Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by Admin (03-01-2023 20:17:41)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2364 (X64) (2022-05-07 14:35:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-4173816120-628967410-704578254-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-4173816120-628967410-704578254-500 - Administrator - Disabled)
balne (S-1-5-21-4173816120-628967410-704578254-1005 - Limited - Disabled)
DefaultAccount (S-1-5-21-4173816120-628967410-704578254-503 - Limited - Disabled)
Guest (S-1-5-21-4173816120-628967410-704578254-501 - Limited - Disabled)
petrb (S-1-5-21-4173816120-628967410-704578254-1002 - Limited - Disabled)
w801122 (S-1-5-21-4173816120-628967410-704578254-1025 - Administrator - Enabled) => C:\Users\w801122
WDAGUtilityAccount (S-1-5-21-4173816120-628967410-704578254-504 - Limited - Disabled)
zuzka (S-1-5-21-4173816120-628967410-704578254-1003 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Audacity 3.2.1 (HKLM\...\Audacity_is1) (Version: 3.2.1 - Audacity Team)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 108.0.19667.125 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Bang & Olufsen Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.239.70 - Conexant)
CLion 2022.2.4 (HKLM-x32\...\CLion 2022.2.4) (Version: 222.4345.21 - JetBrains s.r.o.)
GIMP 2.10.32-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
GitHub Desktop (HKU\S-1-5-21-4173816120-628967410-704578254-1001\...\GitHubDesktop) (Version: 3.1.2 - GitHub, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
HP Customer Experience Enhancements (HKLM-x32\...\{64228DFB-7450-49B7-935C-B97342CB6659}) (Version: 6.0.12.1 - HP Development Company, L.P.) Hidden
HP Hotkey Support (HKLM-x32\...\{8C2BF475-0125-4E2C-885F-A305467E1C27}) (Version: 6.2.44.1 - HP)
HP Support Assistant (HKLM-x32\...\{33A0B67A-CF04-4F31-B3D0-EEEEDEF7078E}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{560FFBE9-14AE-4BD9-AB5B-C72F5290B9D5}) (Version: 12.18.34.21 - HP Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Legacy 9.0 (HKLM-x32\...\Legacy 9.0) (Version: 9.0  - Millennia Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4173816120-628967410-704578254-1025\...\Teams) (Version: 1.5.00.8070 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4173816120-628967410-704578254-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.74.2 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.40 (HKLM\...\{43A0F3F1-1A26-43F3-ABD6-30E8A54D407E}) (Version: 6.1.40 - Oracle Corporation)
PSPad editor (HKLM-x32\...\PSPad editor 32bit_is1) (Version: 5.0.6.589 - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7561 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.8.32 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B652B695-C849-4EF2-B09A-72771C7AD2BA}) (Version: 2.71.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
XnView 2.50 (HKLM-x32\...\XnView_is1) (Version: 2.50 - Gougelet Pierre-e)

Packages:
=========
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.29.0_x64__v10z8vjag6ke6 [2022-09-29] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-05-07] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-11-09] (Netflix, Inc.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-18] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4173816120-628967410-704578254-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Admin\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Pinned Sites\MSEdge._pin_mbfefonkpgdabgjoiopokelgkj\Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --pin-url=hxxps://www.office.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Pinned Sites\MSEdge._pin_adnlfjpnmiaohpidplnoimahfh\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --pin-url=hxxps://www.youtube.com/ --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2022-05-15 07:10 - 2019-04-22 14:50 - 001370112 _____ (Conexant Systems LLC.) [File not signed] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll
2022-07-15 18:00 - 2022-07-15 18:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-12] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4173816120-628967410-704578254-1001\...\sharepoint.com -> hxxps://opava-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2022-11-28 16:44 - 2022-12-19 15:20 - 000000520 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.19.0.1 DESKTOP-ISG7U4Q.mshome.net # 2027 12 6 18 14 20 17 817
23.5.197 lin1-Virtual-Machine.mshome.net # 2022 12 2 6 15 4 1 462

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Java\jdk-19\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;
HKU\S-1-5-21-4173816120-628967410-704578254-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Desktop\scifi shps\wp7448301.jpg
HKU\S-1-5-21-4173816120-628967410-704578254-1025\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.8.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Wi-Fi 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKU\S-1-5-21-4173816120-628967410-704578254-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4173816120-628967410-704578254-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4173816120-628967410-704578254-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B"
HKU\S-1-5-21-4173816120-628967410-704578254-1025\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4173816120-628967410-704578254-1025\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4173816120-628967410-704578254-1025\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_E5DAC3483DA38341257ABDA6D796DFE4"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{AB31D0C2-5C52-40DB-A6AB-A46FE2A3352E}C:\users\admin\downloads\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe => No File
FirewallRules: [UDP Query User{E04A30D4-DB99-437E-836A-6B2A7B4ED3EE}C:\users\admin\downloads\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe => No File
FirewallRules: [TCP Query User{CCC440C6-DC00-48D9-875B-D3675AC6CF00}C:\users\admin\downloads\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe => No File
FirewallRules: [UDP Query User{3CE1D235-CCF3-4671-94BC-D4AF53B3D695}C:\users\admin\downloads\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe => No File
FirewallRules: [TCP Query User{0ECAAA25-9C29-41B7-96DB-BCC70C24E5DF}C:\users\public\videos\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe] => (Allow) C:\users\public\videos\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe => No File
FirewallRules: [UDP Query User{F0BA8552-681F-4683-BD91-6B37BFFCB219}C:\users\public\videos\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe] => (Allow) C:\users\public\videos\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe => No File
FirewallRules: [TCP Query User{AC88262B-7B59-40D1-89B1-56BCC3CE77EC}C:\users\admin\downloads\1\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\1\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe => No File
FirewallRules: [UDP Query User{821846A6-8762-42AE-8477-EE7AD610D511}C:\users\admin\downloads\1\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\1\the.battle.of.polytopia.v2.0.69.6093.incl.all.dlc\polytopia.exe => No File
FirewallRules: [TCP Query User{9051BD79-6CDD-471C-A8E2-A3B582730C0E}C:\programdata\admin\discord\app-1.0.9004\discord.exe] => (Allow) C:\programdata\admin\discord\app-1.0.9004\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{E68A59C3-3113-43CD-A509-341A265DE8C8}C:\programdata\admin\discord\app-1.0.9004\discord.exe] => (Allow) C:\programdata\admin\discord\app-1.0.9004\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [TCP Query User{9F3EF6B8-A7EF-4223-A6C5-370343A7542E}C:\users\admin\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\admin\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{286D7119-31DC-4179-987A-384E8348B7A5}C:\users\admin\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\admin\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{4206A1A8-947E-4AC1-A588-3BE2953312B3}C:\users\admin\downloads\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\polytopia.exe () [File not signed]
FirewallRules: [UDP Query User{91AAAF8F-406D-4AA6-AC44-51138483BE51}C:\users\admin\downloads\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\polytopia.exe () [File not signed]
FirewallRules: [TCP Query User{5DCEB07A-964E-4A9A-B202-411AF9DC622C}C:\users\admin\downloads\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\polytopia.exe () [File not signed]
FirewallRules: [UDP Query User{BCC318F8-091A-43F3-A3D7-B089AE1EE400}C:\users\admin\downloads\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\polytopia.exe] => (Allow) C:\users\admin\downloads\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\the.battle.of.polytopia.v2.2.1.7779.incl.all.dlc\polytopia.exe () [File not signed]
FirewallRules: [TCP Query User{F2018BE2-68B1-4F0B-B039-AF512E6B6AEB}C:\program files\jetbrains\clion 2022.2.1\bin\clion64.exe] => (Allow) C:\program files\jetbrains\clion 2022.2.1\bin\clion64.exe => No File
FirewallRules: [UDP Query User{0516C46E-B734-4C2E-B2ED-4CC5183CE444}C:\program files\jetbrains\clion 2022.2.1\bin\clion64.exe] => (Allow) C:\program files\jetbrains\clion 2022.2.1\bin\clion64.exe => No File
FirewallRules: [TCP Query User{DC5A1C27-B95A-42D8-AF93-FE2C859BC443}C:\users\admin\downloads\garden.story.v1.0.8\garden.story.v1.0.8\${garden story}.exe] => (Allow) C:\users\admin\downloads\garden.story.v1.0.8\garden.story.v1.0.8\${garden story}.exe => No File
FirewallRules: [UDP Query User{CCB5383A-D23A-44BF-8DE7-DCEAE5AE5857}C:\users\admin\downloads\garden.story.v1.0.8\garden.story.v1.0.8\${garden story}.exe] => (Allow) C:\users\admin\downloads\garden.story.v1.0.8\garden.story.v1.0.8\${garden story}.exe => No File
FirewallRules: [TCP Query User{8E18C13B-A51F-4446-9161-2E8538C48F4F}C:\users\admin\downloads\garden.story.v1.0.8\garden.story.v1.0.8\${garden story}.exe] => (Allow) C:\users\admin\downloads\garden.story.v1.0.8\garden.story.v1.0.8\${garden story}.exe => No File
FirewallRules: [UDP Query User{8FFE4F7B-7EAD-4FCC-B030-236D2ADE7886}C:\users\admin\downloads\garden.story.v1.0.8\garden.story.v1.0.8\${garden story}.exe] => (Allow) C:\users\admin\downloads\garden.story.v1.0.8\garden.story.v1.0.8\${garden story}.exe => No File
FirewallRules: [{85DD59C2-C3C5-4BCF-81FD-C42F6BD85E8E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB0BE3E1-FA00-4467-9F5B-42FC6CFA4D78}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6903255D-ABE0-444C-9671-93173C7E5D27}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53338C02-AF59-498B-8BBA-48EFBAB8DCBE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16492308-415F-4344-8B05-FB9E2FC8AC0E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{E94FA941-5618-42B9-9565-3EA483CFC097}C:\program files\jetbrains\clion 2022.2.4\bin\clion64.exe] => (Allow) C:\program files\jetbrains\clion 2022.2.4\bin\clion64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{9FCAA250-D0E3-4C9B-B47A-725D961C2760}C:\program files\jetbrains\clion 2022.2.4\bin\clion64.exe] => (Allow) C:\program files\jetbrains\clion 2022.2.4\bin\clion64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{6251B180-C6D5-4209-9508-7445715E9BFC}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{C8519950-C7D9-47AB-A8AD-A4CE0F777267}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{033C2496-BE8B-452B-A2FA-8E8CBE295D4B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D1F28120-E9CB-4683-8B89-441458ABF9DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52C05A4E-23D3-4CB5-8C03-ADA7687175B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2521C67F-36A8-4B75-B321-D8AA823AD0D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C021E233-70CB-475F-B1C1-6FF687735ECE}C:\program files\microvirt\memuhyperv\memuhyper.exe] => (Allow) C:\program files\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [UDP Query User{6F52267D-BD07-42B3-837F-E647CC06CC3B}C:\program files\microvirt\memuhyperv\memuhyper.exe] => (Allow) C:\program files\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [{EC5C9B70-06E5-4B6C-939E-15E610467B2A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5A7CA81E-3295-4A56-9D14-414D477D774D}C:\users\admin\downloads\rain-world\rain world\rainworld.exe] => (Allow) C:\users\admin\downloads\rain-world\rain world\rainworld.exe => No File
FirewallRules: [UDP Query User{BC64DE9A-7CF4-4038-A859-D3527D6E7A9B}C:\users\admin\downloads\rain-world\rain world\rainworld.exe] => (Allow) C:\users\admin\downloads\rain-world\rain world\rainworld.exe => No File
FirewallRules: [{DA5F1B9B-EDF2-42A4-9FFE-351B07C09C1F}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

24-12-2022 15:06:25 Removed Eclipse Temurin JDK with Hotspot 17.0.5+8 (x64)
30-12-2022 15:27:22 AA11
01-01-2023 15:47:12 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/02/2023 04:01:53 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/02/2023 04:01:53 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (12/31/2022 02:54:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RuntimeBroker.exe, verze: 10.0.19041.746, časové razítko: 0x5b78739c
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2130, časové razítko: 0xb5ced1c6
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff6a9
ID chybujícího procesu: 0x29b4
Čas spuštění chybující aplikace: 0x01d91d1a4ee35081
Cesta k chybující aplikaci: C:\Windows\System32\RuntimeBroker.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 170d4dc9-e5c4-4cae-bb43-c32953969361
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: runtimebroker07f4358a809ac99a64a67c1

Error: (12/31/2022 02:21:19 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_OFF došlo k chybě.

Error: (12/31/2022 02:21:19 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_OFF došlo k chybě.

Error: (12/31/2022 02:14:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PhoneExperienceHost.exe, verze: 1.22102.229.0, časové razítko: 0x6377dc84
Název chybujícího modulu: coreclr.dll, verze: 6.0.1222.56807, časové razítko: 0x6377d482
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001d229b
ID chybujícího procesu: 0x33c0
Čas spuštění chybující aplikace: 0x01d91d19cc36228f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\coreclr.dll
ID zprávy: 2c3824eb-4e60-4db4-a69c-2bf9f9ea040d
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (12/31/2022 02:14:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PhoneExperienceHost.exe, verze: 1.22102.229.0, časové razítko: 0x6377dc84
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2364, časové razítko: 0x5b7d4d22
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000002cd29
ID chybujícího procesu: 0x33c0
Čas spuštění chybující aplikace: 0x01d91d19cc36228f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6e898557-9d5c-4751-a4c7-52d83f68e879
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (12/31/2022 02:14:23 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PhoneExperienceHost.exe
CoreCLR Version: 6.0.1222.56807
.NET Version: 6.0.12
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException (0x80040154): Třída není zaregistrována (0x80040154 (REGDB_E_CLASSNOTREG))
   at WinRT.ExceptionHelpers.<ThrowExceptionForHR>g__Throw|20_0(Int32 hr)
   at WinRT.ExceptionHelpers.ThrowExceptionForHR(Int32 hr)
   at ABI.Microsoft.Windows.AppLifecycle.IAppInstanceMethods.GetActivatedEventArgs(IObjectReference _obj)
   at Microsoft.Windows.AppLifecycle.AppInstance.GetActivatedEventArgs()
   at YourPhone.Program.Main(String[] args)


System errors:
=============
Error: (01/03/2023 06:41:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (01/03/2023 06:38:53 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (01/03/2023 04:03:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ISG7U4Q)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/03/2023 03:58:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Virtuální disk byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (01/03/2023 03:26:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (01/03/2023 03:23:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba MessagingService_2d8f6 byla ukončena s následující chybou: 
Služba nebyla spuštěna.

Error: (01/03/2023 03:23:51 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (01/02/2023 05:57:29 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Biometrická služba systému Windows se po přijetí pokynu pro vypnutí neukončila správně.


Windows Defender:
================
Date: 2023-01-02 14:40:53
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/OfferCore&threatid=311999&enterprise=0
Název: PUADlManager:Win32/OfferCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Admin\Downloads\Rain World_vbwMW-1.exe; webfile:_C:\Users\Admin\Downloads\Rain World_vbwMW-1.exe|https://d2r3dgsh5nr4kg.cloudfront.net/installer/634062/2528578770153549|pid:7812,ProcessStart:133171404511169430
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-ISG7U4Q\Admin
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.381.1578.0, AS: 1.381.1578.0, NIS: 1.381.1578.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-01 16:11:12
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3CAE964F-B8F0-4B44-A23D-94F69BB3B40C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-ISG7U4Q\w801122

Date: 2023-01-01 14:46:38
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:PHP/WeevelyShell.R!MTB&threatid=2147761519&enterprise=0
Název: Backdoor:PHP/WeevelyShell.R!MTB
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_D:\pool\main\w\weevely\weevely_4.0.1-1_all.deb
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-ISG7U4Q\Admin
Název procesu: C:\Users\Admin\Desktop\rufus-3.19.exe
Verze bezpečnostních informací: AV: 1.381.1467.0, AS: 1.381.1467.0, NIS: 1.381.1467.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-01 14:44:16
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Ransom:Win32/CVE&threatid=2147760253&enterprise=0
Název: Ransom:Win32/CVE
Závažnost: Vážné
Kategorie: Ransomware
Cesta: file:_D:\pool\main\s\set\set_8.0.3+git20200609-0kali2_all.deb
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-ISG7U4Q\Admin
Název procesu: C:\Users\Admin\Desktop\rufus-3.19.exe
Verze bezpečnostních informací: AV: 1.381.1467.0, AS: 1.381.1467.0, NIS: 1.381.1467.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-01 14:41:34
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:PowerShell/Powersploit.L&threatid=2147725348&enterprise=0
Název: Trojan:PowerShell/Powersploit.L
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\pool\main\p\powersploit\powersploit_3.0.0+git20200817.d943001-0kali1_all.deb
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-ISG7U4Q\Admin
Název procesu: C:\Users\Admin\Desktop\rufus-3.19.exe
Verze bezpečnostních informací: AV: 1.381.1467.0, AS: 1.381.1467.0, NIS: 1.381.1467.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
﻿Event[0]:

Date: 2022-12-29 18:12:40
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.381.1135.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

Date: 2022-12-29 18:12:40
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.381.1135.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

Date: 2022-12-29 18:12:40
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.381.1135.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

Date: 2022-12-29 18:12:40
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.381.1135.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

Date: 2022-12-29 18:12:40
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.381.1135.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

CodeIntegrity:
===============
Date: 2023-01-03 18:52:21
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: HP P78 Ver. 01.35 07/14/2020
Motherboard: HP 828C
Processor: Intel(R) Core(TM) i5-7300U CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 8035.21 MB
Available physical RAM: 4018.48 MB
Total Virtual: 9291.21 MB
Available Virtual: 4835.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.49 GB) (Free:101.43 GB) (Model: CT250MX500SSD4) NTFS

\\?\Volume{24c9d121-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.53 GB) NTFS
\\?\Volume{24c9d121-0000-0000-0000-00043a000000}\ () (Fixed) (Total:0.82 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 24C9D121)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=842 MB) - (Type=27)

==================== End of Addition.txt =======================