Problem z Windows Update

Zpráva

KOKOS1 · #1 Příspěvek od **KOKOS1** » 06 říj 2022 16:32

Zdravím mam problém s Windows Update. Je vypnuta v správci služeb když se pokouším spustit píše to přístup odepřen. Mam Windows 10 Zasílám logy v raru ( FRST).

Edit: Mam taky jiny problém z PC časté zamrzávaní při projíždění webu nebo hraní her. Všiml jsem si jednoho programu který je škodlivý a vypadá to na bitcoin miner (Great Discover)

Edit2: přisel jsem na to proč nesel Windows Update mel jsem aplikaci (nevím kde se vůbec vzala) stopupdates10 service. Podle návodu jsem to spustil a povolil aktualizace a šlo to stáhnout a nainstalovat. Zůstává problém z minerama na co jsem přisel ještě první je Great Discover, druhy co mě vrtá hlavou mam nějaký soubory Richdale.dll nebo Richdale2.dll

#2 Příspěvek od **JaRon** » 07 říj 2022 08:18

ahoj,
prescanuj PC s MBAM + ADWCleaner

KOKOS1 · #3 Příspěvek od **KOKOS1** » 07 říj 2022 11:06

mbam nalezl tři detekce ty jsem dal do karantény.

Log z Mbam: Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 07.10.22
Čas skenování: 11:48
Logovací soubor: 3cfb38ee-4625-11ed-b426-448a5b9cc630.json

-Informace o softwaru-
Verze: 4.5.14.210
Verze komponentů: 1.0.1772
Aktualizovat verzi balíku komponent: 1.0.60746
Licence: Bezplatná

-Systémová informace-
OS: Windows 10 (Build 19044.2075)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-I9MQLIO\BT

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 293570
Zjištěné hrozby: 3
Hrozby umístěné do karantény: 3
Uplynulý čas: 7 min, 4 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 3
Malware.AI.4281569205, C:\USERS\BT\APPDATA\ROAMING\Microsoft\Windows\Recent\modest-menu_v0.9.4_[kiddionsmodmenu.com]_ (2).lnk, V karanténě, 1000000, -13398091, , , , , 51CC789E4E9ED32EEB0CA239DBD5A91E, FCDD1BE6989C0584A396E835911937135CA22707F0978BF483C278D4719469EF
Malware.AI.4281569205, C:\USERS\BT\APPDATA\ROAMING\Microsoft\Windows\Recent\modest-menu_v0.9.4_[kiddionsmodmenu.com]_.lnk, V karanténě, 1000000, -13398091, , , , , ,
Malware.AI.4281569205, D:\GOOD\MODEST-MENU_V0.9.4_[KIDDIONSMODMENU.COM]_.ZIP, V karanténě, 1000000, -13398091, 1.0.60746, 35660D265D69E43CFF338FB5, dds, 01980447, ,

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Adwcleaner mam vic logu prvni byl testovan 19.2.2022:

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-19-2022
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 8
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IdleBuddy
Deleted C:\Users\BT\AppData\Local\Programs\Walliant
Deleted C:\Users\BT\AppData\Local\Walliant
Deleted C:\Users\BT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Walliant
Deleted C:\Users\BT\AppData\Roaming\RelevantKnowledge

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Walliant
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Walliant
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E72E2194-F430-4F4A-A262-1C8FF081B3A5}_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2072 octets] - [19/02/2022 17:54:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

a dnesni :

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-07-2022
# Duration: 00:00:12
# OS: Windows 10 (Build 19044.2075)
# Scanned: 32094
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [2072 octets] - [19/02/2022 17:54:44]
AdwCleaner[C00].txt - [2114 octets] - [19/02/2022 17:55:16]
AdwCleaner[S01].txt - [1527 octets] - [19/02/2022 17:56:13]
AdwCleaner[C01].txt - [1717 octets] - [19/02/2022 17:56:36]
AdwCleaner[S02].txt - [2086 octets] - [01/10/2022 02:40:14]
AdwCleaner[C02].txt - [2261 octets] - [01/10/2022 02:40:47]
AdwCleaner[S03].txt - [1786 octets] - [01/10/2022 02:41:27]
AdwCleaner[C03].txt - [2060 octets] - [01/10/2022 02:42:34]
AdwCleaner[S04].txt - [1908 octets] - [01/10/2022 02:43:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

Proč řeším uložím obrázek z Great discover je to jako spuštěna služba v správci úloh a nejde vypnout

složka měla víc souboru co šlo jsem smazal, zůstali tyto dva soubory obrazek1 když dam Uninstal.exe objeví se hláška: tato aplikace je z důvodu vaší ochrany blokovaná. a pod tím je: správce vám zakázal spuštěni této aplikace,dalsi informace získáte od správce.

#4 Příspěvek od **JaRon** » 07 říj 2022 11:45

vloz aktualne logy FRST

KOKOS1 · #5 Příspěvek od **KOKOS1** » 07 říj 2022 11:55

Tak log FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-10-2022
Ran by BT (administrator) on DESKTOP-I9MQLIO (MSI MS-7845) (07-10-2022 12:48:44)
Running from C:\Users\BT\Desktop
Loaded Profiles: BT
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2075 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe
(services.exe ->) (Devine Software Oy -> Devine Software Oy) C:\Program Files\Devine Software Oy\Great Discover\Great Discover.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Ramadutha Software Services -> Ramadutha Software Services) C:\Program Files (x86)\ProudBrowser\ProudBrowser.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Policies\system: []
HKU\S-1-5-20\...\Policies\system: []
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630048 2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-02-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [8822376 2022-09-20] (Proton Technologies AG -> ProtonVPN)
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Run: [EpicGamesLauncher] => D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Policies\system: []
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-18\...\Policies\system: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.103\Installer\chrmstp.exe [2022-10-06] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-10-07] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy-Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {032CAD6E-DC3F-44D6-9C52-59CFAA151EB4} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\BT\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-10-01] (ESET, spol. s r.o. -> ESET)
Task: {04BFAE90-0328-4105-867B-BD6D8D22CAEB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0E1F4D2F-784F-4FE1-9095-169F8395EC58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-02-26] (Google Inc -> Google LLC)
Task: {20987B0A-E455-447D-BDD0-109FD9EA822A} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "bc5f7280-74c9-44dd-9900-2f0551207663" --version "6.04.10044" --silent
Task: {294EC8AF-E038-4E6C-A385-1126573396A7} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\BT\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-10-01] (ESET, spol. s r.o. -> ESET)
Task: {3950E324-553B-4A83-8AAC-4F9468D114B2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {41FF2A63-BF4D-45BB-BBC9-9BC0340DCB0E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165000 2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {43807AF4-F28D-443F-BE7B-B16A39C93B0F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6132DE05-9F5F-4EC8-95BA-FC0CBD809FE6} - System32\Tasks\CCleanerSkipUAC - BT => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {724124EA-162C-4C1B-90EE-8E28A620C828} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77A0BD4A-F353-4ACA-8859-9842C939D829} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7AE185AF-5996-4B9E-BBCE-73F0B70C4B87} - System32\Tasks\FreeDownloadManagerHelperService => F:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (No File)
Task: {9C762F96-6BB7-4793-B86B-60F15F005E49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8860ABB-BBF1-4765-9AA5-80F0D0ADF7C3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {AA53D7B9-52DF-493D-B65C-1D3DC65249FE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1186171619-893856383-1054623740-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165000 2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB6D3E45-CA1F-416D-B66F-57F641837AB3} - System32\Tasks\Opera scheduled Autoupdate 1612203682 => C:\Users\BT\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {FB418E33-A9BD-4F61-8AE6-8115DE95C296} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-02-26] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9186c049-7f74-41ea-89b0-7a612598f2b1}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\BT\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-07]
Edge Extension: (Avira Safe Shopping) - C:\Users\BT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-06-29]
Edge Extension: (Avira Password Manager) - C:\Users\BT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-08-06]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: upoua2ca.default
FF ProfilePath: C:\Users\BT\AppData\Roaming\Mozilla\Firefox\Profiles\upoua2ca.default [2020-02-21]
FF ProfilePath: C:\Users\BT\AppData\Roaming\Mozilla\Firefox\Profiles\26re0e98.default-release [2022-10-07]
FF Extension: (AdBlocker Ultimate) - C:\Users\BT\AppData\Roaming\Mozilla\Firefox\Profiles\26re0e98.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-10-02]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\BT\AppData\Roaming\Mozilla\Firefox\Profiles\26re0e98.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-08-30]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default [2022-10-07]
CHR Notifications: Default -> hxxps://steamunlocked.net; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-26]
CHR Extension: (Dokumenty) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-26]
CHR Extension: (Disk Google) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-05]
CHR Extension: (YouTube) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-26]
CHR Extension: (Avira Password Manager) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-10-05]
CHR Extension: (Avira Safe Shopping) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-10-05]
CHR Extension: (Tabulky) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-26]
CHR Extension: (Avira Browser Safety) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-10]
CHR Extension: (Gmail) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-05]
CHR Extension: (Chrome Media Router) - C:\Users\BT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-10]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"ProudBrowser" => service was unlocked. <==== ATTENTION

R2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2022-01-29] (Apple Inc. -> Apple Inc.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-02-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-04-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncHelper.exe [3383688 2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 Great Discover; C:\Program Files\Devine Software Oy\Great Discover\Great Discover.exe [2809856 2021-07-01] (Devine Software Oy -> Devine Software Oy) <==== ATTENTION
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-30] (Malwarebytes Inc. -> Malwarebytes)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.176.0821.0003\OneDriveUpdaterService.exe [3803528 2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2020-12-07] (Even Balance, Inc. -> )
S4 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [401000 2022-09-20] (Proton Technologies AG -> ProtonVPN)
S4 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [328808 2022-09-20] (Proton Technologies AG -> ProtonVPN)
R2 ProudBrowser; C:\Program Files (x86)\ProudBrowser\ProudBrowser.exe [220816 2021-07-19] (Ramadutha Software Services -> Ramadutha Software Services)
S4 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2718048 2022-09-27] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SU10Guard; C:\Windows\L1HGDU145E\SU10Guard.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-02-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-02-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [89776 2021-11-08] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2022-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2020-09-24] (Famatech Corp. -> Famatech Corp.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-10-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-10-01] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-06-01] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-06-01] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 Denuvo Kuser Data Driver 1.0.0.7; \??\F:\Users\BT\Downloads\TEKKEN7ALLDLCs\TEKKEN 7 + ALL DLC's\TEKKEN 7\TekkenGame\Binaries\Win64\Denuvo64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-07 12:48 - 2022-10-07 12:49 - 000020312 _____ C:\Users\BT\Desktop\FRST.txt
2022-10-07 12:48 - 2022-10-07 12:48 - 000000000 ____D C:\Users\BT\Desktop\FRST-OlderVersion
2022-10-07 11:59 - 2022-10-07 11:59 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-07 11:48 - 2022-10-07 11:48 - 008791352 _____ (Malwarebytes) C:\Users\BT\Desktop\adwcleaner.exe
2022-10-07 08:54 - 2022-10-07 08:54 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-07 08:54 - 2022-10-07 08:54 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-07 08:54 - 2022-10-07 08:54 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-07 08:54 - 2022-10-07 08:54 - 000012251 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-07 08:53 - 2022-10-07 08:53 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-07 08:53 - 2022-10-07 08:53 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-07 08:47 - 2022-10-07 08:47 - 000000000 ___HD C:\$WinREAgent
2022-10-07 08:31 - 2022-10-07 08:31 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-07 08:27 - 2022-10-07 08:27 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2022-10-07 08:27 - 2022-10-07 08:27 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-10-07 08:27 - 2022-10-07 08:27 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-10-07 08:27 - 2022-10-07 08:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-10-07 08:27 - 2022-10-07 08:27 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-10-07 08:27 - 2022-10-07 08:27 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-10-07 08:27 - 2022-10-07 08:27 - 000188928 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-10-07 08:27 - 2022-10-07 08:27 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-10-07 08:27 - 2022-10-07 08:27 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-10-07 08:27 - 2022-10-07 08:27 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-10-07 08:27 - 2022-10-07 08:27 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-10-07 08:27 - 2022-10-07 08:27 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-10-07 08:27 - 2022-10-07 08:27 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-10-07 08:26 - 2022-10-07 08:26 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-10-07 08:26 - 2022-10-07 08:26 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-10-07 08:26 - 2022-10-07 08:26 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-10-07 08:26 - 2022-10-07 08:26 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-07 08:26 - 2022-10-07 08:26 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-10-07 08:26 - 2022-10-07 08:26 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-10-07 08:12 - 2022-10-07 08:12 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-10-07 08:12 - 2022-10-07 08:12 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-10-07 08:08 - 2022-10-07 08:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StopUpdates10
2022-10-07 08:08 - 2022-10-07 08:08 - 000000000 ____D C:\Program Files (x86)\StopUpdates10
2022-10-07 08:01 - 2022-10-07 08:01 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2022-10-06 19:25 - 2022-10-07 12:33 - 000000000 ____D C:\Users\BT\Desktop\soubory z k viry.cz
2022-10-06 17:24 - 2022-10-07 12:49 - 000000000 ____D C:\FRST
2022-10-06 17:18 - 2022-10-07 12:48 - 002372096 _____ (Farbar) C:\Users\BT\Desktop\FRST64.exe
2022-10-05 12:06 - 2022-10-05 12:06 - 000001230 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2022-10-05 12:06 - 2022-10-05 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2022-10-01 03:02 - 2022-10-01 03:02 - 000000000 ___HD C:\$SysReset
2022-10-01 03:01 - 2022-10-01 03:01 - 000000000 ___HD C:\$GetCurrent
2022-10-01 02:24 - 2022-10-01 02:24 - 000003846 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-10-01 02:24 - 2022-10-01 02:24 - 000003404 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-10-01 02:20 - 2022-10-01 02:20 - 000000085 _____ C:\WINDOWS\wininit.ini
2022-10-01 02:16 - 2022-10-06 21:00 - 000001375 _____ C:\Users\BT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-10-01 02:16 - 2022-10-06 21:00 - 000001269 _____ C:\Users\BT\Desktop\ESET Online Scanner.lnk
2022-10-01 02:16 - 2022-10-01 02:16 - 000000000 ____D C:\Users\BT\AppData\Local\ESET
2022-09-30 23:30 - 2022-09-30 23:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2022-09-30 23:28 - 2022-10-01 02:20 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2022-09-30 11:33 - 2022-09-30 11:33 - 000022072 _____ (Advanced System Repair Inc.) C:\WINDOWS\system32\Drivers\asrscan.sys
2022-09-28 07:00 - 2022-09-28 07:00 - 000000833 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2022-09-28 07:00 - 2022-09-28 07:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2022-09-21 17:51 - 2022-09-21 17:51 - 000015732 _____ C:\Users\BT\Documents\cc_20220921_175106.reg
2022-09-20 19:18 - 2022-10-07 12:34 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-09-20 19:18 - 2022-10-07 12:34 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-09-20 19:16 - 2022-09-20 19:16 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-09-20 19:09 - 2022-09-20 19:09 - 000472476 _____ C:\Users\BT\Documents\cc_20220920_190936.reg
2022-09-20 11:41 - 2022-09-20 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boosteroid
2022-09-20 11:37 - 2022-09-20 11:37 - 000000000 ____D C:\ProgramData\Piriform
2022-09-20 11:34 - 2022-10-07 12:34 - 000000000 ____D C:\Program Files\CCleaner
2022-09-20 11:34 - 2022-09-20 19:18 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-09-20 11:34 - 2022-09-20 11:34 - 000002892 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - BT
2022-09-20 11:34 - 2022-09-20 11:34 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-09-20 11:34 - 2022-09-20 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-09-20 11:33 - 2022-09-20 11:33 - 050156080 _____ (Piriform Software Ltd) C:\Users\BT\Downloads\ccsetup603_pro_trial.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-07 12:40 - 2020-02-26 23:17 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-07 12:36 - 2021-02-01 23:03 - 000000000 ____D C:\Users\BT\AppData\Local\CrashDumps
2022-10-07 12:35 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-07 12:03 - 2021-04-24 09:30 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-07 12:03 - 2019-12-07 16:43 - 000716726 _____ C:\WINDOWS\system32\perfh005.dat
2022-10-07 12:03 - 2019-12-07 16:43 - 000144904 _____ C:\WINDOWS\system32\perfc005.dat
2022-10-07 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-07 11:58 - 2021-04-24 09:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-07 11:58 - 2021-04-24 09:20 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-07 11:58 - 2021-04-24 09:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-07 11:58 - 2020-02-21 12:00 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-07 11:57 - 2020-02-21 12:31 - 000000000 ____D C:\ProgramData\Mozilla
2022-10-07 11:56 - 2021-07-19 16:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-07 11:56 - 2020-02-21 12:31 - 000000000 ____D C:\Users\BT\AppData\LocalLow\Mozilla
2022-10-07 11:48 - 2022-02-19 19:01 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-07 11:48 - 2022-02-19 19:01 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-10-07 11:46 - 2022-02-19 18:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-07 11:46 - 2022-02-19 18:59 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-07 08:57 - 2021-04-24 09:20 - 000266712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-07 08:57 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-07 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-07 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-07 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-07 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-07 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-07 08:57 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-07 08:56 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-07 08:56 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-07 08:56 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-07 08:53 - 2021-04-24 09:25 - 003012608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-07 08:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-10-07 08:34 - 2020-06-06 00:10 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-07 08:34 - 2020-06-06 00:10 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-07 08:34 - 2020-02-26 23:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-07 08:34 - 2020-02-26 23:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-07 08:34 - 2020-02-21 12:16 - 000000000 ____D C:\ProgramData\Packages
2022-10-07 08:34 - 2020-02-21 12:11 - 000000000 ____D C:\Users\BT\AppData\Local\Packages
2022-10-07 08:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-07 08:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-07 08:31 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-10-07 08:31 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-07 08:31 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-10-07 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-07 08:31 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-10-07 08:15 - 2020-08-22 04:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-06 23:28 - 2021-04-24 09:21 - 000000000 ____D C:\Users\BT
2022-10-06 21:41 - 2021-02-14 08:55 - 000000000 ____D C:\Users\BT\Desktop\metroy
2022-10-06 19:33 - 2020-11-29 21:35 - 000000000 ____D C:\Users\BT\Desktop\Old game
2022-10-06 17:02 - 2020-03-26 08:16 - 000000000 ____D C:\Users\BT\AppData\Local\ElevatedDiagnostics
2022-10-05 12:06 - 2022-06-01 16:06 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2022-10-05 12:06 - 2020-12-14 16:22 - 000000000 ____D C:\Users\BT\AppData\Roaming\Proton Technologies AG
2022-10-02 19:12 - 2021-04-25 02:07 - 000000000 ____D C:\Users\BT\AppData\Local\D3DSCache
2022-10-01 02:26 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-01 01:24 - 2020-02-21 12:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-01 01:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\catroot2.old
2022-10-01 00:13 - 2020-02-21 12:25 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-30 23:05 - 2020-02-21 12:00 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old
2022-09-30 22:17 - 2022-01-05 21:17 - 000000000 ____D C:\Users\BT\AppData\Local\WeMod
2022-09-30 22:17 - 2021-02-06 01:51 - 000000000 ____D C:\Users\BT\AppData\Roaming\WeMod
2022-09-30 22:17 - 2021-02-06 01:51 - 000000000 ____D C:\Users\BT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2022-09-29 20:31 - 2021-10-25 19:20 - 000001463 _____ C:\Users\BT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2022-09-29 20:31 - 2021-10-25 19:20 - 000001455 _____ C:\Users\BT\Desktop\NVIDIA GeForce NOW.lnk
2022-09-29 20:31 - 2020-03-05 08:46 - 000000000 ____D C:\Users\BT\AppData\Local\NVIDIA Corporation
2022-09-26 23:00 - 2022-05-14 18:36 - 000007596 _____ C:\Users\BT\AppData\Local\Resmon.ResmonCfg
2022-09-26 18:54 - 2022-08-10 19:18 - 000000000 ____D C:\Users\BT\AppData\Local\Boosteroid Games S.R.L
2022-09-20 19:16 - 2020-02-26 21:47 - 000000000 ____D C:\Users\BT\AppData\Local\NVIDIA
2022-09-20 19:16 - 2020-02-21 12:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-09-20 19:01 - 2021-12-11 20:24 - 000003126 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1186171619-893856383-1054623740-1001
2022-09-20 19:01 - 2021-04-24 09:26 - 000002776 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-09-20 11:41 - 2022-08-10 19:17 - 000001387 _____ C:\Users\BT\Desktop\Boosteroid.lnk
2022-09-20 11:35 - 2020-06-01 10:34 - 000000000 ____D C:\Users\BT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-09-20 11:35 - 2020-06-01 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-09-20 11:35 - 2020-06-01 10:34 - 000000000 ____D C:\Program Files\WinRAR
2022-09-20 11:35 - 2020-02-28 23:56 - 000000000 ____D C:\Users\BT\AppData\Local\LogMeIn Hamachi
2022-09-20 11:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-09-20 11:30 - 2021-11-08 20:58 - 000000000 ____D C:\WINDOWS\Minidump
2022-09-20 11:29 - 2020-02-21 12:13 - 000000000 ___RD C:\Users\BT\OneDrive
2022-09-15 20:46 - 2021-09-09 18:41 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-09-15 13:01 - 2020-05-17 04:30 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-08 20:20 - 2022-06-01 16:06 - 000000000 ____D C:\Users\BT\AppData\Local\ProtonVPN

==================== Files in the root of some directories ========

2021-09-05 21:36 - 2021-09-11 21:11 - 000012288 _____ () C:\Users\BT\AppData\Roaming\emp.bin
2021-02-01 20:19 - 2021-02-01 20:19 - 000016438 _____ () C:\Users\BT\AppData\Local\partner.bmp
2022-05-14 18:36 - 2022-09-26 23:00 - 000007596 _____ () C:\Users\BT\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-10-2022
Ran by BT (07-10-2022 12:52:28)
Running from C:\Users\BT\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2075 (X64) (2021-04-24 07:26:59)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1186171619-893856383-1054623740-500 - Administrator - Disabled)
BT (S-1-5-21-1186171619-893856383-1054623740-1001 - Administrator - Enabled) => C:\Users\BT
DefaultAccount (S-1-5-21-1186171619-893856383-1054623740-503 - Limited - Disabled)
Guest (S-1-5-21-1186171619-893856383-1054623740-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1186171619-893856383-1054623740-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942 WWII Anthology HD (HKLM-x32\...\{41AA2A65-DC47-4A15-9EBB-7D2B1FB1A51E}_is1) (Version: 1.61 - Electronic Arts)
Boosteroid (HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\{abc11005-715e-49eb-80fd-590be7a5d4b2}) (Version: 1.4.16 - Boosteroid Games S.R.L.)
Carmageddon TDR2000 (HKLM-x32\...\{204752E6-4202-11D4-8586-0050DA635DCF}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 6.04 - Piriform)
Core Epic (HKLM\...\{B51E6DE5-9A25-47E6-9806-24B4C62D42A6}) (Version: 1.3.1.0 - Manticore Games)
Core Epic Installer (HKLM-x32\...\{531451dd-91d4-4b27-a171-1b9c7f325969}) (Version: 1.3.0.0 - Manticore Games) Hidden
CPUID HWMonitor 1.46 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.46 - CPUID, Inc.)
CrystalDiskMark 7.0.0h (HKLM\...\CrystalDiskMark7_is1) (Version: 7.0.0h - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
FIFA 20 (HKLM-x32\...\FIFA 20) (Version: - )
Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.14.2.3973 - Softdeluxe)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.103 - Google LLC)
Great Discover (HKLM\...\Great Discover) (Version: 1.4.1.6 - Devine Software Oy) <==== ATTENTION
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.14.210 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.14.210 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.37 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.176.0821.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
MiniTool Power Data Recovery 10.2 (HKLM\...\{E1BCD081-4BF4-4E2F-832A-911EC42EF3C5}_is1) (Version: 10.2 - MiniTool Software Limited)
Mortal Kombat 11 (HKLM-x32\...\Mortal Kombat 11_is1) (Version: - )
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 90.0.1 (x64 cs)) (Version: 90.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1 - Mozilla)
MPC-HC 1.9.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.7 - MPC-HC Team)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA GeForce NOW 2.0.44.105 (HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.44.105 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1703 - Microsoft Corporation)
ProtonVPN (HKLM-x32\...\{3470FC7E-BD2A-43FB-9E14-9CBC58C7F6F7}) (Version: 2.1.1 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 2.1.1) (Version: 2.1.1 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{87BDF456-9882-44E6-8FFC-F73B83E42EAD}) (Version: 1.1.4 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{B1EBF050-CC3E-45B0-9DE5-339C6241F3DA}) (Version: 0.13.1 - Proton Technologies AG)
ProudBrowser (HKLM-x32\...\ProudBrowser_is1) (Version: 1.0.1.0 - Ramadutha Software Services)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Puran File Recovery 1.1 (HKLM\...\Puran File Recovery_is1) (Version: - Puran Software)
qBittorrent 4.3.8 (HKLM-x32\...\qBittorrent) (Version: 4.3.8 - The qBittorrent project)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.64.990 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StopUpdates10 verze 3.7.2022.712 (HKLM-x32\...\{C186B659-50F8-4F40-9822-2B1163AAAEF2}_is1) (Version: 3.7.2022.712 - Greatis Software)
Trackmania (HKLM-x32\...\Uplay Install 5595) (Version: - Ubisoft)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 125.1.10585 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{1729B0A9-0490-418B-A565-89B4D5BC8F2D}) (Version: 1.2.0.0 - Epic Games, Inc.) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
WireGuard (HKLM\...\{B39961A6-C5DF-4A48-AC4A-0A1E02EB4B03}) (Version: 0.3.4 - WireGuard LLC)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.6.36.0_x86__kgqvnymyfvs32 [2021-07-09] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.61.6.0_x86__kgqvnymyfvs32 [2021-07-20] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0 [2021-07-25] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1186171619-893856383-1054623740-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> ProtonVPN)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.176.0821.0003\FileSyncShell64.dll [2022-09-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2022-07-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\BT\Desktop\Old game\S E G A\Ярлык для Aero_Blasters.lnk -> D:\games\S E G A\Aero_Blasters.zip (No File) <==== Cyrillic
Shortcut: C:\Users\BT\Desktop\Old game\S E G A\emulator\Ярлык для emulator.lnk -> D:\games\Новая папка\S E G A\emulator (No File) <==== Cyrillic
Shortcut: C:\Users\BT\Desktop\Old game\S E G A\emulator\Ярлык для Flashback - The Quest for Identity _000.lnk -> \\Student3\d\games\S E G A\emulator\Flashback - The Quest for Identity _000.bmp <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2022-10-01 20:08 - 000000746 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\WireGuard\
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BT\Pictures\Saved Pictures\60463775_362541661061650_3418588453430886400_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\StartupApproved\Run: => "ProtonVPN"
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C1D27B2CBE2B23A65DED98D2912EC885"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{AAAC1E90-EEE9-451B-AF38-46C5ADAA7BEB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{C4051807-2749-42B2-AA95-14EC6092EFF0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{342B9BBC-176D-4AE6-9605-10D7C7F7F7EC}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{0E6E9155-32A4-4962-AC5F-5ADC3F355D82}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{F97BF28A-F077-4ECB-94E0-46318929BFEC}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{56AFE0EE-F22F-4B19-B57A-2C50B1BA77EB}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FF0ED18A-67E1-46C6-AEB6-BA0894320CC2}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{965B3528-5308-4189-9A9E-9CABAA44978E}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{A542246A-AEBD-4567-B177-3816D2D1B43E}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F5722E27-F598-454B-A258-45F2259950BC}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{526D9DED-2601-4B2C-93A6-C1320AE55B9F}] => (Block) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{4D8BC05E-BB6F-421B-BD9B-6F12B84D0A7A}] => (Block) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{5DCFBDD5-1678-4AC8-BDB5-FEFAC9834259}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{1AFEA6CE-E853-4A5B-B37F-ABFF564CD248}C:\users\bt\desktop\old game\blobby\volley.exe] => (Block) C:\users\bt\desktop\old game\blobby\volley.exe () [File not signed]
FirewallRules: [UDP Query User{FFE30E75-EFFA-4F61-9255-48ABAEFB8CC0}C:\users\bt\desktop\old game\blobby\volley.exe] => (Block) C:\users\bt\desktop\old game\blobby\volley.exe () [File not signed]
FirewallRules: [{D805FEBD-068A-41C3-86A2-72FBD38F89B4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

20-09-2022 19:20:30 Piriform Driver Updater - Update 11.7.0.1045
30-09-2022 11:56:42 Naplánovaný kontrolní bod
30-09-2022 22:17:43 Removed Radmin VPN 1.1.8
30-09-2022 22:18:03 Removed Radmin Viewer 3.5.2.
05-10-2022 12:05:40 Installed ProtonVPN
07-10-2022 08:11:25 Instalační služba modulů systému Windows
07-10-2022 08:12:33 Instalační služba modulů systému Windows
07-10-2022 08:17:29 Instalační služba modulů systému Windows
07-10-2022 08:18:57 Instalační služba modulů systému Windows
07-10-2022 08:37:03 Instalační služba modulů systému Windows
07-10-2022 08:37:28 Instalační služba modulů systému Windows
07-10-2022 08:47:54 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/07/2022 12:36:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DTShellHlp.exe, verze: 10.12.0.1152, časové razítko: 0x5e451d9d
Název chybujícího modulu: DTShellHlp.exe, verze: 10.12.0.1152, časové razítko: 0x5e451d9d
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000020d6fd
ID chybujícího procesu: 0x24f0
Čas spuštění chybující aplikace: 0x01d8da33880a3ff2
Cesta k chybující aplikaci: C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
Cesta k chybujícímu modulu: C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
ID zprávy: b5e27b6c-5c67-45aa-8452-697a3864e933
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/07/2022 08:58:16 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe, identifikátor PID: 3232, identifikátor PID ProfSvc: 1620.

Error: (10/07/2022 08:34:06 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 5492, identifikátor PID ProfSvc: 1560.

Error: (10/07/2022 08:34:06 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe, identifikátor PID: 3168, identifikátor PID ProfSvc: 1560.

Error: (10/06/2022 07:52:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Great Discover App.exe verze 1.4.1.6 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1c7c

Čas spuštění: 01d8d9aa02592413

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\Devine Software Oy\Great Discover\Great Discover App.exe

ID hlášení: 77c52f10-84d0-4337-a51b-24890f5d664c

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (10/06/2022 07:34:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/06/2022 07:34:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/06/2022 07:33:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: volley.exe, verze: 1.8.0.48, časové razítko: 0x2a425e19
Název chybujícího modulu: DPlayX.dll_unloaded, verze: 10.0.19041.1, časové razítko: 0xb938350d
Kód výjimky: 0xc0000005
Posun chyby: 0x000193f0
ID chybujícího procesu: 0x10f8
Čas spuštění chybující aplikace: 0x01d8d9a9c2bbd06c
Cesta k chybující aplikaci: C:\Users\BT\Desktop\Old game\blobby\volley.exe
Cesta k chybujícímu modulu: DPlayX.dll
ID zprávy: 39f90e0e-e0c0-4d04-8aa9-365cb14c0e19
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (10/07/2022 12:34:41 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-I9MQLIO)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/07/2022 12:10:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Great Discover byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (10/07/2022 08:58:01 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila chybu (5) při povolení vydavatele {a70ff94f-570b-4979-ba5c-e59c9feab61b} pro kanál Microsoft-Windows-WinINet/Operational. Tato chyba neovlivní funkci kanálu, ale ovlivní možnost vydavatele odesílat události do tohoto kanálu. Jednou z běžných příčin této chyby je, že zprostředkovatel používá zabezpečení zprostředkovatele ETW a neudělil oprávnění k povolení pro identitu služby Event Log.

Error: (10/07/2022 07:55:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba StopUpdates10 Guard byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/06/2022 11:22:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:20:12, ‎06.‎10.‎2022) bylo neočekávané.

Error: (10/06/2022 09:37:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Great Discover byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (10/06/2022 09:36:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ProudBrowser byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (10/06/2022 09:36:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ProudBrowser byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Windows Defender:
================
Date: 2022-10-01 01:26:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableIOAVProtection
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-I9MQLIO\BT
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.375.1282.0, AS: 1.375.1282.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.19600.3, NIS: 0.0.0.0

Date: 2022-10-01 01:23:33
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E160AF79-BEB0-40DB-8C77-0D023166C2A1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-I9MQLIO\BT

Date: 2022-02-19 17:50:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.359.501.0, AS: 1.359.501.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18900.3, NIS: 0.0.0.0

Date: 2022-02-19 12:17:46
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.359.487.0, AS: 1.359.487.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18900.3, NIS: 0.0.0.0

Date: 2022-02-17 21:50:16
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.359.387.0, AS: 1.359.387.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18900.3, NIS: 0.0.0.0

CodeIntegrity:
===============
Date: 2022-10-01 21:03:45
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2022-10-01 20:34:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V2.10 02/17/2016
Motherboard: MSI Z97-GD65 GAMING (MS-7845)
Processor: Intel(R) Core(TM) i3-4330 CPU @ 3.50GHz
Percentage of memory in use: 48%
Total physical RAM: 8140.79 MB
Available physical RAM: 4193.82 MB
Total Virtual: 12236.79 MB
Available Virtual: 7318.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.29 GB) (Free:7.7 GB) (Model: INTEL SSDSA2BW160G3) NTFS
Drive d: (DATA) (Fixed) (Total:149.05 GB) (Free:10.08 GB) (Model: WDC WD1600JS-55MHB0) NTFS

\\?\Volume{b523c84f-9388-4b6c-903d-20c49750c1b6}\ () (Fixed) (Total:0.53 GB) (Free:0.1 GB) NTFS
\\?\Volume{6558e450-0b03-4bb8-a7c8-70c5540e7e61}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: AFB55ABB)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 5002BAC3)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#6 Příspěvek od **JaRon** » 07 říj 2022 12:13

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
CloseProcesses:
(services.exe ->) (Devine Software Oy -> Devine Software Oy) C:\Program Files\Devine Software Oy\Great Discover\Great Discover.exe

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Policies\system: []
HKU\S-1-5-20\...\Policies\system: [] 
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Policies\system: []
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-18\...\Policies\system: [] 
Task: {7AE185AF-5996-4B9E-BBCE-73F0B70C4B87} - System32\Tasks\FreeDownloadManagerHelperService => F:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (No File)
R2 Great Discover; C:\Program Files\Devine Software Oy\Great Discover\Great Discover.exe [2809856 2021-07-01] (Devine Software Oy -> Devine Software Oy) <==== ATTENTION
S3 SU10Guard; C:\Windows\L1HGDU145E\SU10Guard.exe [X]
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 Denuvo Kuser Data Driver 1.0.0.7; \??\F:\Users\BT\Downloads\TEKKEN7ALLDLCs\TEKKEN 7 + ALL DLC's\TEKKEN 7\TekkenGame\Binaries\Win64\Denuvo64.sys [X]
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
Great Discover (HKLM\...\Great Discover) (Version: 1.4.1.6 - Devine Software Oy) <==== ATTENTION
ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File

Shortcut: C:\Users\BT\Desktop\Old game\S E G A\Ярлык для Aero_Blasters.lnk -> D:\games\S E G A\Aero_Blasters.zip (No File) <==== Cyrillic
Shortcut: C:\Users\BT\Desktop\Old game\S E G A\emulator\Ярлык для emulator.lnk -> D:\games\Новая папка\S E G A\emulator (No File) <==== Cyrillic



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

KOKOS1 · #7 Příspěvek od **KOKOS1** » 07 říj 2022 12:20

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-10-2022 01
Ran by BT (07-10-2022 13:17:14) Run:1
Running from C:\Users\BT\Desktop
Loaded Profiles: BT
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
(services.exe ->) (Devine Software Oy -> Devine Software Oy) C:\Program Files\Devine Software Oy\Great Discover\Great Discover.exe

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Policies\system: []
HKU\S-1-5-20\...\Policies\system: []
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Policies\system: []
HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-18\...\Policies\system: []
Task: {7AE185AF-5996-4B9E-BBCE-73F0B70C4B87} - System32\Tasks\FreeDownloadManagerHelperService => F:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (No File)
R2 Great Discover; C:\Program Files\Devine Software Oy\Great Discover\Great Discover.exe [2809856 2021-07-01] (Devine Software Oy -> Devine Software Oy) <==== ATTENTION
S3 SU10Guard; C:\Windows\L1HGDU145E\SU10Guard.exe [X]
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 Denuvo Kuser Data Driver 1.0.0.7; \??\F:\Users\BT\Downloads\TEKKEN7ALLDLCs\TEKKEN 7 + ALL DLC's\TEKKEN 7\TekkenGame\Binaries\Win64\Denuvo64.sys [X]
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
Great Discover (HKLM\...\Great Discover) (Version: 1.4.1.6 - Devine Software Oy) <==== ATTENTION
ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File

Shortcut: C:\Users\BT\Desktop\Old game\S E G A\Ярлык для Aero_Blasters.lnk -> D:\games\S E G A\Aero_Blasters.zip (No File) <==== Cyrillic
Shortcut: C:\Users\BT\Desktop\Old game\S E G A\emulator\Ярлык для emulator.lnk -> D:\games\Новая папка\S E G A\emulator (No File) <==== Cyrillic

EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
[3624] C:\Program Files\Devine Software Oy\Great Discover\Great Discover.exe => process closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-19\...\Policies\system: []" => not found
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-20\...\Policies\system: []" => not found
"HKU\S-1-5-21-1186171619-893856383-1054623740-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-21-1186171619-893856383-1054623740-1001\...\Policies\system: []" => not found
"HKU\S-1-5-21-1186171619-893856383-1054623740-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSecurityTab" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-18\...\Policies\system: []" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7AE185AF-5996-4B9E-BBCE-73F0B70C4B87}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AE185AF-5996-4B9E-BBCE-73F0B70C4B87}" => removed successfully
C:\WINDOWS\System32\Tasks\FreeDownloadManagerHelperService => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeDownloadManagerHelperService" => removed successfully
HKLM\System\CurrentControlSet\Services\Great Discover => removed successfully
Great Discover => service removed successfully
HKLM\System\CurrentControlSet\Services\SU10Guard => removed successfully
SU10Guard => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz154 => removed successfully
cpuz154 => service removed successfully
HKLM\System\CurrentControlSet\Services\Denuvo Kuser Data Driver 1.0.0.7 => removed successfully
Denuvo Kuser Data Driver 1.0.0.7 => service removed successfully
"AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}" => removed successfully
Great Discover (HKLM\...\Great Discover) (Version: 1.4.1.6 - Devine Software Oy) <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\cm_64bit => removed successfully
HKLM\Software\Classes\CLSID\{69E19770-EA24-49e2-B997-405EDBEF4C05} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\cm_64bit => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\cm_64bit => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
C:\Users\BT\Desktop\Old game\S E G A\Ярлык для Aero_Blasters.lnk => moved successfully
C:\Users\BT\Desktop\Old game\S E G A\emulator\Ярлык для emulator.lnk => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5351708 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc *.cache => 141849766 B
Windows/system/drivers => 2881724 B
Edge => 39962 B
Chrome => 9666755 B
Firefox => 17115514 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 659568872 B
systemprofile32 => 776005564 B
LocalService => 776005564 B
NetworkService => 785155148 B
BT => 801150544 B

RecycleBin => 258727957 B
EmptyTemp: => 3.9 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 13:17:28 ====

#8 Příspěvek od **JaRon** » 07 říj 2022 12:24

skus po restarte ZMAZAT jeho adresar C:\Program Files\Devine Software Oy

KOKOS1 · #9 Příspěvek od **KOKOS1** » 07 říj 2022 12:26

Úspěšně smazáno už není ani v správci úloh

při tom fixu se vypl Windows defender. Mam ho nastartovat opět?

#10 Příspěvek od **JaRon** » 07 říj 2022 12:28

teraz pouzi CCleaner a vycisti nim registre
potom mozes robit co chces

KOKOS1 · #11 Příspěvek od **KOKOS1** » 07 říj 2022 12:29

Ok tak dekuji moc za pomoc.

#12 Příspěvek od **JaRon** » 07 říj 2022 12:30

rado sa stalo

po dlhsej dobe oriesok"

KOKOS1 · #13 Příspěvek od **KOKOS1** » 07 říj 2022 12:31

Tento nejde opravit akorat jinak vse ok

Problém ActiveX/COM LocalServer32\C:\Windows\SysWOW64\Speech_OneCore\Common\SpeechRuntime.exe -ToastNotifier HKCR\CLSID\{265b1075-d22b-41eb-bc97-87568f3e6dab}

#14 Příspěvek od **JaRon** » 07 říj 2022 13:13

to je drobnost - to neries

VIRY.CZ

Problem z Windows Update

Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update

Re: Problem z Windows Update