Posílám log z HijackThis Vyřešeno

[jaro3]

Tak to udělej v nouzovém režimu. Ono taky můžeš mít ten antivir infikovanej.
Nebo to zatím nech.

udělej nejprve tohle:

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Reklama]

[bruno]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by broni (Administrator) on st 21. 05. 2025 at 7:37:51,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0


user_pref(browser.search.totalSearches, 4);



Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 21. 05. 2025 at 7:39:24,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[bruno]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by broni (Administrator) on st 21. 05. 2025 at 7:37:51,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0


user_pref(browser.search.totalSearches, 4);



Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 21. 05. 2025 at 7:39:24,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[bruno]

neviem ako dalej,prosm pomož mi

[jaro3]

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[bruno]

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-05-2025
Ran by broni (21-05-2025 15:24:13)
Running from C:\Users\broni\OneDrive\Počítač
Microsoft Windows 11 Home Version 24H2 26100.4061 (X64) (2024-12-26 22:53:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3112672562-2960968610-587266201-500 - Administrator - Disabled)
broni (S-1-5-21-3112672562-2960968610-587266201-1001 - Administrator - Enabled) => C:\Users\broni
DefaultAccount (S-1-5-21-3112672562-2960968610-587266201-503 - Limited - Disabled)
Guest (S-1-5-21-3112672562-2960968610-587266201-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3112672562-2960968610-587266201-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Disabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Disabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 25.001.20474 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.5.0.348 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.5.1.48 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AVG Driver Updater (HKLM\...\AVG Driver Updater) (Version: 24.4.5825.14386 - Gen Digital Inc.)
AVG Secure VPN (HKLM\...\AVG Secure VPN) (Version: 25.4.11423.14412 - AVG)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.9.0 - Canon Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5100_series) (Version: 1.01 - Canon Inc.)
Canon TS5100 series Príručka on-screen manual (HKLM-x32\...\Canon TS5100 series Príručka on-screen manual) (Version: 1.1.0 - Canon Inc.)
DesktopDigitalClock (HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\DesktopDigitalClock) (Version: - Freeware © Nenad Hrg 2019-2024 / www.SoftwareOK.com)
DinoCapture 2.0 (HKLM-x32\...\DinoCapture 2.0) (Version: 1.5.52 - AnMo Electronics Corporation)
Edge3 Driver 1.0.0.3 (HKLM\...\Edge3 Driver_is1) (Version: 1.0.0.3 - Edge3 Driver)
ESET Security (HKLM\...\{2AE41595-0CB6-45AD-A2FA-E20798D8842F}) (Version: 18.1.13.0 - ESET, spol. s r.o.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP One Agent (HKLM\...\{211CE8D5-1B28-4C83-AC2E-F057818A0356}) (Version: 1.1.807.4021 - HP Inc.)
HP One Agent (HKLM\...\{DBDA024D-1557-4B59-BB57-F8724C1B1752}) (Version: 1.1.807.4021 - HP Inc.) Hidden
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
iCloud Outlook (HKLM\...\{76DBE4BD-97A4-4657-A75F-4DA83272360F}) (Version: 15.3.0.138 - Apple Inc.)
Messenger (HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\0a93669aced325d6c1991ebd989628f4) (Version: 1.0 - Messenger)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18730.20142 - Microsoft Corporation)
Microsoft 365 - en-gb (HKLM\...\O365HomePremRetail - en-gb) (Version: 16.0.18730.20142 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.18730.20142 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 136.0.3240.76 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 136.0.3240.76 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.075.0420.0002 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.18730.20142 - Microsoft Corporation)
Microsoft OneNote - en-gb (HKLM\...\OneNoteFreeRetail - en-gb) (Version: 16.0.18730.20142 - Microsoft Corporation)
Microsoft OneNote - sk-sk (HKLM\...\OneNoteFreeRetail - sk-sk) (Version: 16.0.18730.20142 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35112 (HKLM-x32\...\{a8cc5541-021a-45c0-a308-ad0035979d45}) (Version: 14.44.35112.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35112 (HKLM-x32\...\{3bc32411-7927-4e98-a2a1-70f2dc14a469}) (Version: 14.44.35112.1 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35112 (HKLM\...\{A09D1BD1-C08E-4553-9DA7-BA2AF7BEBE89}) (Version: 14.44.35112 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35112 (HKLM\...\{7551F782-4A24-4322-81DA-7BEDE7CA36EE}) (Version: 14.44.35112 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35112 (HKLM-x32\...\{1CD298A0-42E4-4B23-8E49-7FFC765A74CB}) (Version: 14.44.35112 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35112 (HKLM-x32\...\{72D3A443-EE88-4C3D-B832-13EADDD81758}) (Version: 14.44.35112 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 138.0.1 (x64 cs)) (Version: 138.0.1 - Mozilla)
Mozilla Firefox (x64 sk) (HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\Mozilla Firefox 138.0.4 (x64 sk)) (Version: 138.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 136.0.4 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18730.20142 - Microsoft Corporation) Hidden
OpenOffice 4.1.15 (HKLM-x32\...\{7A10D0DA-1711-4CB1-8D71-81A6E0149B43}) (Version: 4.115.9813 - Apache Software Foundation)
Registrácia tlačiarne (HKLM-x32\...\Canon EISRegistration) (Version: 1.9.2 - Canon Inc.)
ScreenConnect Client (9089f237309e0452) (HKLM-x32\...\{484D370F-50D1-DCFF-2F09-67CAB77FA1DF}) (Version: 24.3.7.9067 - ScreenConnect Software)
Skype 8.150 (HKLM-x32\...\{651E817F-FC04-4492-B43E-15E10BC59D40}) (Version: 8.150.0.125 - Skype Technologies S.A.)
Skype verzia 8.150 (HKLM-x32\...\Skype_is1) (Version: 8.150 - Skype Technologies S.A.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-14] (Microsoft Windows)
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-14] (Microsoft Windows)
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3912.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-14] (Microsoft Windows)
@{MicrosoftWindows.Client.CoreAI_1000.26100.3912.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-05-14] (Microsoft Windows)
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-12-26] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2025-05-04] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-12-25] (Adobe Systems Incorporated)
Akčné kliknutie (ukážka) -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-05-14] (Microsoft Windows)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-12-23] (INTEL CORP) [Startup Task]
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.51.331.0_x64__v10z8vjag6ke6 [2024-12-27] (HP Inc.)
Balík pre prostredie funkcií Windowsu -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-14] (Microsoft Windows)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.30.0_x64__xbfy0k16fey96 [2025-02-06] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2024-12-23] (HP Inc.)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2025-05-12] (Sparse Package)
FarmVille 2: Country Escape -> C:\Program Files\WindowsApps\D52A8D61.FarmVille2CountryEscape_27.7.143.0_x64__jwbwg6xx0377a [2025-05-07] (Zynga Inc.)
HP Command Center -> C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6 [2024-12-23] (HP Inc.)
HP Enhanced Lighting -> C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.4.4.0_x64__v10z8vjag6ke6 [2024-12-23] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.7.2.0_x64__v10z8vjag6ke6 [2025-03-13] (HP Inc.)
HP Pen Control Plus -> C:\Program Files\WindowsApps\AD2F1837.HPPenControlPlus_1.1.7.0_x64__v10z8vjag6ke6 [2024-12-23] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-12-23] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_159.1.1144.0_x64__v10z8vjag6ke6 [2025-05-01] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.44.18.0_x64__v10z8vjag6ke6 [2025-05-07] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.28.0_x64__v10z8vjag6ke6 [2025-03-26] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa [2025-05-07] (Apple Inc.) [Startup Task]
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.23306.1292.0_x64__8wekyb3d8bbwe [2024-12-23] (Microsoft Corporation)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.42.0_x64__w1wdnht996qgy [2025-03-13] (LinkedIn) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.1.0.0_x64__8xx8rvfyw5nnt [2025-03-11] (Meta)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2410.16002.0_x64__8wekyb3d8bbwe [2024-12-30] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-12-23] (Microsoft Corp.)
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2025-01-23] (Microsoft Platform Extensions)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20331.573.0_x64__8wekyb3d8bbwe [2025-04-08] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.9.1.0_x64__8wekyb3d8bbwe [2025-05-03] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6 [2025-04-03] (HP Inc.) [Startup Task]
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-05-10] ()
Pride 2019 -> C:\Program Files\WindowsApps\Microsoft.Pride2019_9.0.0.0_neutral__8wekyb3d8bbwe [2025-04-06] (Microsoft Corporation)
Pride 2020 Flags -> C:\Program Files\WindowsApps\Microsoft.Pride2020Flags_3.0.0.0_neutral__8wekyb3d8bbwe [2025-01-22] (Microsoft Corporation)
Snapchat -> C:\Program Files\WindowsApps\SnapInc.Snapchat_4.0.1.0_neutral__k1zn018256b8e [2025-04-30] (Snap Inc.)
Sysinternals Suite -> C:\Program Files\WindowsApps\Microsoft.SysinternalsSuite_2025.5.0.0_x64__8wekyb3d8bbwe [2025-05-06] (Microsoft Corporation)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-03-13] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-09] (Microsoft Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3112672562-2960968610-587266201-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3112672562-2960968610-587266201-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3112672562-2960968610-587266201-1001_Classes\CLSID\{6282d2e9-5906-bbf9-4b71-0c2869c6a835}\localserver32 -> "C:\Program Files\Google\Play Games\current\service\Service.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3112672562-2960968610-587266201-1001_Classes\CLSID\{7d043d4e-4259-f459-3630-7b434fd7752c}\localserver32 -> C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (HP Inc. -> HP Inc.)
CustomCLSID: HKU\S-1-5-21-3112672562-2960968610-587266201-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-08] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-08] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-08] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-08] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG TuneUp] -> {13004120-FCAF-4232-A255-807EAD6E7D02} => C:\Program Files\AVG\TuneUp\tucontextmenu.dll [2025-02-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-05-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-05-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AVG TuneUp] -> {13004120-FCAF-4232-A255-807EAD6E7D02} => C:\Program Files\AVG\TuneUp\tucontextmenu.dll [2025-02-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncShell64.dll [2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-08] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG TuneUp] -> {13004120-FCAF-4232-A255-807EAD6E7D02} => C:\Program Files\AVG\TuneUp\tucontextmenu.dll [2025-02-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-05-09] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/ ... taskbar-hp

==================== Loaded Modules (Whitelisted) =============

2025-04-28 00:55 - 2025-04-28 00:55 - 000869376 _____ (.NET Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.T417b639d#\63e533616bc9174cd7a91e1729f160fc\Microsoft.Toolkit.Uwp.Notifications.ni.dll
2025-04-24 23:54 - 2025-04-24 23:54 - 000025088 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\sk_sk\Acrobat Elements\ContextMenuShim64.sky
2025-04-27 02:18 - 2025-04-27 02:18 - 000440320 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LauncherSDK\2d70a2d044f21be30baf78121199320f\LauncherSDK.ni.dll
2025-04-27 02:18 - 2025-04-27 02:18 - 000038400 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Logging\4f7984a4c26efbf55f686da8b16aa462\Logging.ni.dll
2025-04-27 02:18 - 2025-04-27 02:18 - 000153600 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RpcClient\d28337c50ce6e833c97e1b1d1306d515\RpcClient.ni.dll
2025-04-27 02:18 - 2025-04-27 02:18 - 003884544 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\d0bc9039722cdf7f534582c5140e55a8\Newtonsoft.Json.ni.dll
2024-10-28 17:42 - 2024-10-28 17:42 - 000197120 _____ (ScreenConnect Software) [File not signed] [File is in use] C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.Client.dll
2024-10-28 17:43 - 2024-10-28 17:43 - 000068096 _____ (ScreenConnect Software) [File not signed] [File is in use] C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.ClientService.dll
2024-10-28 17:41 - 2024-10-28 17:41 - 000548864 _____ (ScreenConnect Software) [File not signed] [File is in use] C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.Core.dll
2024-10-28 17:42 - 2024-10-28 17:42 - 001721856 _____ (ScreenConnect Software) [File not signed] [File is in use] C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.Windows.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ScreenConnect Client (9089f237309e0452) => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3112672562-2960968610-587266201-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\broni\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Intel(R) Wi-Fi 6E AX211 160MHz -> Netwtw14.sys
AVG Secure VPN: AVG Secure VPN Wintun Adapter -> avgWintun.sys

nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "AVG Secure VPN.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\StartupApproved\StartupFolder: => "Messenger.lnk"
HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{96D53ACD-DC0E-43B2-A978-E6C58DEAE464}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plant Tycoon\plant tycoon.exe () [File not signed]
FirewallRules: [{AACC2CF5-2576-46B7-8E5C-B6AF7B1F1B54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plant Tycoon\plant tycoon.exe () [File not signed]
FirewallRules: [{313B9FFA-6C8C-4E5B-9C74-2115149BCED6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EEC76264-190D-4FF3-8CA1-F94FA876A013}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9B08482A-1F4A-4C79-8DF7-F1ACF56924DB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F6D61072-4CF6-45C2-A28E-6CD18C77B986}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EF24F515-A679-4F05-A927-B67B095FE207}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DB98691E-C28F-4DE7-9935-B48641CDC738}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DFE91626-A384-4AE9-A67F-5E12BEE2B226}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F60D48E-CFF8-4CBB-A213-596D66DDBCAB}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55CC0A96-CAB2-4684-AF2A-0A488A0BC5C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{113E12CE-4FA0-4255-BDD4-EBA93D1CF040}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF322D92-B19D-4DE6-B080-B142B4F782AB}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{56008A77-3091-4FE7-9E1C-9913CC076810}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2A2D22DC-151F-4BDE-BC35-ACDA948B1CFC}] => (Allow) C:\Program Files\AVG\Driver Updater\DriverUpdUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{D72F3D69-39C3-4F6E-B671-6382022ED635}] => (Allow) C:\Program Files\AVG\Driver Updater\DriverUpdUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{308F9B92-80E6-4442-9044-8EBE70FF436D}] => (Allow) C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{D49C8100-B50D-4AFE-9859-23A1B9BD63C2}] => (Allow) C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{CBE8C2F2-D977-4924-90BB-EEE56A5FD8BB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{C464FF29-80C3-49CB-B13C-F7C4F0D5DFC4}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D3A50BAF-67A7-42D4-8296-0AD832E717A2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{6C08A104-3A20-4751-A32B-C1C71577B8EC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{38372766-1C2C-4206-8B7D-4C1FDAE12AAA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{6028BEEA-55AD-40CB-ABF8-666BCFEE6C9B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B5EE70A1-01AD-43E7-9542-E04B6BF2877D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{1CA5449A-B196-49F2-BFAD-838C23EE1854}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D4C9AD68-050A-4E57-90E0-6370169547F7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{8508445F-F170-4183-BD63-DFF84F85B6A9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B9706245-7219-47E2-A30B-009E9AD81D91}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{9503AF6C-0A38-4A27-BE78-8891F5CE88B0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{427CA19E-BE72-4D0D-BBBD-6575C8193105}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D4E772A1-29BE-462B-9185-B75BD9335E2E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{3518BACE-1A74-4BB4-9DF5-3D7FC808CB6F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{9AD77884-E1D3-4721-BB8F-91AA980350FC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0E08EA1C-5FDE-4257-BAED-2E1DE023FA8F}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFC54279-5BDD-4BF8-B2FD-DACA034FF327}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{995E41D8-38AD-4A7B-9BD2-6F415352F737}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{44EC357A-9173-4BC3-95B1-67B29DE37AB7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1413EA31-2D6A-4E8A-BA1B-1AFF14E2BE28}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79B49889-27F4-4230-BEC3-F2666ADDAF0B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\136.0.3240.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

19-05-2025 20:27:24 AdwCleaner_BeforeCleaning_19/05/2025_20:27:24
19-05-2025 20:40:11 AdwCleaner_BeforeCleaning_19/05/2025_20:40:10
19-05-2025 21:16:45 Inštalátor modulov systému Windows
19-05-2025 21:51:30 Inštalátor modulov systému Windows
20-05-2025 09:23:05 Inštalátor modulov systému Windows
20-05-2025 15:14:25 AdwCleaner_BeforeCleaning_20/05/2025_15:14:24
21-05-2025 07:37:52 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/21/2025 06:59:41 AM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: ESIF(1.0.11901.2113) TYPE: ERROR MODULE: IPF TIME 44282495 ms

[<IPFSRV>AuthMgr_EsifPrimitive@ipfsrv_authmgr.c#1899]<44282482 ms>:
Unauthorized EsifPrimitive: SET_PROC_NUMBER_OFFLINE_CORES (153)

Error: (05/20/2025 07:38:38 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program dllhost.exe version 10.0.26100.1150 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (05/20/2025 03:14:50 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Disabled performance counter data collection from the "ASP.NET_2.0.50727" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.

Error: (05/20/2025 03:14:50 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1021) (User: NT AUTHORITY)
Description: Windows cannot open the 32-bit extensible counter DLL "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll" in a 64-bit environment (Win32 error code 193). Contact the file vendor to obtain a 64-bit version. Alternatively, you can open the 32-bit extensible counter DLL by using the 32-bit version of Performance Monitor. To use this tool, open the Windows folder, open the Syswow64 folder, and then start Perfmon.exe.

Error: (05/20/2025 03:09:06 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program TFC.exe version 3.1.9.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (05/20/2025 11:24:42 AM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: ESIF(1.0.11901.2113) TYPE: ERROR MODULE: IPF TIME 61288880 ms

[<IPFSRV>AuthMgr_EsifPrimitive@ipfsrv_authmgr.c#1899]<61288880 ms>:
Unauthorized EsifPrimitive: SET_PROC_NUMBER_OFFLINE_CORES (153)

Error: (05/20/2025 08:49:08 AM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: ESIF(1.0.11901.2113) TYPE: ERROR MODULE: IPF TIME 51951677 ms

[<IPFSRV>AuthMgr_EsifPrimitive@ipfsrv_authmgr.c#1899]<51951654 ms>:
Unauthorized EsifPrimitive: SET_PROC_NUMBER_OFFLINE_CORES (153)

Error: (05/19/2025 08:57:36 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002


System errors:
=============
Error: (05/21/2025 12:34:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9N9PHDT62W94-AD2F1837.myHP.

Error: (05/21/2025 10:37:01 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -1878589247. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/21/2025 10:32:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby HuaweiHiSuiteService64.exe zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (05/21/2025 10:32:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby HP Comm Recover zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (05/21/2025 10:32:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby l1vhlwf zlyhalo kvôli nasledujúcej chybe:
A hypervisor feature is not available to the user.

Error: (05/21/2025 07:38:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (05/21/2025 07:38:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (05/21/2025 06:59:47 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -1878589247. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931


Windows Defender:
================
Date: 2025-02-06 08:12:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-01-31 11:09:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-01-28 08:16:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-01-28 07:30:34
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-01-17 07:29:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2025-05-21 15:22:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2025-05-21 15:19:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Insyde F.11 08/19/2024
Motherboard: HP 8BF6
Processor: 13th Gen Intel(R) Core(TM) i7-1355U
Percentage of memory in use: 52%
Total physical RAM: 16095.05 MB
Available physical RAM: 7701.07 MB
Total Virtual: 17119.05 MB
Available Virtual: 7375.28 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:952.74 GB) (Free:846.73 GB) (Model: SK hynix BC901 HFS001TEJ9X108N) (Protected) NTFS

\\?\Volume{3405c265-c73a-40eb-b42d-2c3f22934fa2}\ () (Fixed) (Total:0.85 GB) (Free:0.09 GB) NTFS
\\?\Volume{1690612e-5263-415f-9486-abd960ae1a17}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==================== End of Addition.txt =======================

[bruno]

FRST.txt 1 časť


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-05-2025
Ran by broni (administrator) on BRUNO (HP HP Pavilion x360 2-in-1 Laptop 14-ek1xxx) (21-05-2025 15:23:08)
Running from C:\Users\broni\OneDrive\Počítač\FRST64.exe
Loaded Profiles: broni
Platform: Microsoft Windows 11 Home Version 24H2 26100.4061 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.ClientService.exe ->) (Connectwise, LLC -> ScreenConnect Software) C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.WindowsClient.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.28.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.28.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\AppHelperCap.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\BridgeCommunication.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_c747b6aac9406fd7\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c747b6aac9406fd7\ipf_helper.exe
(DriverStore\FileRepository\seapo64.inf_amd64_7ab1ea12f6a5b2d0\SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_7ab1ea12f6a5b2d0\SECOCL64.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc) C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6\win32\HP.ContextAware.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.4.4.0_x64__v10z8vjag6ke6\Win32\HPEnhancedLighting.Bg.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPPenControlPlus_1.1.7.0_x64__v10z8vjag6ke6\Win32\HPPenControlPlus.Win32.Bg.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.28.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(explorer.exe ->) (Nenad Hrg -> Nenad Hrg (SoftwareOK.com)) C:\Users\broni\OneDrive\Počítač\DesktopDigitalClock_x64_P.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\broni\AppData\Local\Mozilla Firefox\firefox.exe <15>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(services.exe ->) (Connectwise, LLC -> ) C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.ClientService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_683097297aaa9bb4\ipfsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_bdc4c744cf4529f4\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3de31b09a0024837\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_eaeb5b1572d4d37a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c747b6aac9406fd7\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_58a0ea2de06916f7\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_c39f1618966ba504\AS\IAS\IntelAudioService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncHelper.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c5e940d4ffae802\RtkAudUService64.exe <3>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_7ab1ea12f6a5b2d0\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\Win32Process\HPCC.Bg.BackgroundApp.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2410.16002.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25032.52.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\HpSystemManagement.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2505.1001.5.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.9.1.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.10401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.4060_none_a55287a7772b57c2\TiWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c5e940d4ffae802\RtkAudUService64.exe [2165096 2024-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [292064 2025-05-09] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116904 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [6945608 2025-04-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\AVG\Driver Updater\DriverUpdUI.exe [8225096 2025-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-12-25] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [HPCC_InstallationBooster] => C:\System.sav\util\HPCC\HpccLauncher.exe [458248 2020-12-29] (HP Inc. -> HP Inc.)
HKU\S-1-5-19\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-07] (HP Inc. -> )
HKU\S-1-5-20\...\Run: [HPCC_InstallationBooster] => C:\System.sav\util\HPCC\HpccLauncher.exe [458248 2020-12-29] (HP Inc. -> HP Inc.)
HKU\S-1-5-20\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-07] (HP Inc. -> )
HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4994352 2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4694624 2025-04-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41352088 2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172896 2025-04-29] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3112672562-2960968610-587266201-1001\...\Run: [MicrosoftEdgeAutoLaunch_2F8F85FD2D867145F294470286D3DE9E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4045864 2025-05-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-12-23] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-12-23] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-12-23] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKLM\...\Windows x64\Print Processors\Canon TS5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDQ.DLL [482816 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [203936 2024-12-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\BJ Language Monitor2: C:\windows\system32\CNBJMON2.DLL [699480 2017-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Microsoft Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5100 series: C:\windows\system32\CNMLMDQ.DLL [1302016 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\...\Authentication\Credential Providers: [{6FF59A85-BC37-4CD4-7415-8F34B76ABA1C}] -> C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.WindowsCredentialProvider.dll
Lsa: [Authentication Packages] msv1_0 C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.WindowsAuthenticationPackage.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2025-05-11]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {B08BE16A-F450-44B0-93FB-35C3DD8B3917} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {29688764-58B3-4CA4-80EA-2924D5B4342B} - System32\Tasks\Adobe Creative Cloud => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131432 2025-01-20] (Adobe Inc. -> Adobe Inc.)
Task: {F0D6767F-6243-4D91-A5E7-7F9231378281} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116904 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {532D6A0F-8CCB-4259-8C46-0EBEB5BA3C7A} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4455336 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {CBF74177-DA81-4905-81E1-85C6FB49D6CE} - System32\Tasks\AVG\AVG Driver Updater BugReport => C:\Program Files\AVG\Driver Updater\AvBugReport.exe [6079304 2025-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 149 --programpath "C:\Program Files\AVG\Driver Updater" --configpath "C:\ProgramData\AVG\Driver Updater" --path "C:\ProgramData\AVG\Driver Updater\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\Driver Updater\log" --guid 1c5c004f- (the data entry has 27 more characters).
Task: {C017732A-FBE2-4045-8150-964EDC86D3E3} - System32\Tasks\AVG\AVG Driver Updater Update => C:\Program Files\Common Files\AVG\Icarus\avg-du\icarus.exe [8618824 2025-03-19] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {622BCFA1-9A69-4C38-A3D3-BB81FB6520FA} - System32\Tasks\AVG\AVG Secure VPN Bug Report => C:\Program Files\AVG\Secure VPN\AvBugReport.exe [6122832 2025-05-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 12 --programpath "C:\Program Files\AVG\Secure VPN" --configpath "C:\ProgramData\AVG\Secure VPN" --path "C:\ProgramData\AVG\Secure VPN\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\Secure VPN\log" --guid 40be7e4e-05b5-4526-beb6-08 (the data entry has 10 more characters).
Task: {838CA98D-0302-4C23-BF42-227A235DD129} - System32\Tasks\AVG\AVG Secure VPN Emergency Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [3995992 2025-05-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {E8C452EB-7FC9-4A6D-869C-7F6400668D2C} - System32\Tasks\AVG\AVG Secure VPN Update => C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe [8618824 2025-04-24] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {8BB54B40-AD10-4807-B693-C9BA0A5E873A} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [6079304 2025-04-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp" --configpath "C:\ProgramData\AVG\TuneUp" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\TuneUp\log" --guid 9811446f-f076-40f6-882d-a64851ad438d
Task: {A82416DF-3C16-427E-9F3A-39264A96F93C} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [8618824 2025-03-31] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {B270E39A-0650-436F-9343-4D602B8DA1F6} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {3AD88312-74A8-4460-8588-2AFC1DDEDD14} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {055D38E6-0F71-4A0E-9016-BDC769C6782B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {0FF67638-9E90-4421-A2F0-D35D25699AE5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {955FFF53-1F37-4B5D-B346-DD05AD531A78} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {B9B7B5F6-0925-4B7D-B3AB-F1571E1FD86F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {AC3F1897-144E-457D-8B51-7C13E8F0D026} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {0E2B943C-B606-4D71-ACF4-C02A8C6D8DD8} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {501D32E0-DCE4-4DD5-B239-A26731C3EC2B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {14D6F010-EE63-45E2-9EFB-3234D61ADA2C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\windows\system32\cmd.exe [376832 2025-04-25] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckTest
Task: {B6ED7AD6-45F1-4989-93B9-3020388DB899} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest => c:\Windows\System32\schtasks.exe [253952 2024-12-26] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
Task: {41F978C3-5900-4094-9912-F0DC4A5C0846} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-SmartCheckTest => c:\Windows\System32\schtasks.exe [253952 2024-12-26] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\SmartCheckTest"
Task: {AE267007-D7B3-4420-8632-DAE4A5224533} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1004040 2025-04-22] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {2CB36BFD-4C18-483E-A9D3-41511178C1CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2025-04-22] (HP Inc. -> HP Inc.)
Task: {E481AE8B-1D5B-42FD-80CE-2586B3354BC9} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [102400 2024-12-26] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {93CEBE44-15E6-4100-9A9D-E4DB1960C7DF} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [79312 2025-05-01] (HP Inc. -> HP Inc.)
Task: {9BCB15A7-BB81-4158-9DEC-103AE39A80C8} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [79312 2025-05-01] (HP Inc. -> HP Inc.)
Task: {5A45FBB2-6B59-4740-9B11-88E2604DF6FD} - System32\Tasks\HPDataRetriever => C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-application-info-collector_ver_4.675.11370\hp-data-retriever.exe (No File)
Task: {A0A5A103-CB90-4A0F-8566-DF114373C242} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{211CE8D5-1B28-4C83-AC2E-F057818A0356}\HPOneAgent.exe [1169696 2025-04-28] (HP Inc. -> HP Inc; HP Development Company, L.P.)
Task: {E2C4E7F8-F74B-473B-9BE5-2CADA567CACA} - System32\Tasks\HPSupportTool => C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-iolo-collector_ver_4.675.11370\HPSupportAssistant1.exe (No File)
Task: {BA3ABC50-68A7-446D-99B7-DC3DB22F4FCC} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194048 2025-03-12] (Adobe Inc. -> Adobe Inc.)
Task: {45446A34-4BCD-4FD8-A871-79C03E408B7A} - System32\Tasks\McAfee\DAD.WPS.Execute.Updates => "C:\Program Files\McAfee\WPS\1.9.253.1\dad\mc-dad.exe" (No File)
Task: {FCD082A6-253A-4C1E-8361-B66ADE66E7CD} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C8B3F5F-9E8E-4F7B-AF6B-FF0FDDE3E90C} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B4C9791-6C02-4EEF-B1A1-80A21E34B4C1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29102352 2025-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F37A4D6-2335-4B29-A2EA-2E90D880C90E} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [68392 2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4F4D84C-DE15-4398-BD45-8FA588E605BE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29102352 2025-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A11579A0-6BDE-4EF9-B1C4-0C300A2C99A6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5BDF731F-F84C-40D5-B0E6-D7B6D4920A5D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9AA3336-23C9-425D-BEDC-BA8BBB41B651} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [213216 2025-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {05F2E50F-72B4-4573-A0EA-63637FFBEC5A} - System32\Tasks\Microsoft\Windows\WindowsAI\Recall\InitialConfiguration => {709FD5EF-7296-4154-BD3A-E9830FCFA60A} C:\WINDOWS\system32\ShellConfigTask.dll [274432 2025-04-25] (Microsoft Windows -> Microsoft Corporation)
Task: {33E043B5-A397-4252-AC4E-49E4317C67A8} - System32\Tasks\Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration => {0BE6820D-B667-4CB6-931B-C153A77DA895} C:\WINDOWS\system32\ShellConfigTask.dll [274432 2025-04-25] (Microsoft Windows -> Microsoft Corporation)
Task: {70343CAB-8478-4E0F-911C-16696A7D29E9} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3112672562-2960968610-587266201-1001 B005440649BC1540 => C:\Users\broni\AppData\Local\Mozilla Firefox\firefox.exe [695360 2025-05-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\B005440649BC1540\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\B005440649BC1540\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {91AA2805-D03C-4D0D-B3A2-2665333F5CBF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {DBB96E54-7C42-47C4-ACA9-0B4843E400CA} - System32\Tasks\Mozilla\Firefox Default Browser Agent B005440649BC1540 => C:\Users\broni\AppData\Local\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {95539629-9041-43A8-9C02-0FA1A47E4D33} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe (No File)
Task: {64C8A485-6E5C-43E3-80C5-B9BDA03657F1} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe (No File)
Task: {63AF6FD6-60DE-4C28-AD85-3011FEDA71AD} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe (No File)
Task: {4C6DE594-E11A-47A5-BBCD-B42E5D7872BD} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe (No File)
Task: {AFCAAC2C-6D05-430F-9A8A-E6D2F2DF2A60} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224296 2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E17B952-1FE5-4D69-AD55-138373D1EF04} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3112672562-2960968610-587266201-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224296 2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADE917A6-8AED-45CE-A928-03210999BC14} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3112672562-2960968610-587266201-1001 => C:\Program Files\Microsoft OneDrive\25.075.0420.0002\OneDriveLauncher.exe [679728 2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E69B1C3-17F0-4C47-AAC4-0D7EDE4D346D} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe (No File)
Task: {11A83D3E-A5D7-48BD-8A20-EBB8BD037F17} - System32\Tasks\SystemOptimizerCustomEvent => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe (No File)
Task: {3495A3A7-9091-42E3-B148-0E9A65C995E4} - System32\Tasks\SystemOptimizerTemp => C:\Users\broni\AppData\Local\Temp\HP\SystemOptimizerTemp\SystemOptimizer.exe -update (No File) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0db82645-80e3-42d0-beef-ba4dffa15d68}: [NameServer] 100.124.212.1
Tcpip\..\Interfaces\{96a89a01-cb50-4388-8faa-9fd8d426d78a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{96a89a01-cb50-4388-8faa-9fd8d426d78a}: [DhcpDomain] home
Tcpip\..\Interfaces\{ed16d0c8-71fd-438e-817a-b5b0ddcf0663}: [DhcpNameServer] 172.168.0.7

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\broni\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-21]
Edge Notifications: Default -> hxxps://web.skype.com; hxxps://www.facebook.com; hxxps://www.messenger.com
Edge HomePage: Default -> hxxps://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP
Edge StartupUrls: Default -> "hxxps://www.msn.com/cs-cz/zpravy?ocid=winp1taskbar"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\broni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2025-05-19]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\broni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-05]
Edge Extension: (Edge relevant text changes) - C:\Users\broni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-12-23]
Edge Extension: (AVG Online Security) - C:\Users\broni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lacbjnnibafcbpogdcpfdpmajfkdampi [2025-03-20]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\broni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2025-04-30]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: 2y55go50.default
FF ProfilePath: C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\fve3xuyw.default-release-1 [2025-05-21]
FF DownloadDir: C:\Users\broni\OneDrive\Počítač
FF Homepage: Mozilla\Firefox\Profiles\fve3xuyw.default-release-1 -> hxxps://www.zoznam.sk/
FF Notifications: Mozilla\Firefox\Profiles\fve3xuyw.default-release-1 -> hxxps://teams.live.com; hxxps://web.skype.com; hxxps://www.zoznam.sk; hxxps://mail.google.com; hxxps://www.facebook.com
FF Extension: (AdGuard blokovač reklamy) - C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\fve3xuyw.default-release-1\Extensions\adguardadblocker@adguard.com.xpi [2025-05-06]

[bruno]

FRST.txt 2 časť


FF Extension: (Translate websites in your browser without using the cloud.) - C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\fve3xuyw.default-release-1\Extensions\firefox-translations-addon@mozilla.org.xpi [2025-03-29]
FF Extension: (Privacy Badger) - C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\fve3xuyw.default-release-1\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2025-04-05]
FF ProfilePath: C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\2y55go50.default [2024-12-23]
FF ProfilePath: C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\8t04cbr8.default-release [2025-05-21]
FF Homepage: Mozilla\Firefox\Profiles\8t04cbr8.default-release -> hxxps://www.zoznam.sk/
FF Notifications: Mozilla\Firefox\Profiles\8t04cbr8.default-release -> hxxps://www.lidl.sk; hxxps://www.autodoc.sk
FF Extension: (Privacy Badger) - C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\8t04cbr8.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2025-05-09]
FF Extension: (Language: Slovenčina (Slovak)) - C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\8t04cbr8.default-release\Extensions\langpack-sk@firefox.mozilla.org.xpi [2025-05-10]
FF Extension: (TWP - Translate Web Pages) - C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\8t04cbr8.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2025-03-28]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\8t04cbr8.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2025-05-19]
FF Extension: (Spirited Away) - C:\Users\broni\AppData\Roaming\Mozilla\Firefox\Profiles\8t04cbr8.default-release\Extensions\{49aa8e5f-f9d6-4556-a881-010b048e8636}.xpi [2025-01-28]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2025-01-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2025-01-20] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2025-05-21]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-3112672562-2960968610-587266201-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944040 2025-01-20] (Adobe Inc. -> Adobe Inc.)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [19304776 2025-04-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13824240 2025-05-02] (Microsoft Corporation -> Microsoft Corporation)
R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_683097297aaa9bb4\ipfsvc.exe [562040 2024-05-24] (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation)
R2 DriverUpdSvc; C:\Program Files\AVG\Driver Updater\DriverUpdSvc.exe [17396552 2025-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5559152 2025-05-09] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4582480 2025-05-09] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4582480 2025-05-09] (ESET, spol. s r.o. -> ESET)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.075.0420.0002\FileSyncHelper.exe [3601192 2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
S4 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [2372648 2025-03-10] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\AppHelperCap.exe [886880 2025-03-23] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\DiagsCap.exe [885336 2025-03-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\NetworkCap.exe [881272 2025-03-23] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-05-01] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8b6208978d72fcca\x64\SysInfoCap.exe [886368 2025-03-23] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_bdc4c744cf4529f4\x64\TouchpointAnalyticsClientService.exe [631448 2025-03-26] (HP Inc. -> HP Inc.)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [460488 2024-04-03] (Canon Inc. -> )
S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_740dc8aba9846dbb\lib\PlatformLicenseManagerService.exe [741600 2024-06-23] (Intel Corporation -> Intel(R) Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_c39f1618966ba504\AS\IAS\IntelAudioService.exe [532960 2024-12-11] (Intel Corporation -> Intel)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c747b6aac9406fd7\ipf_uf.exe [3095632 2024-09-14] (Intel Corporation -> Intel Corporation)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.075.0420.0002\OneDriveUpdaterService.exe [3852608 2025-05-17] (Microsoft Corporation -> Microsoft Corporation)
R2 ScreenConnect Client (9089f237309e0452); C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.ClientService.exe [95512 2024-10-28] (Connectwise, LLC -> ) <==== ATTENTION
R2 SECOMNService; C:\WINDOWS\System32\DriverStore\FileRepository\seapo64.inf_amd64_7ab1ea12f6a5b2d0\SECOMN64.exe [992496 2024-05-09] (Sound Research Corporation -> Sound Research, Corp.)
R2 SecureVPN; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [13474136 2025-05-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 avgVpnRdr; C:\WINDOWS\System32\drivers\avgVpnRdr.sys [85808 2025-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R3 avgWintun; C:\WINDOWS\System32\drivers\avgWintun.sys [40768 2025-01-05] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
S3 avgWireGuard; C:\WINDOWS\System32\drivers\avgWireguard.sys [174912 2025-05-10] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
S3 CtaChildDriver; C:\WINDOWS\System32\drivers\CtaChildDriver.sys [55688 2023-06-20] (Intel Corporation -> )
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [227224 2025-04-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [121816 2025-04-03] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2024-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [266944 2025-04-03] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [57304 2025-04-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [86200 2025-04-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [128512 2025-04-03] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-26] (Microsoft Windows -> Microsoft Corporation)
S3 GSCAuxDriver; C:\WINDOWS\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_7b4832bbb86eb120\GSCAuxDriverx64.sys [109024 2023-06-20] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\WINDOWS\System32\DriverStore\FileRepository\gscheci.inf_amd64_1b5eb9e70857c0c6\TeeDriverGSCW8x64.sys [279008 2023-06-20] (Intel Corporation -> Intel Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_6f8ae740d22247ce\iaLPSS2_GPIO2_ADL.sys [141288 2024-05-16] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_563fbcd35feb69a6\iaLPSS2_I2C_ADL.sys [211432 2024-05-16] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_bdfb46f9ce8fefd9\iaLPSS2_SPI_ADL.sys [162792 2024-05-16] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_cf101fc7906bfd11\iaLPSS2_UART2_ADL.sys [317016 2024-05-16] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_72be73817025e47e\IntcUSB.sys [939008 2024-12-11] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_8e2f374849f1eba9\gna.sys [90304 2024-04-30] (Intel Corporation -> Intel Corporation)
S3 Intel_NF_I2C; C:\WINDOWS\System32\DriverStore\FileRepository\intel_nf_i2c_child.inf_amd64_6be89e3e2d61757f\Intel_NF_I2C.sys [222640 2023-06-20] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_6c5069814f317858\ipf_acpi.sys [89568 2024-09-14] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c747b6aac9406fd7\ipf_cpu.sys [89680 2024-09-14] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c747b6aac9406fd7\ipf_lf.sys [504424 2024-09-14] (Intel Corporation -> Intel Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144840 2025-03-28] (Microsoft Windows -> Microsoft Corporation)
R3 libusb0; C:\WINDOWS\System32\drivers\libusb0.sys [52832 2012-01-17] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2022-07-29] (Realtek Semiconductor Corp. -> Realtek)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-28] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-12-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22104 2024-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [606624 2024-12-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-12-23] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-26] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-26] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-05-21 15:23 - 2025-05-21 15:23 - 000048164 _____ C:\Users\broni\OneDrive\Počítač\FRST.txt
2025-05-21 15:23 - 2025-05-21 15:23 - 000000000 ____D C:\FRST
2025-05-21 15:20 - 2025-05-21 15:20 - 002405888 _____ (Farbar) C:\Users\broni\OneDrive\Počítač\FRST64.exe
2025-05-21 13:09 - 2025-05-21 13:09 - 002405888 _____ (Farbar) C:\Users\broni\OneDrive\Počítač\FRST64(1).exe
2025-05-21 10:39 - 2025-05-21 10:39 - 000767310 _____ C:\WINDOWS\system32\perfh005.dat
2025-05-21 10:39 - 2025-05-21 10:39 - 000186486 _____ C:\WINDOWS\system32\perfc005.dat
2025-05-21 10:39 - 2025-05-21 10:39 - 000081838 _____ C:\WINDOWS\system32\perfh01B.dat
2025-05-21 10:39 - 2025-05-21 10:39 - 000025202 _____ C:\WINDOWS\system32\perfc01B.dat
2025-05-21 09:40 - 2025-05-21 09:40 - 000111481 _____ C:\Users\broni\OneDrive\Počítač\Documents.zip
2025-05-21 07:25 - 2025-05-21 07:25 - 001790024 _____ (Malwarebytes) C:\Users\broni\OneDrive\Počítač\JRT(1).exe
2025-05-21 07:15 - 2025-05-21 07:15 - 001790024 _____ (Malwarebytes) C:\Users\broni\OneDrive\Počítač\JRT.exe
2025-05-20 15:08 - 2025-05-20 15:08 - 000448512 _____ (OldTimer Tools) C:\Users\broni\OneDrive\Počítač\TFC.exe
2025-05-20 15:06 - 2025-05-20 15:06 - 000050688 _____ (Atribune.org) C:\Users\broni\OneDrive\Počítač\ATF-Cleaner.exe
2025-05-20 11:32 - 2025-05-20 11:32 - 001862670 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2025-05-20 11:31 - 2025-05-20 11:31 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2025-05-20 11:31 - 2025-05-20 11:31 - 000000000 ____D C:\Program Files\Reference Assemblies
2025-05-20 11:31 - 2025-05-20 11:31 - 000000000 ____D C:\Program Files\MSBuild
2025-05-20 11:31 - 2025-05-20 11:31 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2025-05-20 11:31 - 2025-05-20 11:31 - 000000000 ____D C:\Program Files (x86)\MSBuild
2025-05-19 21:53 - 2025-05-19 21:54 - 000010592 _____ C:\Users\broni\AppData\LocalLow\5642129d91fd36633bafcdfcb905f769dd89380fe5f84073508767d36ed1ce04
2025-05-19 21:53 - 2025-05-19 21:54 - 000000130 _____ C:\Users\broni\AppData\LocalLow\c66ea2d0c43a5ab0f82ad7cad0e5b71023e6a7c78bf47e45c6fedaab1806b45d
2025-05-19 18:07 - 2025-05-19 18:23 - 000000000 ____D C:\Users\broni\AppData\LocalLow\IGDump
2025-05-19 18:05 - 2025-05-19 18:05 - 002827496 _____ (Malwarebytes) C:\Users\broni\OneDrive\Počítač\MBSetup.exe
2025-05-19 18:01 - 2025-05-19 18:02 - 000000000 ____D C:\AdwCleaner
2025-05-19 17:59 - 2025-05-19 17:59 - 009566696 _____ (Malwarebytes) C:\Users\broni\OneDrive\Počítač\AdwCleaner.exe
2025-05-19 15:09 - 2025-05-19 15:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\broni\OneDrive\Počítač\HijackThis.exe
2025-05-18 15:23 - 2025-05-18 15:23 - 000111481 _____ C:\Users\broni\OneDrive\Počítač\Documents(2).zip
2025-05-18 15:21 - 2025-05-18 15:21 - 000111481 _____ C:\Users\broni\OneDrive\Počítač\Documents(1).zip
2025-05-18 05:37 - 2025-05-21 12:34 - 000000000 ____D C:\Users\broni\AppData\Local\Mozilla Firefox
2025-05-16 14:37 - 2025-05-19 18:20 - 000000000 ____D C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)
2025-05-14 14:15 - 2025-05-14 14:15 - 000624616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-05-14 11:54 - 2025-05-21 12:32 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-05-10 16:33 - 2025-05-10 16:33 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-05-10 01:35 - 2025-05-12 08:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-05-10 01:21 - 2025-05-10 01:26 - 000000000 ____D C:\Users\broni\AppData\Roaming\com.zynga.f2desktop
2025-04-28 18:56 - 2025-04-28 19:10 - 000000000 ____D C:\ProgramData\Adguard
2025-04-25 23:17 - 2025-04-25 23:17 - 000030998 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-25 23:17 - 2025-04-25 23:17 - 000030998 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-05-21 15:11 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-05-21 14:16 - 2024-12-27 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-05-21 14:16 - 2024-12-23 14:50 - 000000000 ____D C:\Users\broni\AppData\Local\Packages
2025-05-21 14:16 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-05-21 14:16 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-05-21 14:16 - 2022-11-03 06:35 - 000000000 ____D C:\ProgramData\Packages
2025-05-21 13:33 - 2024-12-23 23:07 - 000000000 ____D C:\ProgramData\Package Cache
2025-05-21 13:33 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-05-21 12:55 - 2024-12-24 01:15 - 000002146 _____ C:\Users\broni\AppData\LocalLow\307d38eee71e42efd373a1f0127c562e27f652a3065fa313317b22e93df0d047
2025-05-21 12:35 - 2024-12-23 15:34 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-05-21 12:10 - 2024-12-25 22:50 - 000000130 _____ C:\Users\broni\AppData\LocalLow\aae5869fa0bec4d8d27610345766f7ef02e2889cb0620366db786ae3c9e60f86
2025-05-21 12:09 - 2025-03-04 00:09 - 000000298 _____ C:\Users\broni\AppData\LocalLow\6e6848e596888746b06be2779682f6948b3660f6c855a3804a21a6a3a6c8541d
2025-05-21 12:08 - 2024-12-23 23:26 - 000000130 _____ C:\Users\broni\AppData\LocalLow\0d8ce0cf35aa7c7d3119ff805ea411913e9063dbbfde48d90472b24757f677cb
2025-05-21 11:58 - 2025-02-25 11:09 - 000003060 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3112672562-2960968610-587266201-1001
2025-05-21 11:58 - 2025-01-27 22:49 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-05-21 11:58 - 2024-12-27 00:53 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3112672562-2960968610-587266201-1001
2025-05-21 11:58 - 2024-12-23 14:58 - 000000000 ___RD C:\Users\broni\OneDrive
2025-05-21 10:39 - 2024-12-27 00:54 - 001972138 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-05-21 10:39 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-05-21 10:32 - 2025-01-04 20:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2025-05-21 10:32 - 2025-01-04 20:07 - 000000000 ____D C:\ProgramData\AVG
2025-05-21 10:32 - 2024-12-27 00:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-05-21 10:32 - 2024-12-27 00:51 - 000008614 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-05-21 10:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-05-21 10:31 - 2024-04-01 09:21 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2025-05-21 10:31 - 2022-11-03 06:32 - 000012288 ___SH C:\DumpStack.log.tmp
2025-05-21 09:41 - 2024-12-24 01:15 - 001744936 _____ C:\Users\broni\AppData\LocalLow\dc25830ab813ded7b142ab1203c15cdf26469d286038afa77efc1fb6e7654e2b
2025-05-20 19:46 - 2024-12-26 15:04 - 000142370 _____ C:\Users\broni\AppData\LocalLow\3e7bda3145cfd8e5c15fbabf7bc64322751bd4913f43fc0306fd861e23ffe334
2025-05-20 15:27 - 2023-11-29 05:07 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2025-05-20 15:15 - 2023-07-20 01:57 - 000000000 ____D C:\ProgramData\HP
2025-05-20 15:11 - 2024-12-27 00:49 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-05-20 11:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2025-05-20 11:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2025-05-20 09:03 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-05-20 08:55 - 2025-01-10 23:18 - 000000000 ____D C:\Users\broni\AppData\Roaming\hpqLog
2025-05-19 20:22 - 2024-12-27 00:53 - 000003542 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2025-05-19 18:02 - 2025-01-10 23:17 - 000000000 ____D C:\Users\broni\AppData\Roaming\Hewlett-Packard
2025-05-19 18:02 - 2023-10-13 04:02 - 000000000 ____D C:\hp
2025-05-19 17:57 - 2025-01-27 22:49 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-05-19 17:57 - 2024-12-27 00:53 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-05-19 17:54 - 2024-12-23 14:57 - 000000000 ____D C:\Users\broni\AppData\Local\D3DSCache
2025-05-19 07:28 - 2024-12-27 00:53 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-19 07:28 - 2024-12-27 00:53 - 000003506 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-05-18 14:55 - 2024-12-24 00:16 - 000000000 ____D C:\Users\broni\AppData\Roaming\Microsoft\Word
2025-05-18 12:32 - 2025-03-29 16:49 - 000001352 _____ C:\Users\broni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-05-18 12:32 - 2025-03-29 16:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-05-17 02:32 - 2025-01-27 22:49 - 000002127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-05-16 22:19 - 2024-12-23 15:21 - 000000000 ____D C:\Users\broni\AppData\Local\VirtualStore
2025-05-16 10:13 - 2022-11-03 06:32 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-05-14 14:14 - 2024-04-01 18:34 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-05-14 14:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-05-14 13:33 - 2025-01-25 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-05-14 12:15 - 2024-12-23 21:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-05-14 12:12 - 2024-12-23 21:51 - 214836568 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-05-12 14:44 - 2025-04-08 10:11 - 000000000 ____D C:\Users\broni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Play Games
2025-05-12 14:44 - 2025-04-08 10:05 - 000000000 ____D C:\Program Files\Google
2025-05-12 14:44 - 2025-04-08 10:04 - 000000000 ____D C:\Program Files (x86)\Google
2025-05-12 14:44 - 2025-04-08 10:03 - 000000000 ____D C:\Users\broni\AppData\Local\Google
2025-05-12 08:53 - 2025-04-06 18:37 - 000000000 ____D C:\Users\broni\AppData\Local\SquirrelTemp
2025-05-12 08:53 - 2024-12-23 23:07 - 000000000 ____D C:\Users\broni\AppData\Local\CrashDumps
2025-05-12 08:53 - 2024-12-23 15:20 - 000000000 ____D C:\Program Files (x86)\Steam
2025-05-10 17:16 - 2023-07-20 01:59 - 000000000 ____D C:\Program Files\Microsoft Office
2025-05-10 14:16 - 2024-12-23 15:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-05-10 02:10 - 2024-12-23 15:34 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-05-08 16:44 - 2024-12-27 00:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2025-05-04 09:57 - 2024-12-26 23:14 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2025-05-04 09:57 - 2024-12-26 23:14 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-05-04 09:48 - 2024-12-27 03:27 - 000000000 ____D C:\ProgramData\CanonIJPLM
2025-05-02 01:51 - 2024-12-27 00:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-05-02 01:51 - 2024-12-23 16:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-04-28 10:20 - 2024-12-27 00:53 - 000002836 _____ C:\WINDOWS\system32\Tasks\HPOneAgentRepairTask
2025-04-27 23:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-27 23:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-27 23:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-04-27 23:21 - 2024-12-27 00:12 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-27 23:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-04-27 23:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-27 23:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-27 23:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-27 23:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-04-27 23:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-27 23:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-27 23:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-04-25 23:17 - 2024-12-27 00:52 - 003369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-21 18:11 - 2025-03-14 19:36 - 000378432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_8.dll
2025-04-21 18:11 - 2025-01-28 19:07 - 002901544 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-04-21 18:11 - 2025-01-28 19:07 - 000796224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-04-21 18:11 - 2025-01-28 19:07 - 000267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-04-21 18:11 - 2025-01-28 19:07 - 000243240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-04-21 18:11 - 2025-01-28 19:07 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-04-21 18:11 - 2025-01-28 19:07 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-04-21 18:11 - 2025-01-28 19:07 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe

==================== Files in the root of some directories ========

2024-09-12 16:02 - 2024-09-12 16:02 - 000000257 _____ () C:\ProgramData\fontcacheev1.dat
2025-04-08 10:04 - 2025-04-08 10:06 - 000084440 _____ () C:\Users\broni\AppData\Local\dxdiag.log
2024-12-26 11:28 - 2024-12-26 11:28 - 000000000 _____ () C:\Users\broni\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3112672562-2960968610-587266201-1001_Classes\CLSID\{6282d2e9-5906-bbf9-4b71-0c2869c6a835}\localserver32 -> "C:\Program Files\Google\Play Games\current\service\Service.exe" -ToastActivated => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {5A45FBB2-6B59-4740-9B11-88E2604DF6FD} - System32\Tasks\HPDataRetriever => C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-application-info-collector_ver_4.675.11370\hp-data-retriever.exe (No File)
Task: {E2C4E7F8-F74B-473B-9BE5-2CADA567CACA} - System32\Tasks\HPSupportTool => C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-iolo-collector_ver_4.675.11370\HPSupportAssistant1.exe (No File)
Task: {45446A34-4BCD-4FD8-A871-79C03E408B7A} - System32\Tasks\McAfee\DAD.WPS.Execute.Updates => "C:\Program Files\McAfee\WPS\1.9.253.1\dad\mc-dad.exe" (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {64C8A485-6E5C-43E3-80C5-B9BDA03657F1} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe (No File)
Task: {63AF6FD6-60DE-4C28-AD85-3011FEDA71AD} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe (No File)
Task: {4C6DE594-E11A-47A5-BBCD-B42E5D7872BD} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe (No File)
Task: {6E69B1C3-17F0-4C47-AAC4-0D7EDE4D346D} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe (No File)
Task: {11A83D3E-A5D7-48BD-8A20-EBB8BD037F17} - System32\Tasks\SystemOptimizerCustomEvent => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe (No File)
Task: {3495A3A7-9091-42E3-B148-0E9A65C995E4} - System32\Tasks\SystemOptimizerTemp => C:\Users\broni\AppData\Local\Temp\HP\SystemOptimizerTemp\SystemOptimizer.exe -update (No File) <==== ATTENTION
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
R2 ScreenConnect Client (9089f237309e0452); C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.ClientService.exe [95512 2024-10-28] (Connectwise, LLC -> ) <==== ATTENTION
Folder: C:\WINDOWS\Provisioning
Folder: C:\Users\broni\AppData\LocalLow\dc25830ab813ded7b142ab1203c15cdf26469d286038afa77efc1fb6e7654e2b
Folder: C:\Users\broni\AppData\LocalLow\3e7bda3145cfd8e5c15fbabf7bc64322751bd4913f43fc0306fd861e23ffe334

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Odinstaloval bych AVG TuneUp

[bruno]

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2025
Ran by broni (22-05-2025 14:19:39) Run:1
Running from C:\Users\broni\OneDrive\Počítač
Loaded Profiles: broni
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3112672562-2960968610-587266201-1001_Classes\CLSID\{6282d2e9-5906-bbf9-4b71-0c2869c6a835}\localserver32 -> "C:\Program Files\Google\Play Games\current\service\Service.exe" -ToastActivated => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {5A45FBB2-6B59-4740-9B11-88E2604DF6FD} - System32\Tasks\HPDataRetriever => C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-application-info-collector_ver_4.675.11370\hp-data-retriever.exe (No File)
Task: {E2C4E7F8-F74B-473B-9BE5-2CADA567CACA} - System32\Tasks\HPSupportTool => C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-iolo-collector_ver_4.675.11370\HPSupportAssistant1.exe (No File)
Task: {45446A34-4BCD-4FD8-A871-79C03E408B7A} - System32\Tasks\McAfee\DAD.WPS.Execute.Updates => "C:\Program Files\McAfee\WPS\1.9.253.1\dad\mc-dad.exe" (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {64C8A485-6E5C-43E3-80C5-B9BDA03657F1} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe (No File)
Task: {63AF6FD6-60DE-4C28-AD85-3011FEDA71AD} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe (No File)
Task: {4C6DE594-E11A-47A5-BBCD-B42E5D7872BD} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe (No File)
Task: {6E69B1C3-17F0-4C47-AAC4-0D7EDE4D346D} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe (No File)
Task: {11A83D3E-A5D7-48BD-8A20-EBB8BD037F17} - System32\Tasks\SystemOptimizerCustomEvent => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe (No File)
Task: {3495A3A7-9091-42E3-B148-0E9A65C995E4} - System32\Tasks\SystemOptimizerTemp => C:\Users\broni\AppData\Local\Temp\HP\SystemOptimizerTemp\SystemOptimizer.exe -update (No File) <==== ATTENTION
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
R2 ScreenConnect Client (9089f237309e0452); C:\Program Files (x86)\ScreenConnect Client (9089f237309e0452)\ScreenConnect.ClientService.exe [95512 2024-10-28] (Connectwise, LLC -> ) <==== ATTENTION
Folder: C:\WINDOWS\Provisioning
Folder: C:\Users\broni\AppData\LocalLow\dc25830ab813ded7b142ab1203c15cdf26469d286038afa77efc1fb6e7654e2b
Folder: C:\Users\broni\AppData\LocalLow\3e7bda3145cfd8e5c15fbabf7bc64322751bd4913f43fc0306fd861e23ffe334

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3112672562-2960968610-587266201-1001_Classes\CLSID\{6282d2e9-5906-bbf9-4b71-0c2869c6a835} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A45FBB2-6B59-4740-9B11-88E2604DF6FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A45FBB2-6B59-4740-9B11-88E2604DF6FD}" => removed successfully
C:\WINDOWS\System32\Tasks\HPDataRetriever => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPDataRetriever" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2C4E7F8-F74B-473B-9BE5-2CADA567CACA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2C4E7F8-F74B-473B-9BE5-2CADA567CACA}" => removed successfully
C:\WINDOWS\System32\Tasks\HPSupportTool => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPSupportTool" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45446A34-4BCD-4FD8-A871-79C03E408B7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45446A34-4BCD-4FD8-A871-79C03E408B7A}" => removed successfully
C:\WINDOWS\System32\Tasks\McAfee\DAD.WPS.Execute.Updates => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\DAD.WPS.Execute.Updates" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64C8A485-6E5C-43E3-80C5-B9BDA03657F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64C8A485-6E5C-43E3-80C5-B9BDA03657F1}" => removed successfully
C:\WINDOWS\System32\Tasks\OmenInstallMonitorCustomEvent => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OmenInstallMonitorCustomEvent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{63AF6FD6-60DE-4C28-AD85-3011FEDA71AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63AF6FD6-60DE-4C28-AD85-3011FEDA71AD}" => removed successfully
C:\WINDOWS\System32\Tasks\OmenOverlay => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OmenOverlay" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C6DE594-E11A-47A5-BBCD-B42E5D7872BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C6DE594-E11A-47A5-BBCD-B42E5D7872BD}" => removed successfully
C:\WINDOWS\System32\Tasks\OmenOverlayCustomEvent => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OmenOverlayCustomEvent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6E69B1C3-17F0-4C47-AAC4-0D7EDE4D346D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E69B1C3-17F0-4C47-AAC4-0D7EDE4D346D}" => removed successfully
C:\WINDOWS\System32\Tasks\SystemOptimizer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemOptimizer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11A83D3E-A5D7-48BD-8A20-EBB8BD037F17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11A83D3E-A5D7-48BD-8A20-EBB8BD037F17}" => removed successfully
C:\WINDOWS\System32\Tasks\SystemOptimizerCustomEvent => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemOptimizerCustomEvent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3495A3A7-9091-42E3-B148-0E9A65C995E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3495A3A7-9091-42E3-B148-0E9A65C995E4}" => removed successfully
C:\WINDOWS\System32\Tasks\SystemOptimizerTemp => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemOptimizerTemp" => removed successfully
HKLM\SOFTWARE\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
ScreenConnect Client (9089f237309e0452) => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ScreenConnect Client (9089f237309e0452) => removed successfully
ScreenConnect Client (9089f237309e0452) => service removed successfully

========================= Folder: C:\WINDOWS\Provisioning ========================

2024-04-01 09:22 - 2024-04-01 09:22 - 000007367 ____A [180E98865EC31C7009549978377FF6AA] () C:\WINDOWS\Provisioning\categories.xml
2024-04-01 09:22 - 2024-04-01 09:22 - 000028870 ____A [ECCEEE0BE9CC5E72114631810AC335F7] () C:\WINDOWS\Provisioning\CountryTable.xml
2024-04-01 09:22 - 2024-04-01 09:22 - 000029571 ____A [03174AB91E5C7763AB60ABF5A24C12E8] () C:\WINDOWS\Provisioning\IccidToRegion.xml
2025-04-25 23:17 - 2025-04-25 23:17 - 003076096 ____A [DE1AF6C65272FBF719E185A1D25405F7] () C:\WINDOWS\Provisioning\Microsoft-Desktop-Provisioning.dat
2025-04-25 23:17 - 2025-04-25 23:17 - 000663552 ____A [29F5622423128B7D3145E93351328C9F] () C:\WINDOWS\Provisioning\Microsoft-Desktop-Provisioning-Sequence.dat
2024-04-01 09:26 - 2024-04-01 09:34 - 000000000 ____D [00000000000000000000000000000000] () C:\WINDOWS\Provisioning\Autopilot
2024-04-01 09:26 - 2024-04-01 09:34 - 000000000 __RSD [00000000000000000000000000000000] () C:\WINDOWS\Provisioning\Autopilot\DiagnosticAnalysisFramework
2024-04-01 09:22 - 2024-04-01 09:22 - 000154153 __RAS [2B160C682BAEDDFE4B05ED3878E06C69] () C:\WINDOWS\Provisioning\Autopilot\DiagnosticAnalysisFramework\EtwProcessingData.json
2024-04-01 09:26 - 2024-04-01 09:34 - 000000000 __RSD [00000000000000000000000000000000] () C:\WINDOWS\Provisioning\Autopilot\DiagnosticAnalysisFramework\scenarios
2024-04-01 09:26 - 2024-04-01 09:26 - 000000000 __RSD [00000000000000000000000000000000] () C:\WINDOWS\Provisioning\Autopilot\DiagnosticAnalysisFramework\scenarios\CommercialOOBE
2024-04-01 09:22 - 2024-04-01 09:22 - 000007272 __RAS [E7EFE86385E202EB411D37DC889D6ED1] () C:\WINDOWS\Provisioning\Autopilot\DiagnosticAnalysisFramework\scenarios\CommercialOOBE\DiagnosticDataFilteringSchema.json
2024-04-01 09:22 - 2024-04-01 09:22 - 000023669 __RAS [D7EAF7FC9B2FD067FB40FB9DCAAB26F6] () C:\WINDOWS\Provisioning\Autopilot\DiagnosticAnalysisFramework\scenarios\CommercialOOBE\DiagnosticDataSourceInfo.json
2024-04-01 09:26 - 2024-04-01 09:34 - 000000000 ____D [00000000000000000000000000000000] () C:\WINDOWS\Provisioning\Cosa
2024-04-01 09:26 - 2025-03-28 12:56 - 000000000 ____D [00000000000000000000000000000000] () C:\WINDOWS\Provisioning\Cosa\Microsoft
2025-03-28 12:16 - 2025-03-28 12:16 - 002943927 ____A [56BFDEA09C9A56FCCA6246F7FCFC84D1] () C:\WINDOWS\Provisioning\Cosa\Microsoft\Microsoft.Windows.Cosa.Desktop.Client.ppkg
2024-04-01 09:26 - 2024-04-01 09:26 - 000000000 ____D [00000000000000000000000000000000] () C:\WINDOWS\Provisioning\Cosa\MO
2024-04-01 09:26 - 2024-04-01 09:26 - 000000000 ____D [00000000000000000000000000000000] () C:\WINDOWS\Provisioning\Cosa\OEM
2024-04-01 09:26 - 2025-03-28 12:56 - 000000000 ____D [00000000000000000000000000000000] () C:\WINDOWS\Provisioning\Packages
2024-04-01 09:22 - 2024-04-01 09:22 - 000005357 ____A [D78FCDAA7F290ECDDA8B801108828E54] () C:\WINDOWS\Provisioning\Packages\Power.EnergyEstimationEngine.Control.ppkg
2024-04-01 09:22 - 2024-04-01 09:22 - 000009421 ____A [2A9451A208F224343D76023692C26872] () C:\WINDOWS\Provisioning\Packages\Power.EnergyEstimationEngine.CPU.ppkg
2024-04-01 09:22 - 2024-04-01 09:22 - 000005698 ____A [388A8EFC44FCB5C40055AB3963F6F8A0] () C:\WINDOWS\Provisioning\Packages\Power.EnergyEstimationEngine.Display.ppkg
2024-04-01 09:22 - 2024-04-01 09:22 - 000005680 ____A [AC1FE643ED0650DE81E684C2731BAAAE] () C:\WINDOWS\Provisioning\Packages\Power.EnergyEstimationEngine.MBB.ppkg
2024-04-01 09:22 - 2024-04-01 09:22 - 000005619 ____A [8DBC225321296784F57E0D51068DC70E] () C:\WINDOWS\Provisioning\Packages\Power.EnergyEstimationEngine.StandbyActivation.ppkg
2024-04-01 09:22 - 2024-04-01 09:22 - 000006509 ____A [81658607E349212F7CC6FD48BCA3B99C] () C:\WINDOWS\Provisioning\Packages\Power.EnergyEstimationEngine.Storage.ppkg
2024-04-01 09:22 - 2024-04-01 09:22 - 000005644 ____A [9367591445A9149A4F1AA3528BD3597B] () C:\WINDOWS\Provisioning\Packages\Power.EnergyEstimationEngine.Telemetry.ppkg
2024-04-01 09:22 - 2024-04-01 09:22 - 000005643 ____A [877D682941F1F725A11350DED044B005] () C:\WINDOWS\Provisioning\Packages\Power.EnergyEstimationEngine.Wifi.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000005598 ____A [B365B7FD5CDB1A5FA82FD969DDA8BB42] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Battery.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000005727 ____A [95A2FFBCC5590E4F479FBA59D7474B4C] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Button.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000007402 ____A [FCF9C1604E382C803A5FCA32066281BA] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Control.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000005506 ____A [F44D5D102F04744627D67E2D3B46C445] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Disk.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000005612 ____A [620695EB0B1E9721608E086A9A791765] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Display.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000005829 ____A [1A172C5ABA00A3DAEE31FDDFC970C619] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Graphics.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000005552 ____A [EA0971EFAEA96379C0DDF32244C833BB] () C:\WINDOWS\Provisioning\Packages\Power.Settings.IdleResiliency.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000005644 ____A [066A35A8F46DCD2BA6D03DBE0E0C56D0] () C:\WINDOWS\Provisioning\Packages\Power.Settings.PCIExpress.ppkg
2025-03-28 12:16 - 2025-03-28 12:16 - 000026500 ____A [9FECA3523BA0507BB4E5A88B29DFCE87] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Processor.Amd.ppkg
2025-03-05 02:34 - 2025-03-05 02:34 - 000071095 ____A [163F404F26FF3A3CF2AC222D5CDF62F0] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Processor.Intel.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000007226 ____A [EC58FC63EAF4E4FDF0ABF1152039B80F] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Processor.ppkg
2025-01-30 10:52 - 2025-01-30 10:52 - 000007171 ____A [C1730B1A64CD50C950CA949963D9886D] () C:\WINDOWS\Provisioning\Packages\Power.Settings.Sleep.ppkg
2024-04-01 09:22 - 2024-04-01 09:22 - 000007421 ____A [6C5182D731CBA803081BB9E8FC288319] () C:\WINDOWS\Provisioning\Packages\SecureStart.Settings.ppkg

====== End of Folder: ======


========================= Folder: C:\Users\broni\AppData\LocalLow\dc25830ab813ded7b142ab1203c15cdf26469d286038afa77efc1fb6e7654e2b ========================

C:\Users\broni\AppData\LocalLow\dc25830ab813ded7b142ab1203c15cdf26469d286038afa77efc1fb6e7654e2b = File

====== End of Folder: ======


========================= Folder: C:\Users\broni\AppData\LocalLow\3e7bda3145cfd8e5c15fbabf7bc64322751bd4913f43fc0306fd861e23ffe334 ========================

C:\Users\broni\AppData\LocalLow\3e7bda3145cfd8e5c15fbabf7bc64322751bd4913f43fc0306fd861e23ffe334 = File

====== End of Folder: ======


=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16035405 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 19439200 B
Windows/system/drivers => 186512 B
Edge => 0 B
Firefox => 602359111 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 189804 B
systemprofile32 => 189804 B
LocalService => 239114 B
NetworkService => 239114 B
broni => 24486183 B

RecycleBin => 3477311 B
EmptyTemp: => 636.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:20:39 ====

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
Virustotal: C:\Users\broni\AppData\LocalLow\dc25830ab813ded7b142ab1203c15cdf26469d286038afa77efc1fb6e7654e2b
Virustotal: C:\Users\broni\AppData\LocalLow\3e7bda3145cfd8e5c15fbabf7bc64322751bd4913f43fc0306fd861e23ffe334

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[bruno]

log je tu ale je vloženy o vlakno vyše