Users\lenny
2023-06-26 00:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-26 00:36 - 2021-07-15 13:48 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Disc-Soft
2023-06-26 00:36 - 2021-07-15 13:46 - 000000000 ____D C:\ProgramData\Disc-Soft
2023-06-26 00:29 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-06-26 00:17 - 2023-05-14 20:22 - 000000000 ____D C:\Users\lenny\AppData\Local\Malwarebytes
2023-06-25 00:04 - 2018-02-22 21:44 - 000000000 ____D C:\Users\lenny\AppData\Roaming\Microsoft\Word
2023-06-24 19:21 - 2023-01-17 19:15 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-06-24 19:21 - 2020-12-27 16:03 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-23 19:31 - 2018-03-25 10:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-22 15:23 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-06-22 14:57 - 2020-10-07 04:47 - 001840828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-22 14:57 - 2019-12-07 16:41 - 000766546 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-22 14:57 - 2019-12-07 16:41 - 000170290 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-21 19:21 - 2021-06-30 15:36 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-06-21 18:44 - 2020-10-07 04:17 - 000781800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-21 18:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-06-21 18:28 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-21 18:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-21 18:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-19 20:10 - 2018-09-29 11:24 - 000000000 ____D C:\Users\lenny\AppData\Local\Blizzard Entertainment
2023-06-18 20:14 - 2018-02-22 20:39 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-18 20:14 - 2018-02-22 20:39 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-06-18 17:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-18 15:25 - 2018-02-23 19:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-17 23:56 - 2018-02-23 19:31 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-17 21:59 - 2022-10-21 11:39 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-17 21:39 - 2020-10-07 04:24 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-16 17:52 - 2017-09-29 15:46 - 000000199 _____ C:\WINDOWS\win.ini
2023-06-15 23:20 - 2018-09-28 01:51 - 000000000 ____D C:\Users\lenny\AppData\Roaming\uTorrent
2023-06-15 23:13 - 2020-11-21 23:39 - 000000000 ____D C:\WINDOWS\Minidump
2023-06-15 23:09 - 2022-08-02 18:16 - 000000000 ____D C:\Users\lenny\Desktop\Promoce já FB
2023-06-15 22:48 - 2018-06-04 14:27 - 000000000 ____D C:\Users\lenny\Desktop\Ostatní
2023-06-15 22:46 - 2022-09-20 00:42 - 000000000 ____D C:\Users\lenny\Desktop\Práce e-maily
2023-06-15 22:45 - 2022-08-16 18:21 - 000000000 ____D C:\Users\lenny\Desktop\Techgeo
2023-06-15 22:40 - 2020-11-14 20:44 - 000000000 ____D C:\filmy
2023-06-15 20:15 - 2020-10-07 06:00 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-06-15 20:15 - 2020-10-07 06:00 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-06-14 19:18 - 2022-11-15 13:12 - 000003470 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-06-14 19:14 - 2020-12-27 16:03 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-14 19:14 - 2020-12-27 16:03 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-13 17:00 - 2022-06-19 21:07 - 000003892 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001UA
2023-06-13 17:00 - 2022-06-19 21:07 - 000003828 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-703552212-4080178173-21668911-1001Core
2023-06-06 23:33 - 2019-03-17 23:10 - 000000000 ____D C:\Users\lenny\AppData\Local\BitTorrentHelper
2023-06-06 19:09 - 2022-09-18 22:07 - 000000000 ____D C:\ProgramData\Autodesk
2023-05-28 14:08 - 2020-08-23 17:31 - 000000000 ____D C:\ProgramData\Zoner
==================== Files in the root of some directories ========
2020-08-23 16:59 - 2020-08-23 20:22 - 000003584 _____ () C:\Users\lenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-22 09:02 - 2018-08-22 09:02 - 000000017 _____ () C:\Users\lenny\AppData\Local\resmon.resmoncfg
2020-06-18 15:24 - 2020-06-18 15:24 - 000000000 _____ () C:\Users\lenny\AppData\Local\{3FBF0BF9-3563-4637-B2A1-4CB9CFC05CD8}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2023
Ran by lenny (26-06-2023 17:23:04)
Running from C:\Users\lenny\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3086 (X64) (2020-10-07 04:06:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-703552212-4080178173-21668911-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-703552212-4080178173-21668911-503 - Limited - Disabled)
Guest (S-1-5-21-703552212-4080178173-21668911-501 - Limited - Disabled)
lenny (S-1-5-21-703552212-4080178173-21668911-1001 - Administrator - Enabled) => C:\Users\lenny
WDAGUtilityAccount (S-1-5-21-703552212-4080178173-21668911-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\uTorrent) (Version: 3.6.0.46812 - BitTorrent Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\{F216C14C-7D19-DD58-9E00-795CFF488E4C}) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AutoCAD 2021 – Čeština (Czech) (HKLM\...\{28B89EEF-4101-0405-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
AutoCAD Open in Desktop (HKLM\...\{2B8E195A-0082-4B8F-9284-0FCCB6017C23}) (Version: 1.0.26.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{4EF1F1D4-E74F-45A8-AF89-95907847D484}) (Version: 3.3.0 - Autodesk)
Autodesk AutoCAD 2021 – Čeština (Czech) (HKLM\...\AutoCAD 2021 – Čeština (Czech)) (Version: 24.0.47.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.12 (HKLM-x32\...\{293C8AB2-59FA-4C6E-A707-EE7457D8F567}) (Version: 1.3.12.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{3F9E7D4B-C2ED-48C6-ABB1-F7611724ACD9}) (Version: 5.0.0.134 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library 2023 (HKLM-x32\...\{8E133591-B0FD-4DB0-B60E-FB593CAF72B0}) (Version: 21.0.1.1 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2023 (HKLM-x32\...\{3B564A94-BA47-4E42-ACD6-B5C35291210B}) (Version: 21.0.1.1 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{88003D19-C1C3-402D-A162-42D9B924266C}) (Version: 13.3.3.1803 - Autodesk)
Baldur's Gate - The Original Saga (HKLM-x32\...\GOGPACKBALDURSGATE1_is1) (Version: 2.0.0.20 - GOG.com)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\1207666353_is1) (Version: 2.6.6.0 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1090 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 6.13 - Piriform)
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
Driver Easy 5.8.1 (HKLM\...\DriverEasy_is1) (Version: 5.8.1 - Easeware)
GOG.com Baldur's Gate (HKLM\...\{94ca8f64-5aab-4151-9a1a-73cdb2faf787}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.134 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Registration Service (HKLM-x32\...\{EBF2C31B-E9A1-4929-BE35-6EBECF286110}) (Version: 1.0.0.30 - HP Inc.) Hidden
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 331 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180331F0}) (Version: 8.0.3310.9 - Oracle Corporation)
Kokeš 13.18.100649 "C:\KOKES_13_18\" (HKLM-x32\...\Kokeš_0) (Version: - )
Kokeš 13.18.100649 "C:\KOKES_13_18\" (HKLM-x32\...\Kokeš_1) (Version: - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Letasoft Sound Booster 1.11.0.514 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.514 - Letasoft LLC)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.32 - Shared Framework (x64) (HKLM-x32\...\{65fddc17-d55b-46b7-a750-5c179fef3d81}) (Version: 3.1.32.22566 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.32 Shared Framework (x64) (HKLM\...\{2E69E59E-17DF-3977-A405-49096F8B8432}) (Version: 3.1.32.22566 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2016 (HKLM-x32\...\{90160000-0016-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM-x32\...\{90160000-00BA-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2016 (HKLM\...\{90160000-002A-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E2-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM-x32\...\{90160000-002C-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM-x32\...\{90160000-001F-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2016 (HKLM\...\{90160000-002A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM-x32\...\{90160000-006E-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM-x32\...\{90160000-00A1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM-x32\...\{90160000-001A-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM-x32\...\{90160000-0018-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM-x32\...\{90160000-0019-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 x64 Hosting Support (HKLM\...\{10AB056B-1B8C-3E9E-95CC-43C33EB88513}) (Version: 15.0.26717 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 x86 Hosting Support (HKLM-x32\...\{AB46A6EF-12D2-3146-A38D-1D6FF1AFFF69}) (Version: 15.0.26717 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2016 (HKLM-x32\...\{90160000-001B-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Movavi Screen Recorder 21 (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Movavi Screen Recorder 21) (Version: 21.2.0 - Movavi)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Název společnosti:)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 12.0 - PlotSoft LLC)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.5.0.17 - Autodesk)
Processing Modflow 8 (HKLM-x32\...\Processing Modflow 8) (Version: 8.0.47 - Simcore Software)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.79 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.21.811.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.104 - REALTEK Semiconductor Corp.)
Speciální aplikace Autodesk (HKLM-x32\...\{DE8DA5A8-C311-4F2B-B1C3-27A8BC154154}) (Version: 3.3.0 - Autodesk)
StepMania 3.9 (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
The Elder Scrolls V Skyrim Special Edition (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{5AB49421-ADA1-4512-9E47-0AE9906F6A28}) (Version: 3.0.30 - Autodesk)
Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}_Office16.STANDARD_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.STANDARD_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoner Photo Studio X CS (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\ZPS X) (Version: 19.2209.2.437 - ZONER a.s.)
Zoom (HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-06-11] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.16501.20210.0_x86__8wekyb3d8bbwe [2023-06-24] (Microsoft Corporation)
PDF Reader Editor Elf -> C:\Program Files\WindowsApps\42742filesuite.PDFreaderforadobeacrobat_1.0.30.0_x64__1cyam58dzt1cw [2023-01-24] (PDF reader apps)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\lenny\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2023\cs-CZ\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-25] (Advanced Micro Devices, Inc.) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\StepMania Web Site.lnk -> hxxp://www.stepmania.com
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe:MBAM.Zone.Identifier [124]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-703552212-4080178173-21668911-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {461158B0-AA99-4A0D-B7DD-AB98AA90F07B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {461158B0-AA99-4A0D-B7DD-AB98AA90F07B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-703552212-4080178173-21668911-1001 -> {461158B0-AA99-4A0D-B7DD-AB98AA90F07B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_331\bin\ssv.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_331\bin\jp2ssv.dll [2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2019-01-12 14:27 - 000000838 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Simcore\PM8\pest;C:\Program Files\PM8\pest;C:\Program Files\dotnet\
HKU\S-1-5-21-703552212-4080178173-21668911-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "RtlS5Wake"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A63E3E2289A4932C53587DBDC515A86C"
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1225B0F1-B801-468E-9F9D-DB55A266BCEA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13231.20262.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2502B8D4-725A-40C4-9E60-0B12806135A1}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [TCP Query User{8392E14A-A179-49E0-8B62-26F064E9DBE2}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [UDP Query User{2D887E38-E06B-4B14-B234-2EEB1DF6AA00}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{9B762E56-A721-453B-878E-753B9F3ECF4D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{98FA161F-9C9A-46A2-82E9-7723AC084E95}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{D665E8C1-5635-48B1-A81F-6310450F8E7D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [{EE1C50DD-6891-4EF2-9595-5F7DEB23E7D4}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [{8B4B0917-3B66-48AC-AD5E-3A54C83E49EE}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{4D594A63-028E-4A40-9650-EFFEA97C4797}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{021E4D3E-323B-4B3A-ADD9-AC6DC75D794E}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{FDF6A9E2-EA4E-4028-AED2-8F3F8FDD74AA}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{2E96A1B9-6AE1-4FFA-8899-CA00815AF9BC}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{47FA4C58-FE5D-4B1C-9772-5F281FBB03A0}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{9AFBB99D-9AD9-4063-9CA7-2AB645125C96}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{841FE14A-5C48-4E3F-8733-66469897364E}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{03821B57-7F15-4EC9-A56B-E5E7D6C584A3}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{D41603DF-2B9C-44A2-BB65-63EE11089B54}] => (Allow) C:\Users\lenny\AppData\Local\Programs\Opera\56.0.3051.31\opera.exe => No File
FirewallRules: [TCP Query User{F5503B2E-F461-4141-9CAB-FCD696B4E8FB}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{70DB10DD-480E-4F85-AC61-84F9EC95F2BE}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{79DF1183-C4ED-4466-A4A4-AB18203160FF}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{0D94B33E-A8B3-4ED2-9329-79312443AD66}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{D683CB8F-34DF-40B8-9011-E594D804985E}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{15468984-DC86-41F6-8B01-F33F66BDC729}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{00D8BCD7-37A1-4938-8B1B-B94035A4EDE9}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{803792EC-6A31-4B02-B040-6DC04F8F7734}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{8A374F34-511F-46FA-BB2A-76B2CC8C0C44}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{A3EAAA48-35C2-4FF2-AFC0-85367E97B740}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{416A0A7A-4FAF-45C3-8EE4-F42FCCD453B5}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{320B97A4-7DB1-4040-882A-BD411F0099B7}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{ECE0A9B5-0747-4435-9418-C777CC21DE87}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [UDP Query User{B1FE4DB4-E7C0-425F-88FE-F65878AA41E1}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [TCP Query User{D56EB27B-8BC0-425B-B325-E9C6CFFEC240}C:\hry\stepmania 5\program\stepmania.exe] => (Allow) C:\hry\stepmania 5\program\stepmania.exe (StepMania Team hxxp://www.stepmania.com/) [File not signed]
FirewallRules: [UDP Query User{BBBB9102-1609-413A-92D2-45DD8CF21454}C:\hry\stepmania 5\program\stepmania.exe] => (Allow) C:\hry\stepmania 5\program\stepmania.exe (StepMania Team hxxp://www.stepmania.com/) [File not signed]
FirewallRules: [{85F81A3F-4E8F-4478-A47B-187E9B2A61A9}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C07DF7A0-CB4A-49EA-8755-FE12A84B0300}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{E3BD1CAB-E8AE-4957-857D-CD1E034BA2AC}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{1265EE5E-4A56-4F9D-8B8B-5844A627F891}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C50FEC11-2139-478E-A6CC-767144103920}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A4D494E-2DEA-468E-9223-75D7BB986672}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9057F62E-C805-40C4-BA52-A6FBAE123721}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8FA6D8B4-BB32-4D6B-8529-24BBE1696AC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{61E01EB2-8D71-41BB-B78A-1018FA52CC5B}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{47E8FE91-2B22-4CC9-899D-8CFEDE304784}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
18-06-2023 16:27:09 Instalační služba modulů systému Windows
26-06-2023 00:50:32 Removed Microsoft Silverlight
26-06-2023 01:07:14 Removed Ghostscript GPL 8.64 (Msi Setup).
26-06-2023 01:13:16 Removed Corel Graphics - Windows Shell Extension.
26-06-2023 01:16:13 Removed Corel Graphics - Windows Shell Extension 32 Bit Keys.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/25/2023 11:53:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2023.10030.27002.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 5038
Čas spuštění: 01d9a7483b8c2f84
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10030.27002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: ba653371-34da-4bd8-9a26-8db9b46ab59b
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2023.10030.27002.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (06/25/2023 11:49:32 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (06/25/2023 11:48:07 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (06/25/2023 10:45:35 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (06/24/2023 07:59:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (06/24/2023 07:59:51 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (06/24/2023 07:59:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (06/24/2023 07:59:27 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (7816,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\lenny\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (06/26/2023 05:01:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Corel License Validation Service V2, Powered by arvato byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdaptiveSleepService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BTDevManager byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/26/2023 04:25:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Autodesk Access Service Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2023-06-24 20:09:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {847E545A-5FAC-45F8-A8F2-11E7AEB82365}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-23 20:40:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {58560BD9-4160-40AF-B38C-011827FADBEF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-23 20:24:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {782DD836-B3B7-4017-AA0C-433342178933}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-09 19:04:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8AEDBD5D-A2CA-4076-8EDD-12D1A4625FDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-08 18:12:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6FD8BBD8-5F77-40E2-8BA4-B1BD517D1401}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-05-15 18:25:58
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1375.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
Date: 2023-05-10 22:31:27
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.705.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2023-05-02 17:21:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.2537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-05-02 17:21:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.2537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-05-02 17:21:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.2537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
CodeIntegrity:
===============
Date: 2023-06-26 13:44:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-23 12:49:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.21 11/17/2017
Motherboard: HP 8331
Processor: AMD A9-9420 RADEON R5, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 52%
Total physical RAM: 7645.68 MB
Available physical RAM: 3639.77 MB
Total Virtual: 9821.68 MB
Available Virtual: 5677.67 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:917.41 GB) (Free:271.66 GB) (Model: ST1000LM035-1RK172) NTFS
Drive d: (RECOVERY) (Fixed) (Total:12.87 GB) (Free:1.55 GB) (Model: ST1000LM035-1RK172) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{bea691ec-e3cd-4f5d-812d-76ea916c48a2}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{f1bf73fd-3897-4e3c-916a-416ec29d0a15}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7E2B67A8)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, počítač tak zasekaný že se skoro nedá používat
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\lenny\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707768 2022-03-10] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Policies\Explorer: []
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\MountPoints2: {0e7ac4db-e3e1-11eb-b213-80c5f2090282} - "F:\setup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {10E3CA8F-73E3-482E-92AE-46D498F6F6AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Task: {CA5AC25E-49B2-4607-9840-B9E8895ACC64} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
Task: {DED5398C-617A-4911-9E24-A47507A27017} - System32\Tasks\Opera scheduled Autoupdate 1538092358 => C:\Users\lenny\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {DF4258AB-B4A9-4219-9E0B-E1DC447A9381} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\lenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\lenny\AppData\Local\{3FBF0BF9-3563-4637-B2A1-4CB9CFC05CD8}
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2023\cs-CZ\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe:MBAM.Zone.Identifier [124]
FirewallRules: [UDP Query User{2502B8D4-725A-40C4-9E60-0B12806135A1}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [TCP Query User{8392E14A-A179-49E0-8B62-26F064E9DBE2}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [UDP Query User{2D887E38-E06B-4B14-B234-2EEB1DF6AA00}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{9B762E56-A721-453B-878E-753B9F3ECF4D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{98FA161F-9C9A-46A2-82E9-7723AC084E95}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{D665E8C1-5635-48B1-A81F-6310450F8E7D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [{EE1C50DD-6891-4EF2-9595-5F7DEB23E7D4}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [{8B4B0917-3B66-48AC-AD5E-3A54C83E49EE}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{4D594A63-028E-4A40-9650-EFFEA97C4797}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{021E4D3E-323B-4B3A-ADD9-AC6DC75D794E}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{FDF6A9E2-EA4E-4028-AED2-8F3F8FDD74AA}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{2E96A1B9-6AE1-4FFA-8899-CA00815AF9BC}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{47FA4C58-FE5D-4B1C-9772-5F281FBB03A0}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{9AFBB99D-9AD9-4063-9CA7-2AB645125C96}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{841FE14A-5C48-4E3F-8733-66469897364E}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{03821B57-7F15-4EC9-A56B-E5E7D6C584A3}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{D41603DF-2B9C-44A2-BB65-63EE11089B54}] => (Allow) C:\Users\lenny\AppData\Local\Programs\Opera\56.0.3051.31\opera.exe => No File
FirewallRules: [TCP Query User{F5503B2E-F461-4141-9CAB-FCD696B4E8FB}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{70DB10DD-480E-4F85-AC61-84F9EC95F2BE}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{79DF1183-C4ED-4466-A4A4-AB18203160FF}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{0D94B33E-A8B3-4ED2-9329-79312443AD66}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{D683CB8F-34DF-40B8-9011-E594D804985E}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{15468984-DC86-41F6-8B01-F33F66BDC729}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{00D8BCD7-37A1-4938-8B1B-B94035A4EDE9}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{803792EC-6A31-4B02-B040-6DC04F8F7734}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{8A374F34-511F-46FA-BB2A-76B2CC8C0C44}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{A3EAAA48-35C2-4FF2-AFC0-85367E97B740}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{416A0A7A-4FAF-45C3-8EE4-F42FCCD453B5}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{320B97A4-7DB1-4040-882A-BD411F0099B7}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{ECE0A9B5-0747-4435-9418-C777CC21DE87}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [UDP Query User{B1FE4DB4-E7C0-425F-88FE-F65878AA41E1}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [{C07DF7A0-CB4A-49EA-8755-FE12A84B0300}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{E3BD1CAB-E8AE-4957-857D-CD1E034BA2AC}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu, počítač tak zasekaný že se skoro nedá používat
Díky, Fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-06-2023
Ran by lenny (26-06-2023 18:44:53) Run:1
Running from C:\Users\lenny\Desktop
Loaded Profiles: lenny
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707768 2022-03-10] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Policies\Explorer: []
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\MountPoints2: {0e7ac4db-e3e1-11eb-b213-80c5f2090282} - "F:\setup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {10E3CA8F-73E3-482E-92AE-46D498F6F6AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Task: {CA5AC25E-49B2-4607-9840-B9E8895ACC64} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
Task: {DED5398C-617A-4911-9E24-A47507A27017} - System32\Tasks\Opera scheduled Autoupdate 1538092358 => C:\Users\lenny\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {DF4258AB-B4A9-4219-9E0B-E1DC447A9381} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\lenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\lenny\AppData\Local\{3FBF0BF9-3563-4637-B2A1-4CB9CFC05CD8}
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2023\cs-CZ\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe:MBAM.Zone.Identifier [124]
FirewallRules: [UDP Query User{2502B8D4-725A-40C4-9E60-0B12806135A1}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [TCP Query User{8392E14A-A179-49E0-8B62-26F064E9DBE2}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [UDP Query User{2D887E38-E06B-4B14-B234-2EEB1DF6AA00}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{9B762E56-A721-453B-878E-753B9F3ECF4D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{98FA161F-9C9A-46A2-82E9-7723AC084E95}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{D665E8C1-5635-48B1-A81F-6310450F8E7D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [{EE1C50DD-6891-4EF2-9595-5F7DEB23E7D4}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [{8B4B0917-3B66-48AC-AD5E-3A54C83E49EE}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{4D594A63-028E-4A40-9650-EFFEA97C4797}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{021E4D3E-323B-4B3A-ADD9-AC6DC75D794E}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{FDF6A9E2-EA4E-4028-AED2-8F3F8FDD74AA}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{2E96A1B9-6AE1-4FFA-8899-CA00815AF9BC}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{47FA4C58-FE5D-4B1C-9772-5F281FBB03A0}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{9AFBB99D-9AD9-4063-9CA7-2AB645125C96}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{841FE14A-5C48-4E3F-8733-66469897364E}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{03821B57-7F15-4EC9-A56B-E5E7D6C584A3}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{D41603DF-2B9C-44A2-BB65-63EE11089B54}] => (Allow) C:\Users\lenny\AppData\Local\Programs\Opera\56.0.3051.31\opera.exe => No File
FirewallRules: [TCP Query User{F5503B2E-F461-4141-9CAB-FCD696B4E8FB}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{70DB10DD-480E-4F85-AC61-84F9EC95F2BE}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{79DF1183-C4ED-4466-A4A4-AB18203160FF}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{0D94B33E-A8B3-4ED2-9329-79312443AD66}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{D683CB8F-34DF-40B8-9011-E594D804985E}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{15468984-DC86-41F6-8B01-F33F66BDC729}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{00D8BCD7-37A1-4938-8B1B-B94035A4EDE9}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{803792EC-6A31-4B02-B040-6DC04F8F7734}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{8A374F34-511F-46FA-BB2A-76B2CC8C0C44}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{A3EAAA48-35C2-4FF2-AFC0-85367E97B740}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{416A0A7A-4FAF-45C3-8EE4-F42FCCD453B5}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{320B97A4-7DB1-4040-882A-BD411F0099B7}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{ECE0A9B5-0747-4435-9418-C777CC21DE87}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [UDP Query User{B1FE4DB4-E7C0-425F-88FE-F65878AA41E1}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [{C07DF7A0-CB4A-49EA-8755-FE12A84B0300}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{E3BD1CAB-E8AE-4957-857D-CD1E034BA2AC}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-703552212-4080178173-21668911-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0e7ac4db-e3e1-11eb-b213-80c5f2090282} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10E3CA8F-73E3-482E-92AE-46D498F6F6AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10E3CA8F-73E3-482E-92AE-46D498F6F6AD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA5AC25E-49B2-4607-9840-B9E8895ACC64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA5AC25E-49B2-4607-9840-B9E8895ACC64}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office 15 Subscription Heartbeat" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DED5398C-617A-4911-9E24-A47507A27017}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DED5398C-617A-4911-9E24-A47507A27017}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1538092358 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1538092358" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF4258AB-B4A9-4219-9E0B-E1DC447A9381}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF4258AB-B4A9-4219-9E0B-E1DC447A9381}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\lenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\lenny\AppData\Local\{3FBF0BF9-3563-4637-B2A1-4CB9CFC05CD8} => moved successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe => ":MBAM.Zone.Identifier" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2502B8D4-725A-40C4-9E60-0B12806135A1}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8392E14A-A179-49E0-8B62-26F064E9DBE2}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2D887E38-E06B-4B14-B234-2EEB1DF6AA00}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9B762E56-A721-453B-878E-753B9F3ECF4D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{98FA161F-9C9A-46A2-82E9-7723AC084E95}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D665E8C1-5635-48B1-A81F-6310450F8E7D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE1C50DD-6891-4EF2-9595-5F7DEB23E7D4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B4B0917-3B66-48AC-AD5E-3A54C83E49EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4D594A63-028E-4A40-9650-EFFEA97C4797}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{021E4D3E-323B-4B3A-ADD9-AC6DC75D794E}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FDF6A9E2-EA4E-4028-AED2-8F3F8FDD74AA}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2E96A1B9-6AE1-4FFA-8899-CA00815AF9BC}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{47FA4C58-FE5D-4B1C-9772-5F281FBB03A0}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9AFBB99D-9AD9-4063-9CA7-2AB645125C96}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{841FE14A-5C48-4E3F-8733-66469897364E}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{03821B57-7F15-4EC9-A56B-E5E7D6C584A3}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D41603DF-2B9C-44A2-BB65-63EE11089B54}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F5503B2E-F461-4141-9CAB-FCD696B4E8FB}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{70DB10DD-480E-4F85-AC61-84F9EC95F2BE}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{79DF1183-C4ED-4466-A4A4-AB18203160FF}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0D94B33E-A8B3-4ED2-9329-79312443AD66}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D683CB8F-34DF-40B8-9011-E594D804985E}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{15468984-DC86-41F6-8B01-F33F66BDC729}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00D8BCD7-37A1-4938-8B1B-B94035A4EDE9}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{803792EC-6A31-4B02-B040-6DC04F8F7734}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8A374F34-511F-46FA-BB2A-76B2CC8C0C44}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3EAAA48-35C2-4FF2-AFC0-85367E97B740}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{416A0A7A-4FAF-45C3-8EE4-F42FCCD453B5}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{320B97A4-7DB1-4040-882A-BD411F0099B7}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ECE0A9B5-0747-4435-9418-C777CC21DE87}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B1FE4DB4-E7C0-425F-88FE-F65878AA41E1}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C07DF7A0-CB4A-49EA-8755-FE12A84B0300}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3BD1CAB-E8AE-4957-857D-CD1E034BA2AC}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15811569 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 60302 B
Windows/system/drivers => 9938897 B
Edge => 29197 B
Chrome => 27693832 B
Firefox => 0 B
Opera => 5200236 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 3586560 B
NetworkService => 180589664 B
lenny => 418697053 B
RecycleBin => 45475472 B
EmptyTemp: => 675.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:48:44 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-06-2023
Ran by lenny (26-06-2023 18:44:53) Run:1
Running from C:\Users\lenny\Desktop
Loaded Profiles: lenny
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707768 2022-03-10] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\Policies\Explorer: []
HKU\S-1-5-21-703552212-4080178173-21668911-1001\...\MountPoints2: {0e7ac4db-e3e1-11eb-b213-80c5f2090282} - "F:\setup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {10E3CA8F-73E3-482E-92AE-46D498F6F6AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Task: {CA5AC25E-49B2-4607-9840-B9E8895ACC64} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
Task: {DED5398C-617A-4911-9E24-A47507A27017} - System32\Tasks\Opera scheduled Autoupdate 1538092358 => C:\Users\lenny\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {DF4258AB-B4A9-4219-9E0B-E1DC447A9381} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-02-22] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\lenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\lenny\AppData\Local\{3FBF0BF9-3563-4637-B2A1-4CB9CFC05CD8}
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2023\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2023\cs-CZ\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\lenny\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe:MBAM.Zone.Identifier [124]
FirewallRules: [UDP Query User{2502B8D4-725A-40C4-9E60-0B12806135A1}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [TCP Query User{8392E14A-A179-49E0-8B62-26F064E9DBE2}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [UDP Query User{2D887E38-E06B-4B14-B234-2EEB1DF6AA00}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [TCP Query User{9B762E56-A721-453B-878E-753B9F3ECF4D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe => No File
FirewallRules: [UDP Query User{98FA161F-9C9A-46A2-82E9-7723AC084E95}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{D665E8C1-5635-48B1-A81F-6310450F8E7D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [{EE1C50DD-6891-4EF2-9595-5F7DEB23E7D4}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [{8B4B0917-3B66-48AC-AD5E-3A54C83E49EE}] => (Block) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{4D594A63-028E-4A40-9650-EFFEA97C4797}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{021E4D3E-323B-4B3A-ADD9-AC6DC75D794E}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{FDF6A9E2-EA4E-4028-AED2-8F3F8FDD74AA}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{2E96A1B9-6AE1-4FFA-8899-CA00815AF9BC}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{47FA4C58-FE5D-4B1C-9772-5F281FBB03A0}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{9AFBB99D-9AD9-4063-9CA7-2AB645125C96}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [TCP Query User{841FE14A-5C48-4E3F-8733-66469897364E}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{03821B57-7F15-4EC9-A56B-E5E7D6C584A3}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\lenny\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{D41603DF-2B9C-44A2-BB65-63EE11089B54}] => (Allow) C:\Users\lenny\AppData\Local\Programs\Opera\56.0.3051.31\opera.exe => No File
FirewallRules: [TCP Query User{F5503B2E-F461-4141-9CAB-FCD696B4E8FB}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{70DB10DD-480E-4F85-AC61-84F9EC95F2BE}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{79DF1183-C4ED-4466-A4A4-AB18203160FF}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{0D94B33E-A8B3-4ED2-9329-79312443AD66}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{D683CB8F-34DF-40B8-9011-E594D804985E}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{15468984-DC86-41F6-8B01-F33F66BDC729}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{00D8BCD7-37A1-4938-8B1B-B94035A4EDE9}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{803792EC-6A31-4B02-B040-6DC04F8F7734}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{8A374F34-511F-46FA-BB2A-76B2CC8C0C44}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{A3EAAA48-35C2-4FF2-AFC0-85367E97B740}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{416A0A7A-4FAF-45C3-8EE4-F42FCCD453B5}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{320B97A4-7DB1-4040-882A-BD411F0099B7}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{ECE0A9B5-0747-4435-9418-C777CC21DE87}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [UDP Query User{B1FE4DB4-E7C0-425F-88FE-F65878AA41E1}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe] => (Block) C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe => No File
FirewallRules: [{C07DF7A0-CB4A-49EA-8755-FE12A84B0300}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{E3BD1CAB-E8AE-4957-857D-CD1E034BA2AC}] => (Allow) C:\Users\lenny\AppData\Roaming\Zoom\bin\airhost.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-703552212-4080178173-21668911-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0e7ac4db-e3e1-11eb-b213-80c5f2090282} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10E3CA8F-73E3-482E-92AE-46D498F6F6AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10E3CA8F-73E3-482E-92AE-46D498F6F6AD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA5AC25E-49B2-4607-9840-B9E8895ACC64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA5AC25E-49B2-4607-9840-B9E8895ACC64}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office 15 Subscription Heartbeat" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DED5398C-617A-4911-9E24-A47507A27017}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DED5398C-617A-4911-9E24-A47507A27017}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1538092358 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1538092358" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF4258AB-B4A9-4219-9E0B-E1DC447A9381}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF4258AB-B4A9-4219-9E0B-E1DC447A9381}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\lenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\lenny\AppData\Local\{3FBF0BF9-3563-4637-B2A1-4CB9CFC05CD8} => moved successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2} => removed successfully
HKU\S-1-5-21-703552212-4080178173-21668911-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
C:\Users\lenny\Downloads\World-of-Warcraft-Setup.exe => ":MBAM.Zone.Identifier" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2502B8D4-725A-40C4-9E60-0B12806135A1}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8392E14A-A179-49E0-8B62-26F064E9DBE2}C:\users\lenny\appdata\local\programs\opera\70.0.3728.119\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2D887E38-E06B-4B14-B234-2EEB1DF6AA00}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9B762E56-A721-453B-878E-753B9F3ECF4D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.103\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{98FA161F-9C9A-46A2-82E9-7723AC084E95}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D665E8C1-5635-48B1-A81F-6310450F8E7D}C:\users\lenny\appdata\local\programs\opera\66.0.3515.72\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE1C50DD-6891-4EF2-9595-5F7DEB23E7D4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B4B0917-3B66-48AC-AD5E-3A54C83E49EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4D594A63-028E-4A40-9650-EFFEA97C4797}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{021E4D3E-323B-4B3A-ADD9-AC6DC75D794E}C:\users\lenny\appdata\local\programs\opera\66.0.3515.44\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FDF6A9E2-EA4E-4028-AED2-8F3F8FDD74AA}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2E96A1B9-6AE1-4FFA-8899-CA00815AF9BC}C:\users\lenny\appdata\local\programs\opera\65.0.3467.78\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{47FA4C58-FE5D-4B1C-9772-5F281FBB03A0}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9AFBB99D-9AD9-4063-9CA7-2AB645125C96}C:\users\lenny\appdata\local\programs\opera\65.0.3467.48\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{841FE14A-5C48-4E3F-8733-66469897364E}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{03821B57-7F15-4EC9-A56B-E5E7D6C584A3}C:\users\lenny\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D41603DF-2B9C-44A2-BB65-63EE11089B54}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F5503B2E-F461-4141-9CAB-FCD696B4E8FB}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{70DB10DD-480E-4F85-AC61-84F9EC95F2BE}C:\users\lenny\appdata\local\programs\opera\70.0.3728.178\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{79DF1183-C4ED-4466-A4A4-AB18203160FF}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0D94B33E-A8B3-4ED2-9329-79312443AD66}C:\users\lenny\appdata\local\programs\opera\71.0.3770.271\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D683CB8F-34DF-40B8-9011-E594D804985E}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{15468984-DC86-41F6-8B01-F33F66BDC729}C:\users\lenny\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00D8BCD7-37A1-4938-8B1B-B94035A4EDE9}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{803792EC-6A31-4B02-B040-6DC04F8F7734}C:\users\lenny\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8A374F34-511F-46FA-BB2A-76B2CC8C0C44}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3EAAA48-35C2-4FF2-AFC0-85367E97B740}C:\users\lenny\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{416A0A7A-4FAF-45C3-8EE4-F42FCCD453B5}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{320B97A4-7DB1-4040-882A-BD411F0099B7}C:\users\lenny\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ECE0A9B5-0747-4435-9418-C777CC21DE87}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B1FE4DB4-E7C0-425F-88FE-F65878AA41E1}C:\hry\subnautica\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnautica.below.zero.v43067\subnauticazero.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C07DF7A0-CB4A-49EA-8755-FE12A84B0300}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3BD1CAB-E8AE-4957-857D-CD1E034BA2AC}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15811569 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 60302 B
Windows/system/drivers => 9938897 B
Edge => 29197 B
Chrome => 27693832 B
Firefox => 0 B
Opera => 5200236 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 3586560 B
NetworkService => 180589664 B
lenny => 418697053 B
RecycleBin => 45475472 B
EmptyTemp: => 675.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:48:44 ====
-
Rudy
- Site Admin
- Příspěvky: 118309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, počítač tak zasekaný že se skoro nedá používat
Smazáno. Zlepšil se chod?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?